Help, my email looks weird!

By Andrea Saez, on July 5, 2011 - 1 Comment
Tag(s):

If you’ve spent any amount of time designing and coding emails to be sent with CakeMail or another similar email system, you’ll know that email design can be a bit…..fickle. It will work in Gmail, but look strange in Hotmail. It will look great on your Android device, but wonky on your iPhone. Or vice versa, and so on and so on.

Getting emails to look the same *everywhere* is a challenging task, but you can do it! The following tools can lend you a hand as you make all those tiny last minute adjustments and get your campaigns out the door.

Litmus
This fantastic tool, available as an add-on in the CakeMail marketplace, allows you to preview your email across a wide range of popular email clients and mobile devices. Do they all look the same? Fantastic! You’re good to go.

It also provides spam testing services – a chance to see if your campaign will set off any red flags with ISPs or get caught in junk mailboxes or spam filters instead of getting delivered as intended. Litmus isn’t a free service, but it’s worth every penny.

Code like it’s ten years ago
Use tables for layout, rely on inline styles/CSS when you have to, and simplify, simplify, simplify.

Verify your styles
Our built in premailer tool checks your code and converts your CSS styles to inline styles in order to be more email-client-friendly, letting you skip the hard work poring over lines of code.

Know your limits
Every email client has its limits, and the Email Standards project helps you to keep track of them all. Refer to it if you want to be well-informed before you even start work on your campaign design.

How To Avoid Complaints

By Andrea Saez, on June 8, 2011 - Leave a comment
Tag(s):

Today’s Andrea Says is all about tactics to help you prevent the dreaded subscriber complaint for you next campaign. We’ve included some quick tips below, but feel free to get in touch with our support team to ask a question, or check out our guide to email deliverability if you’re looking for more details.

Recipients who flag your email as “Spam” or “Junk” have the greatest impact on your reputation as a sender. It is essential you avoid this at all costs by delivering great and relevant campaigns to recipients who want to (and have opted in) receive them.

To avoid complaints, you should:

  • Never use a purchased, harvested or “scraped” list of any kind
  • Make sure you have a direct relationship with every single address on your list
  • Start confirming new sign-ups (using a confirmed or double opt-in process)  if you’re not doing this already
  • Ask people if they want to be on your mailing list. DO NOT sign them up automatically
  • Make your sign-up process clear, explaining what someone is signing up for, when they will start receiving emails, and how often they can expect to hear from you
  • Use a consistent sender name and email address
  • Use a subject line that truthfully describes the content of your email
  • Honor all opt-out requests immediately
  • Abide by the rules of CAN-SPAM
  • Keep your list current and up to date
  • Don’t reactivate old addresses
  • Send emails on a regular basis

If you comply with all of these rules, you’re off to a great start. To make things even better you’ll want your list (and the messages you send to them) to be both segmented and your content to be well-targeted. Learn about list segmentation.

What’s a role account and why can’t I send to it?

By Andrea Saez, on May 30, 2011 - Leave a comment
Tag(s): , , , ,

What is a Role Account?

Role accounts (admin@, support@, sales@) are email addresses that are not associated with a particular person, but rather with a company, department, position or group. They are not generally intended for personal use, as they typically include a distribution list of recipients.

Why are role accounts an issue?

It is impossible to prove everyone who will receive emails at these addresses has given consent to receive them. This is especially important when it comes to sending commercial-based marketing communications because you can never control who or how many people will receive your message. This also raises the likelihood that somebody will mark your email as SPAM. These addresses are commonly included in many websites (like on a Contact Us page), which means they are more susceptible to being picked up by list harvesting software. Lists with a high percentage of role accounts are indicative of someone using a ‘scraped’ and/or purchased list. We’re able to monitor lists as they get uploaded to see how many of these role accounts are present and act accordingly before a campaign gets sent. This can help detect other potential problems with the list in question.

As if that’s not enough, Blacklist providers such as Spamhaus use role accounts like these as “honeypot” addresses in an attempt to trap spammers. They claim that any email sent to those addresses is spam by default because the address was obtained and used without permission.

