PayPal Open Sources JavaScript Suite
Written by Kay Ewbank   
Tuesday, 17 October 2017

The strength of PayPal's cross-domain JavaScript suite is that as the code has to run on a wide variety of third-party websites and other domains without causing problems, it is designed to avoid pitfalls.PayPal has just open sourced the whole suite.

You need to keep in mind that the key quality of these libraries is that they have been written so as not to break other web sites and to not be broken by them in turn. It is all about defensive JavaScript.

A detailed and interesting write-up of the various tools in the suite has been posted on Medium, but here's a brief outline of the tools the suite provides:

Grumbler is a template for writing distributable front-end JavaScript modules. It is described as combining some of the best build tools out there, allowing you to just write code and forget about the details of building and distributing.

Post-robot provides a consistent, reliable way to send messages and receive responses using a simple listener/client pattern.

Xcomponent can be used to render an iframe without setting up a single message listener — you just pass data and functions down directly into the iframe.

Cross-domain-utils creates a library of utility methods for dealing with common use-cases, making it easier to work with cross-domain windows.

Coss-domain-safe-weakmap lets you store data on windows. It works reliably and consistently with cross-domain windows as keys, using the native WeakMap implementation if it’s available.

Zalgo-promise forces all promises into synchronous mode by default so they will work across browsers.

Beaver-logger solves the problem of not knowing if your code is triggering any error cases in the wild, and breaking anyone’s site. It batches together your logs, and flushes them to your server periodically.

Fetch-robot Does a proxy fetch through an iframe. It's a new, experimental module that lets you publish a manifest in one place, defining which urls can be called, by whom, and with which headers and other fields. It avoids the need to configure all the endpoints on your server to return the correct headers for CORS.


More Information

Related Articles

Google Wallet - developer unfriendly


To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on Twitter, Facebook or Linkedin.



Java 17 Release Promises Faster Performance

Java Development Kit 17 and Java 17 are now generally available. JDK 17 was announced by the Open JDK group and Oracle released the new version under a commercial license for those using the Oracle JD [ ... ]

Jupyter Project Celebrates 20 Year Anniversary

Project Jupyter is 20 years old. The project was created with the goal of  develop open-source software, open-standards, and services for interactive computing.

More News






or email your comment to:

Last Updated ( Tuesday, 17 October 2017 )