The xssinterface javascript library enables communication of multiple pages (or pages and iframes) via javascript functions across domain boundaries. This may be useful for websites that want to expose a limited javascript interface to embedded widgets.

xssinterface is not a library to perform XSS attacks. To the contrary, it enables javascript messaging between pages from different origins using explicit white-list authorization to prevent XSS security holes.

xssinterface works in all browsers that support the postMessage() interface and implements a fallback mechanism that works in most current browsers.

• Demo-Application
• Documentation
• Security
• BrowserIssues
• WorkaroundIdeas
• AutomatedTests

PS: If you want a commit bit, feel free to ask :)