Nerd-puzzle: how might I allow sibling same-origin iframes to communicate, given…
- parent is cross-origin
- can’t execute JS on parent
- no sessionStorage, localStorage, cookies, or IDB access
- with enough security to share auth tokens?
Conversation
Would BroadcastChannel work?
1
1
5
Replying to
Brilliant! Just tested. It works for all security settings in Chrome, and for “strict” settings in Firefox (but not “block *all* cookies”, for whatever reason). Outstanding, Kevin!!!
Aye of course later I realize you already mention that in your other thread.