What does CakeMail do about these types of emails?

We maintain a master suppression list for role-based addresses to help maintain a consistent, good sender reputation for our services and our clients. While the full list of prefixes we suppress is not publicly available, we update it frequently to ensure it is accurate and to maintain high levels of email delivery.

When clients send emails, and even when someone attempts to add a role-based email to a contact list, the email address is automatically suppressed and never sent to.

Whether someone complains to their ISP, you get blacklisted for sending to spam traps, or your list contains too many of these generic addresses in proportion to personal email accounts, these addresses are suppressed because they are almost never found on opt-in lists and sending to them can seriously hurt your delivery.

Suppression lists are a common feature amongst all email service providers – it’s how we maintain consistent (and great) delivery rates, and also how we help your reputation as an email sender be a positive one.

Top 10 things that hurt your email delivery (Part two!)

By Kevin Huxham, on April 21, 2011 - Leave a comment
Tag(s): ,
In the spirit of the Easter long weekend…and since many of you won’t read this until Tuesday morning,  here is the continuation of Monday’s entry about the Top 10 things that will hurt your email delivery. Enjoy! 

Content

The single most influential factor when it comes to people interacting with your emails is content. Studies have shown that open rates for targeted campaigns are typically twice that of a generic newsletter. Segment your list and send targeted content to your recipients on a regular basis to keep them engaged.

Content filters also play a huge role in email delivery. Signup to services like Litmus or setup seed accounts of your own. Whatever you do, test, test, and test. If you aren’t doing this simple task before sending your email off to your entire list, it’s like going to work with no pants on. Sure it’s easier, but it’s only a matter of time before you regret it. ☺ Here is an excellent example of what I’m talking about from the folks at MarketingSherpa.

Take away: Write engaging targeted emails to each person on your list. Making sure your content is clean and doesn’t upset any spam filters should be part of every email you create.

Reputation

Getting your email marketing messages to your audience relies heavily on your reputation. Your delivery is determined by the reputation you have acquired by the practices you adhere to as a sender. You have to earn a positive online reputation, but once you do it will make the difference between your email getting delivered to the Inbox, Junk folder, or not showing up at all.

Take away: A good reputation is key to everything, if you don’t start caring about it, nobody else will.

Authentication

Almost all ISPs these days (even the small ones) are looking at some form of authentication to filter spam. Even the SMB crowd looks at authentication (however indirectly) by incorporating outside filtering services such as Postini, McAfee, Brightmail, Spam Assassin, etc.. to their anti-spam filtering solution. Allowing Cakemail to send on your domains behalf will go a long way to ensure your email gets delivered.

Take away: If you’re not who you say you are, your email has a little chance of making it to its destination.

Blacklistings

Blacklists are used by receiving networks to judge a given IP and/or domain’s reputation. Blacklistings are the result of sending Unsolicited Bulk Email (UBE) to addresses that never asked for it. There are many different blacklist providers out there and some carry more weight in the community than others, so it’s very important you keep your lists as clean as possible.

Take away: If you have a history of being labelled a spammer, there’s a fat chance anyone is going to let you send them anything.

Compliance

There are many aspects when it comes to Email compliance, but for this list I am referring only to the one that will keep you out of jail. Sending commercial-based email has certain laws and breaking those laws is a criminal offence. It doesn’t matter what country you are in, it matters what country you are sending - To. The following are links to several anti-spam policies available online.

United States: The CAN-SPAM Act: Requirements for Commercial Emailers

Canada: Fighting Internet & Wireless Spam Act (Bill C-28)

Europe: Privacy & Electronic Communications Directive (2002/58/EC)

Australia: 2003 Spam Act

For email legislation in other countries, please consult Wikipedia.

Take away: Even Email has laws, if you choose to ignore them you not only stand a good chance of getting fined, you won’t make a very good impression with ME either.

