afterpay.js utilizes the HTML
This bidirectional communication allows a merchant to dynamically update shipping options and transaction information based on a chosen shipping address.
afterpay.js hides this complexity and ensures a secure environment by restricting the use of
- Afterpay’s checkout window only receives messages from the merchant window, and vice versa
- Correctly handles multiple concurrent, and possibly out-of-order requests
- Message data is validated and sanitized
postMessage() in this way is considered very secure. For more information please refer to the specification.