WebMessaging is broken

I have been working on a rather cool project recently that initially used a lot of WebMessaging (postMessage etc) to talk between all the components. However, even though these API's look simple and easy to grok there are some bizaare limitations and usage of them is frustrating to say the least.

Ignoring the fact that Chrome passes structured clones, and Firefox passes strings, that is a simple difference to resolve. It is not even the fact that WebKit supports MessageChannels and Entangled Ports and no one else seems too. These we can work around in sane ways.

The normal developers flow is as follows: open a window/iframe, get a reference to that window, send it a message, have the frame or window handle the message.

Client App:

var w = window.open("test.html");
w.postMessage({ data: "some more data"}, "*");

Service App: test.html

window.addEventListener("message", function(e) {
  // Do something with the data
}, false);

This would be pretty simple and intuitive, something that nearly every developer would be able to pick up in an instant. But this isn't the case, if you want to send a window a message you have to wait for it to load – which might be a logical assumption, but given that if the page you are opening is outside the origin of the opener, you can't easily tell when it loads. So the current solution is on the host page to postMessage back to the window.opener, and for the opener to handle the message.

Client App:

var w = window.open("test.html");
window.addEventListener("message", function(e) {
    if(e.data.state && e.data.state != "ready") return; // do nothing.
    // Send data
    e.source.postMessage({ data: "some more data"}, e.origin);
}, false);

Service App: test.html

window.addEventListener("load", function(e) {
    // tell the opener that it is ready to receive messages
    e.source.postMessage({ state: "ready" }, e.origin);
}, false);

window.addEventListener("message", function(e) { // Process data from opening window. }, false);

This is bonkers! Developers just want it to work.

There is a hack that allows you pass data to a window so that it is available to the window as soon as the script starts executing. It is probably not safe nor is it likely to be secure. When you open a window, you can pass it data immediately using the name parameter on window.open()

window.open("test.html", "{ data: 'ABC123' }");

And then on the opening page, you can read it back.

var data = JSON.parse(window.name);

There are problems here though:

This is a quick hack, that allows the opened window to read the data that was passed to it as soon as it opened.

What are your thoughts? Have you come across these limitations? Have you solved them in any other interesting ways?

I lead the Chrome Developer Relations team at Google.

We want people to have the best experience possible on the web without having to install a native app or produce content in a walled garden.

Our team tries to make it easier for developers to build on the web by supporting every Chrome release, creating great content to support developers on web.dev, contributing to MDN, helping to improve browser compatibility, and some of the best developer tools like Lighthouse, Workbox, Squoosh to name just a few.

I love to learn about what you are building, and how I can help with Chrome or Web development in general, so if you want to chat with me directly, please feel free to book a consultation.

I'm trialing a newsletter, you can subscribe below (thank you!)