Top 10 Things That Hurt Your Email Delivery

By Kevin Huxham, on April 18, 2011 - 1 Comment
Tag(s): , ,

Technology

Emails are sent using an MTA (Mail Transfer Agent), which is essentially a piece of software that connects one computer to another to send email. In order for everybody to understand each other, a standard was established called RFC (Request For Comments) and every email in the world must be RFC-Compliant in order for the message to be delivered successfully. It doesn’t matter if the message is in English, French or Chinese, a successful transfer must include the following:

HELO/EHLO (introduction)
MAIL FROM:
RCPT TO:
DATA (body of the message)
QUIT (end of the message)
221 Goodbye

As is the case with most ESPs, sending multiple copies of the same message can be achieved within the same connection thus allowing you to send to multiple recipients at once. This is done by repeating the RCPT TO command several times within the same connection, but there are limitations. For example, some ISPs limit the number of recipients and can also limit the number of connections per IP within a certain timeframe, this process is called “throttling”.

Luckily you don’t have to worry about this, we have a trained group of individuals who are looking after this for you. Leave this part up to us!

Take away: If my computer doesn’t say the right things to your computer, there is little hope that you will accept my email.

Complaints

If your recipients are marking your email as ‘spam’, your delivery is going to be in trouble. Spam reports are a direct reflection of how your email is received and what a lot of people don’t understand is CAN SPAM and Bill C-28 aren’t the gatekeepers; the ISP is, and the ISP listens to their users (your recipients).

If you want your email to get delivered, you cannot generate complaints. It’s as simple as that. Here are a few ways to avoid user complaints:

  • Make sure every person on your list knows who you are and is expecting your email
  • Send a confirmation email to all new signups (if you are not doing this, you are in the dark ages of email marketing.. seriously)
  • Have the common courtesy to ask people if they want to be on your mailing list, DO NOT sign them up automatically
  • Make your signup process crystal clear, explaining what someone is signing up for, when they will start receiving emails, and how often they can expect to hear from you

For a more complete list, check out our Guide to Understanding Email Deliverability here.

Take Away: If people don’t want to receive your email or never wanted to receive it in the first place, they are going to complain.

Bounces

A ‘hard’ bounce is generated when you try to send an email to an address that does not exist. Sending to these invalid addresses repeatedly (whether knowingly or not) will seriously damage your delivery. You must ensure they are removed and stay removed.

If you haven’t used the list in a while (3-6 months) or you are thinking of reviving an old list, you need to be very careful. ISPs monitor the number of hard bounces you generate very closely and too many will affect your delivery and cause blocks.

  • Confirm the address exists on signup by sending a confirmation email
  • Ensure you are processing hard bounces correctly
  • Send on a regular basis

Take Away: If you aren’t removing the bad eggs from your hen house, it’s going to get pretty stinky.

Spam Traps

Spam traps are email addresses used to catch spam. They do not signup to receive email voluntarily and if they wind up on your list, it is going to affect your delivery, your reputation or worse.. get you blacklisted. Believe it or not, spammers have ways to get around complaint/bounce rates, but they do not have ways to get around sending to spam traps.

  • Never purchase, borrow, steal or harvest an email list
  • Confirm new signups to ensure the person signing up owns the address in question
  • Remove hard bounces
  • Send on a regular basis

Take Away: Traps addresses are one of the most effective ways of controlling spam today, they are not going anywhere. If you don’t protect yourself, you are at risk.

Engagement

OK, now that we’ve covered the easy part ☺ .. here’s where it gets interesting. Making sure your recipients open and read your emails!

ISPs measure engagement by looking at the number of people who open and click your emails. Engagement is nothing new, it’s been around for a while but like everything, ISPs need to make sure it works before acting on it. Guess what? Now they’re acting on it.

Take Away: If people aren’t actively opening/reading/clicking on links in your emails, it’s a pretty good sign they aren’t interested in receiving them.

This covers the first five of our top ten reasons – check back next week for the remaining five!

10 important metrics for CakeMail resellers

By Francois Lane, on March 23, 2011 - 2 Comments
Tag(s): , , , , ,

(And of course, these apply to other SaaS providers, too.)

