vlookup跨文档_探索跨文档交流

vlookup跨文档

One of the new features that HTML5 offers web developers is a way to send information between documents on different sites via Javascript. Currently for security and privacy reasons, browsers prevent cross site scripting but with HTML5’s Cross Document Messaging, the intention is to allow documents to communicate with each other without sacrificing security.

HTML5为Web开发人员提供的新功能之一是一种通过Javascript在不同站点上的文档之间发送信息的方法。 当前，出于安全和隐私方面的原因，浏览器阻止跨站点脚本编写，但是使用HTML5的跨文档消息传递，其目的是允许文档彼此通信而不牺牲安全性。

To experiment with these methods and events, you’ll need to be running either IE8, Firefox 3 or the WebKit Nightlies. Opera 9+ provides support as well, but they use an older version of the spec which required the postMessage method to be called from the document object instead of the window object.

要试验这些方法和事件，您需要运行IE8，Firefox 3或WebKit Nightlies。 Opera 9+也提供了支持，但是他们使用了规范的旧版本，该规范要求从文档对象而不是窗口对象中调用postMessage方法。

There are two key steps involved with HTML5 Cross Document Messaging. The first is posting the message. You do this by calling the window’s postMessage() function. The postMessage function takes two arguments: the message to be sent, and the target origin.

HTML5跨文档消息传递涉及两个关键步骤。 首先是发布消息。 您可以通过调用窗口的postMessage()函数来完成此操作。 postMessage函数采用两个参数：要发送的消息和目标来源。

Then, to receive the message in the other window, you need to watch for the window’s message event using window.addEventListener or something similar. To help show how this works, I’ve set up an example for you to see here. In my example, both the sending window and the receiving window are located within the same domain (timkadlec.com), but as long as you have a reference to a window, you can communicate cross domain the same way.

然后，要在另一个窗口中接收消息，您需要使用window.addEventListener或类似方法监视该窗口的消息事件。 为了帮助说明它是如何工作的，我为您设置了一个示例供您在此处查看 。 在我的示例中，发送窗口和接收窗口都位于同一个域(timkadlec.com)中，但是只要您引用了一个窗口，就可以以相同的方式跨域通信。

遵守守则 (Walking the Code)

Take a look at the source code and you’ll see that I’m simply using one window (window A) to open the other (window B) so that I have a reference to it. Window B contains two buttons that when clicked, use the postMessage method to post a message back to window A, like so:

看一下源代码，您会看到我只是在使用一个窗口(窗口A)打开另一个窗口(窗口B)，以便我对其进行引用。 窗口B包含两个按钮，当单击它们时，使用postMessage方法将消息发布回窗口A，如下所示：

window.opener.postMessage('John Smith', 'http://www.timkadlec.com');

We use window.opener to get our reference to window a, and then call the postMessage function and send the message ‘John Smith’ back to it. We specify that the origin is timkadlec.com in the targetOrigin argument.

我们使用window.opener获取对窗口a的引用，然后调用postMessage函数并将消息“ John Smith”发送回给它。 我们在targetOrigin参数中指定源为timkadlec.com。

Now back in window A, we need to prepare to receive the message. To do so, we look for the message event.

现在回到窗口A，我们需要准备接收消息。 为此，我们寻找消息事件。

window.addEventListener('message', receiver, false);

As you can see above, I’m using addEventListener to listen for the message event, and once the event occurs, we call the receiver function.

正如您在上面看到的，我正在使用addEventListener来监听消息事件，一旦事件发生，我们将调用接收器函数。

function receiver(e){
    if (e.origin == 'http://www.timkadlec.com'){
        if (e.data == 'John Smith') {
            alert(e.data);
            e.source.postMessage('Valid User', e.origin);
        } else {
            alert(e.data);
            e.source.postMessage('FAIL', e.origin);
        }
    }
}

In the receiver function, we verify that the origin of the event is timkadlec.com (line 2). This is highly encouraged, as it ensures that we only receive messages from domains we are expecting to hear from. If you skipped this step, any domain could freely affect your page, and that could get a bit messy.

在接收器功能中，我们验证事件的起源是timkadlec.com(第2行)。 强烈建议这样做，因为这可以确保我们仅从期望收到的域中接收消息。 如果您跳过此步骤，则任何域都可以自由影响您的页面，并且可能会有些混乱。

Then, we use the event’s data property to retrieve the message that was sent. Based on the message received, we then use the source property of the event to obtain a reference to the window that sent the message. Then, again using the postMessage method (lines 5 and 8), we send a message back to window A.

然后，我们使用事件的data属性来检索已发送的消息。 然后，基于收到的消息，我们使用事件的source属性获取对发送消息的窗口的引用。 然后，再次使用postMessage方法(第5和8行)，将消息发送回窗口A。

This is a pretty straightforward example, and is really just meant to demonstrate how easy it is to post messages back and forth between documents. There’s another good example up that makes use of iframes if you want to see another example of cross document messaging.

这是一个非常简单的示例，实际上只是用来说明在文档之间来回传递消息有多么容易。 如果您想查看跨文档消息传递的另一个示例，那么还有一个很好的例子可以利用iframe 。

安全注意事项 (Some Security Considerations)

Hopefully you can see that cross document messaging is both simple, and potentially quite useful for things like widgets, or authentication. However, there are some security risks if you don’t take the time to double check a few things. First, like mentioned before, you should always double check the origin of the sent message. You don’t want to be just accepting messages from anyone…that’s kind of the reason cross-site scripting isn’t allowed in the first place.

希望您可以看到跨文档消息传递既简单，又可能对小部件或身份验证非常有用。 但是，如果您不花时间仔细检查一些事情，则存在一些安全风险。 首先，如前所述，您应始终仔细检查已发送消息的来源。 您不想只接受来自任何人的消息……这就是为什么首先不允许跨站点脚本的原因。

Secondly, it is possible to use the asterisk in the targetOrigin argument to allow your message to be posted to any domain. However, you should be sure to never use the asterisk symbol when sending confidential information. In those cases, you should be specifying the targetOrigin specifically so that you can guarantee that only the intended recipient gets the information.

其次，可以在targetOrigin参数中使用星号，以将您的消息发布到任何域。 但是，发送机密信息时，请务必不要使用星号。 在这种情况下，您应该专门指定targetOrigin，以便可以保证只有目标收件人才能获得该信息。

翻译自: https://timkadlec.com/2008/12/exploring-cross-document-communication/

vlookup跨文档