Notice: If you haven’t yet updated to 2.4.19 – please do so now as previous releases contain known vulnerabilities.

easyXDM is a Javascript library that enables you as a developer to easily work around the limitation set in place by the Same Origin Policy, in turn making it easy to communicate and expose javascript API’s across domain boundaries.

If you want to see it in action, see this RPC demo!

Some of the goals for the project are that it should

  • be easy to use!!!
  • be self contained, no dependencies (now requires Flash) (not counting JSON)
  • be light weight
  • be flexible
  • have good code quality (uses jslint etc)
  • have good documentation
  • be the best xdm-library in existence

How easyXDM works

At the core easyXDM provides a transport stack capable of passing string based messages between two windows, a consumer (the main document) and a provider (a document included using an iframe). It does this by using one of several available techniques, always selecting the most efficient one for the current browser.
For all implementations the transport stack offers bi-directionality, reliability, queueing and sender-verification.

Using JavaScript only (no Flash, Silverlight, extra html files etc) easyXDM provides the following browsers with stacks with latency of less than 15ms:

  • IE6 and IE7 – using the NixTransport FlashTransport (Microsoft Security Bulletin MS11-018)
  • IE8+ – using the PostMessageTransport
  • Opera 9+ – using the PostMessageTransport (support for both Operas old standard and the HTML5 standard)
  • Firefox 1-2 – using the FrameElementTransport
  • Firefox 3+ – using the PostMessageTransport
  • Safari 4+ – using the PostMessageTransport
  • Chrome 2+ – using the PostMessageTransport

In browsers not mentioned here, and not supporting the postMessage API, the HashTransport will be used as a fallback.

See the readme at github for more information and easy to follow code samples.