Being on top of your metrics is crucial for anyone running a subscription-based service . Going without them is like walking in the dark – you may hit walls or fall in holes.

These metrics help you pinpoint where there are problems, determine what is working well, and decide what should be improved. At a minimum, you should be looking at these every month, as soon as possible after the month ends.

  1. Profit / Runway
    Have a traditional financial statement done every month. If you are making money, congratulations! I’m sure you’ll find something great to do with it.

    If you are losing money, calculate the runway, which is essentially your company’s life expectancy. The most basic way to calculate runway is to divide the amount of cash you have in the bank by your losses. This will give you the number of months until you run out of cash at your current pace. If your runway increases month over month, you’re heading in the right direction. If it decreases month over month, start thinking about of your next round of financing or look at ways you can cut or reduce your expenses.

  2. Website visitor to trial/freemium sign-up conversion ratio (visitors to leads)
    Does your website do a good job at getting people to sign-up for your service? A good way to improve your marketing effectiveness it to optimize your website for conversions and make the sign-up process easy and efficient. Try optimizing key pages such as your home and sign-up pages. Always use A/B testing tools to run experiments.

    It is also a good idea to measure this by website referrers, especially if you are paying to attract visitors to your site. This will help you determine where you should put money at promoting your website.

    This is a good marketing effectiveness metric.

  3. Trial/freemium sign-up to paying customers conversion ratio (leads to customers)
    How effective are you at actually selling your service? While having lots of trial or free users is great, you ultimately need to build a great base of paying customers to make your company profitable. There are multiple reasons why people are not converting and they fall into one of these three categories:

    a) Freemium is plenty for them
    This is assuming that you offer a freemium model. There’s lots of pros and cons for this type of offering, but I won’t go into the details here.

    b) Unqualified – bad client/product fit
    Your product is not for everybody. If you can see that there are many unqualified users trying out your service, this may be caused by the fact that your website is not effective enough at describing who the product is for. There is no point a increasing your Visitor to Trial ratio if it only increases the amount of unqualified trial users.

    c) Good product/client fit
    This is the ideal client for your product but they are not buying. Why? Maybe it is pricing, a missing feature, or they decided to give their business to your competition, etc. Most of the time, the reasons that these potential customers aren’t buying are things that you can act upon. Find out why they are not buying from you by asking the right questions and see if you can address these reasons or overcome their objections.

    This ratio is a good indication of the effectiveness of your sales machine.

  4. New Subscription Revenues
    The amount, in dollars, of new net subscription revenue each month that includes revenue from brand new clients or existing client upgrades and downgrades. Do not include clients canceling their account.

  5. Churn Rate and Average Lifetime of Customer (LT)
    Churn rate is calculated by dividing the amount of clients you lost this month by the total number of clients you had last month Churn is unavoidable. Make sure you understand why clients are leaving and see how you can address these reasons in order to keep your churn rate under control.Average Lifetime of Customer (LT) is calculated by dividing 1 by your churn rate (1/churn). This gives you the amount of months, in average, you are keeping your clients. It increases as your churn lowers.

  6. Average Revenue Per User (ARPU)
    Divide the New Subscription revenue by the quantity of new clients for the period. Consider how you can increase this value by offering add-ons or additional services.

  7. Lifetime Value (LTV)
    The Lifetime Value (LTV) is the LT (in months) multiplied by the ARPU This represent the amount of money you can expect your client will pay over the course of their lifetime as your customer.

  8. Customer Acquisition Cost (CAC)
    Divide the overall sales and marketing costs by the amount of new clients signed each month. This represents the average cost to acquire a single client.

  9. Customer Profitability
    Subtract the Customer Acquisition Cost (CAC) and Cost of Goods (COGS) from the LTV. This number needs to be positive and hopefully will be as large as possible.

    If you are a CakeMail reseller, your COGS includes your CakeMail fee, your cost of supporting your clients and your transactional fees. If you are a SaaS provider, your COGS include everything you need to keep your service running (infrastructure, bandwidth, sysadmins, support people, licences, transaction fees, etc.). In both cases it does not include R&D and administrative expenses.

