1. `postMessage` can be dangerous if you're not careful; the demo code in
this article didn't make that clear. This patch adds some comments to
ensure that the important points are clearly highlighted, and adjusts
the demo code itself to actually do rudimentary validation of sources
rather than blindly executing code in response to a message event.
2. Cleanup in the formatting of some code at the bottom of the article.
One space too many, ah well.