Secure cross-domain web browser communications
First Claim
1. A computer-implemented method for conducting cross-domain communications, the computer-implemented method comprising:
- generating, via a computing device, a document within a first web browser window that is associated with a first domain, the document associated with a first entity and including functionality for performing a checkout transaction with the first entity, the document including a display element that is selectable by a user to initiate a payment process using an account with a second entity;
generating, via the computing device, an iframe that is a child of the first web browser window, wherein the iframe is associated with a second domain different from the first domain and the iframe is configured to relay a message between the first web browser window and a second web browser window via a function call that transfers the message between the first web browser window and the second web browser window;
generating, via the computing device, the second web browser window in response to user selection of the display element, the second web browser window being associated with the second domain and second entity, the second web browser window providing functionality for the user to use the account with the second entity to make a payment in support of the checkout transaction; and
relaying, via the computing device, the message from the second web browser window to the first web browser window via the iframe.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods, systems and computer program products are provided in which a first “sender” web browser window that is within a first domain can communicate with a second “target” web browser window that is within a second, different domain. Pursuant to these techniques, an iframe may be provided within the target web browser window that has a source address that is within the first domain. The content of the iframe may be a function that forwards a received message to the target web browser window. The target web browser window may receive a message in response to the sender web browser window invoking the function of the iframe.
-
Citations
27 Claims
-
1. A computer-implemented method for conducting cross-domain communications, the computer-implemented method comprising:
-
generating, via a computing device, a document within a first web browser window that is associated with a first domain, the document associated with a first entity and including functionality for performing a checkout transaction with the first entity, the document including a display element that is selectable by a user to initiate a payment process using an account with a second entity; generating, via the computing device, an iframe that is a child of the first web browser window, wherein the iframe is associated with a second domain different from the first domain and the iframe is configured to relay a message between the first web browser window and a second web browser window via a function call that transfers the message between the first web browser window and the second web browser window; generating, via the computing device, the second web browser window in response to user selection of the display element, the second web browser window being associated with the second domain and second entity, the second web browser window providing functionality for the user to use the account with the second entity to make a payment in support of the checkout transaction; and relaying, via the computing device, the message from the second web browser window to the first web browser window via the iframe. - View Dependent Claims (2, 3, 16, 17, 18, 19, 20)
-
-
4. A computer-implemented method for a first web browser window that is associated with a first domain to receive a message from a second web browser window that is associated with a second domain different from the first domain, the computer-implemented method comprising:
-
displaying a checkout in the first web browser window on a computing device, said checkout page associated with the first domain and providing functionality for making a purchase; concurrently with the display of the checkout page, providing, in the second web browser window on the computing device, an interface that includes functionality for a user to perform a payment transaction in support of the purchase using an account with a second entity, the interface associated with the second domain; creating, via the computing device, an iframe that is embedded in the first web browser window that has a source address that is associated with the second domain, wherein the iframe is configured to relay the message from the second web browser window to the first web browser window; invoking, via the computing device, a function of the iframe in response to a function call from the second web browser window to pass the message via a memory of the computing device from the second web browser window to the first web browser window; and receiving, via the computing device, the message from the second web browser window at the first web browser window in response to invocation of the function of the iframe, the message associated with the payment transaction. - View Dependent Claims (5, 6, 7, 8, 9, 10, 11, 21, 22, 23)
-
-
12. A computer program product for presenting via a presentation device a first web browser window that is associated with a first domain and presenting via the presentation device a second web browser window that is associated with a second domain that is different from the first domain such that the second web browser window can engage in cross-domain communications with the first web browser window, the computer program product comprising:
a non-transitory computer-readable medium having executable computer-readable program code therein, the computer-readable program code including; computer program code that, when executed by a computing device, is configured to generate the first web browser window, the first web browser window having an embedded iframe that is associated with the second domain, wherein content of the embedded iframe includes computer program code that, when executed by the computing device, is configured to forward a message to the first web browser window from the second web browser window, wherein the first web browser window displays a checkout page of a first entity and provides functionality for performing a checkout transaction, the checkout page associated with the first domain; computer program code that, when executed by the computing device, is configured to generate the second web browser window, wherein the second web browser window is a child window of the first web browser window, wherein the second web browser window displays an interface that includes functionality for a user to use an account with a second entity to make a payment in support of the checkout transaction, the interface associated with the second domain; and computer program code that, when executed by the computing device, is configured to invoke a function of the embedded iframe in order to forward the message from the second web browser window to the first web browser window via the embedded iframe. - View Dependent Claims (13, 14, 15, 24, 25, 26, 27)
Specification