Please sign in to comment.
Sandboxing: Adding disclaimers about `postMessage` + cleanup.
1. `postMessage` can be dangerous if you're not careful; the demo code in this article didn't make that clear. This patch adds some comments to ensure that the important points are clearly highlighted, and adjusts the demo code itself to actually do rudimentary validation of sources rather than blindly executing code in response to a message event. 2. Cleanup in the formatting of some code at the bottom of the article. One space too many, ah well.
- Loading branch information...
Showing with 40 additions and 6 deletions.