    Customer Profitability needs to be distinguished from straight profitability. It’s OK to lose money on a monthly basis if you invest massively in R&D as you are betting that these investments will pay back later. However, Customer Profitability do not include these expenses. If Customer Profitability is negative, selling to more clients will only make things worse.

  10. Months to recover Customer Acquisition Costs
    This is one of my favourite metrics and is calculated by dividing the Customer Acquisition Cost by the Average Revenue per User (CAC/ARPU). This result gives you the amount of months it takes to cover you customer acquisition costs, or the amount of time it will take before this customer becomes profitable for you. This has a direct impact on your growth rate.

    The sooner you can recover your acquisition costs, the sooner you’ll be able to “acquire a new client” with the same capital. This is especially crucial if you have limited capital to invest in your growth.

These are just a few of the things you’ll need to measure to make your business successful, but they are some of the most significant for those running SaaS businesses. These numbers, when measured month over month, can help you make important decisions about pricing, marketing, and sales strategies.

Are there other metrics you track to ensure your success? Share them in the comments section.

By Francois Lane, CakeMail CEO & Co-Founder. Follow Francois on twitter at @cakemail_ceo.

Reconfirming your lists

By Andrea Saez, on March 8, 2011 - Leave a comment
Tag(s): , , , , , ,

Our technical support specialist Andrea (@dreasaez on twitter) is our resident how-to expert. Once in a while she’ll be sharing some of her “how do I…” tips and tricks here. This week’s post is all about reconfirming an old/stale subscriber list.

Do you have a list that’s so old it is literally collecting dust (so old = older than 6 months)? You know…the one you’ve been meaning to send that monthly email to, but just haven’t gotten around to yet?

You’re not alone. And all is not lost.

It’s not ok to send marketing messages to this list (it’s stale!) but we’re here to give you the step by step on how to reconfirm your list so you can update it and keep only those subscribers who still want to hear from you without making those who don’t resort to complaining or unsubscribing.

Step 1: Stop Adding Subscribers To This List

It’s time to get rid of that subscription form that is letting people add themselves to your stale/old list. But it’s ok. You’ll replace it almost instantly with a new subscription form in steps 2 and 3, below.

Step 2: Create A Brand New Double Opt-In List

Follow our steps for creating a new list and select “Confirmed Opt-In” as your list type (which means that signing up to receive your emails is just the first step . Subscribers then have to confirm that they signed up by clicking a link in a follow-up email). You’ll also want to ensure you customize your confirmation email template.

Step 3: Reconfirm Your Subscribers

This three-step double opt-in process is easier than it looks, and you’ll be buildling your list with loads of truly interested subscribers in no time flat.

  1. Add a subscription form for the double opt-in list you just created to your website.
  2. Craft a compelling, beautiful, witty, fantastic campaign targeted at your list of existing (but old) contacts. Include a crystal clear call to action that asks them to confirm that they want to receive emails from you in the future. Your call to action (like “Yes, I still want your emails!”) should be a link to the subscription form you created and added in that last step, above.
  3. Everyone who resubscribes, and all new subscribers who sign up via your web form will receive a confirmation email that contains a link they need to click in order to be added to your new list. Now sit back and watch your new list grow, while thinking about your next email campaign to your shiny, new (and definitely interested) list.

Bonus Points:

  • Set up a welcome email! Welcome your new subscribers, tell them what to expect, and give them any other information they need (like links to your blog, an email address where they can get in touch with a real person or a link to your twitter account / facebook page / social media specs)
  • Send your next campaign (this time with compelling content instead of a resubscribe message) soon after you reconfirm this list. You set the expectations when you asked subscribers to confirm their interest – now follow through!
  • Measure results and keep the emails coming (frequently, but not so often they’re annoying to your list) to keep your list engaged. Keep track of what they respond to, what generates the most activity (like click-throughs), and adjust your content to meet the demands of your readers.

