Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
@ekolabs/iframily
Advanced tools
Iframily is a small javascript library that simplifies communication between frames.
This is how it works:
npm i @ekolabs/iframily --save
You can also add the library via script tag and use window.Iframily
, like so:
<script src="https://unpkg.com/@ekolabs/iframily"></script>
Iframily is a singleton and will allow you to initialize parent/child iframily instances.
Iframily.initParent(id, msgHandler, options) -> iframily instance
Iframily.initChild(id, msgHandler, options) -> iframily instance
Creates a parent/child iframily instance respectively (to be used in the parent/child frame) and returns it, if successful.
Param | Type | Description |
---|---|---|
id | string | A unique id to identify this iframily instance, this is used in order to match parent and child iframilies. Will abort and log an error if the id already exists in the current frame. |
msgHandler | function | Optional - A handler for incoming messages from the paired iframily in the parent/child frame. The msgHandler can return back a response value or a promise that will be resolved/rejected with a response value. |
options | object | Optional - Additional options, see possible options below: |
options.onPairedHandler | function | Optional - A handler that will be invoked upon pairing. |
options.onDisposedHandler | function | Optional - A handler that will be invoked when the instance is disposed. |
options.targetOrigin | URI | Optional - The URI to use as the target origin for the postMessage call. Use this if you are passing sensitive data, see link for more info. Default is '*'. |
Iframily.isIframilyMessage(event) -> boolean
If you manually listen to messages using the window "message" event you will also receive internal iframily messages. This method will return true
for this events so you can easily identify them.
window.addEventListener("message", receiveMessage);
function receiveMessage(event) {
// Ignore iframily messages.
if (Iframily.isIframilyMessage(event)) {
return;
}
// Handle other messages below:
// ...
}
The iframily instance is the object returned when initing a new iframily using the initParent()
or initChild()
methods.
f.sendMessage(msg) -> Promise
Param | Type | Description |
---|---|---|
msg | serializable | The message to be sent, can be any serializable (see structured clone algorithm). |
Returns a promise that will be resolved with the response value from the receiving iframily instance message handler. The promise will be rejected if the receiving iframily instance returned a rejected promise.
if the receiving iframily instance did not return an explicit response value in its message handler, the promise will be resolved with
undefined
.
f.dispose()
Dispose of the iframily instance, making it obsolete.
- You cannot reuse a disposed instance, you can however create a new instance with the same id.
- Any iframilies paired with this instance will still keep sending messages to the disposed instance but they will be ignored.
This method is useful when you have a parent frame which recreates the same child frame and you want to use the same id for the iframilies.
f.disposed -> boolean (read only)
Returns true
if this iframily instance has been disposed.
f.id -> string (read only)
Returns the id that this iframily was inited with.
// -------------------------
// In the parent frame.
// -------------------------
const Iframily = require('@ekolabs/iframily');
let msgHandler = function(msg) {
console.log('parent got message:', msg);
};
let iframilyParent = Iframily.initParent('myUniqueId', msgHandler);
iframilyParent.sendMessage('do something')
.then((response) => {
console.log('parent got response:', response);
});
iframilyParent.sendMessage('do something async')
.then((response) => {
console.log('parent got async response:', response);
});
// -------------------------
// In the child frame.
// -------------------------
const Iframily = require('@ekolabs/iframily');
let msgHandler = function(msg) {
console.log('child got message:', msg);
if (msg === 'do something') {
return 'OK! done!';
} else if (msg === 'do something async') {
return new Promise((resolve, reject) => {
resolve('OK! done async!');
});
}
};
let iframilyChild = Iframily.initChild('myUniqueId', msgHandler);
iframilyChild.sendMessage({ text: 'fancy' });
myUniqueId
in the example) should match between parent and child.npm run dev
- builds unuglified bundle and watches for changes.npm run playground
- launch a simple page with a parent and child frame iframilies to manually test out stuff.develop
branch.npm run test
- run tests.
npm run test-debug-mac
or npm run test-debug-win
for debugging the tests.Running tests require node >=10
and modifying your hosts file like so:
# iframily
127.0.0.1 sub1.domain1iframily.com
127.0.0.1 sub2.domain2iframily.com
When your done developing, make sure to run the production build via npm run build
so the correct bundle will be committed to the dist
folder.
FAQs
postMessage made simple & safe
The npm package @ekolabs/iframily receives a total of 204 weekly downloads. As such, @ekolabs/iframily popularity was classified as not popular.
We found that @ekolabs/iframily demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
Security News
A Stanford study reveals 9.5% of engineers contribute almost nothing, costing tech $90B annually, with remote work fueling the rise of "ghost engineers."
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.