PayPal Open Sources JavaScript Suite
Written by Kay Ewbank   
Tuesday, 17 October 2017

The strength of PayPal's cross-domain JavaScript suite is that as the code has to run on a wide variety of third-party websites and other domains without causing problems, it is designed to avoid pitfalls.PayPal has just open sourced the whole suite.

You need to keep in mind that the key quality of these libraries is that they have been written so as not to break other web sites and to not be broken by them in turn. It is all about defensive JavaScript.

A detailed and interesting write-up of the various tools in the suite has been posted on Medium, but here's a brief outline of the tools the suite provides:

Grumbler is a template for writing distributable front-end JavaScript modules. It is described as combining some of the best build tools out there, allowing you to just write code and forget about the details of building and distributing.

Post-robot provides a consistent, reliable way to send messages and receive responses using a simple listener/client pattern.

Xcomponent can be used to render an iframe without setting up a single message listener — you just pass data and functions down directly into the iframe.

Cross-domain-utils creates a library of utility methods for dealing with common use-cases, making it easier to work with cross-domain windows.

Coss-domain-safe-weakmap lets you store data on windows. It works reliably and consistently with cross-domain windows as keys, using the native WeakMap implementation if it’s available.

Zalgo-promise forces all promises into synchronous mode by default so they will work across browsers.

Beaver-logger solves the problem of not knowing if your code is triggering any error cases in the wild, and breaking anyone’s site. It batches together your logs, and flushes them to your server periodically.

Fetch-robot Does a proxy fetch through an iframe. It's a new, experimental module that lets you publish a manifest in one place, defining which urls can be called, by whom, and with which headers and other fields. It avoids the need to configure all the endpoints on your server to return the correct headers for CORS.


More Information

Related Articles

Google Wallet - developer unfriendly


To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on, Twitter, FacebookGoogle+ or Linkedin.



Nematode Worm Parks A Car

OK, the headline is a bit over the top, but does the slightly more accurate - "12 neurons from a nematode worm parks a car" sound any less so? C. elegans is very definitely the pin-up worm of the AI c [ ... ]

JVM Ecosystem Report Reveals the State of Java

Java may not make headline news very often, but it is still the language that underpins most of today's commerce and more. The largest survey ever of Java developers, with data  from more than 10 [ ... ]

More News






or email your comment to:

Last Updated ( Tuesday, 17 October 2017 )