Keeping your list current is the mark of a responsible email marketer, and following the right process to reconfirm an old list can do wonders for your reputation as an email sender. It should be done on a regular basis  and is a good way to reconfirm people who haven’t clicked or opened your emails in a while. This process will improve delivery by decreasing complaints,  removing invalid addresses, and increase the overall percentage of engagement for your entire list.

Interested in learning more? Check out the Deliverability section of our support site for more details.

Namespacing in Memcached

By Christian Joudrey, on February 3, 2011 - 3 Comments
Tag(s):

Here at CakeMail we use Memcached to cache numerous amounts of data required by our application. Often we need to flush data from Memcached before its expiration. This is quite easy when dealing with one key, but when you want to flush all keys starting with a given prefix it gets a bit trickier.

Since Memcached does not support wildcard deleting, we decided to implement namespacing in our caching object, which allows us to do just that. Although this is not a new idea, I still felt it was worth sharing with you guys.

Problem

Suppose your application is multilingual and strings are stored in a database. You might want to cache these strings as they do not change very often.

Strings could be stored in Memcached with the given key: string_<LOCALE>_<STRING_NAME>.

Updating a language means waiting for the keys to expire or deleting them. The latter is tricky since you would have to loop through each string and delete them one by one.

Solution

The idea behind namespacing is to have a single key that you can invalidate to cause all of its children to no longer be used.

For instance, here is how we are caching our localized strings:

ns_string_en_US           => 1
string_en_US_1_welcome    => Welcome
string_en_US_1_logout     => Logout

All strings are stored using the following format: string_<LOCALE>_<NS>_<STRING_NAME>.

Whenever we want to flush an entire language all we need to do is increment the ns_string_<LOCALE> key. Doing so causes the namespace to change to 2, thus all strings are loaded from keys string_en_US_2_<STRING_NAME>.

Update: As flyingfirefox pointed out, the above problem can be solved without the use of namespacing, but I wanted to keep the examples simple.

To make this task easier, we built a simple Cache object that is initialized using dependency injection. At this time it only supports a single Memcached instance, but it would be quite trivial to have it support multiple.

Sample Usage

The Code

Cache.php

Cache_Service.php

Cache_Memcache.php

Downsides

Although this technique works for some situations, it may not work for all.

  • Flushing a namespace causes a waste of memory usage within Memcached until the old namespace expires, since you aren’t actually deleting the old keys. This isn’t a huge problem though since Memcached will remove the least recently used keys if it is ever full.
  • Getting a namespaced value requires that you first get the namespace value then the value of the key you want.

What are your thoughts on Memcached namespacing?

Psst.. We are hiring! ;)

By Christian Joudrey, CakeMail’s Lead Programmer. You can follow Christian on twitter @cjoudrey.

Bill C-28 – What Every Marketer Needs to Know

By Kevin Huxham, on January 31, 2011 - 1 Comment
Tag(s):

It has been a little over a month since Canada’s new anti-spam [Bill C-28] received Royal Assent from His Excellency the Right Honourable David Johnston (Governor General of Canada) and we are waiting patiently for the set of regulations that will outline the specifics. If you missed our first two blog posts about Bill C-28, you can read them here and here.

In summary:

Bill C-28 (The Fighting Internet and Wireless Spam Act) is scheduled to come into force this September, but the final date is to be fixed by order of the Governor in Council.

As stated in the Bill itself – “the enactment establishes a regulatory framework to promote the efficiency and adaptability of the Canadian economy by regulating certain activities that discourage reliance on electronic means of carrying out commercial activities.”

Does this apply to me? Bill C-28 is not restricted to residents or companies in Canada, it applies to all marketers sending email to or from Canada and effectively renders CAN SPAM and its incumbent opt-out permission obsolete.

The good folks at Return Path have teamed together with Thindata, the Law Office of Kris Klein and CAUCE to publish an excellent guide on what you need to know about Bill C-28.

The full text of the law as passed by Parliament and which received Royal Assent can be found here.

As noted in this report from thewirereport.ca, Industry Canada is currently in the process of conducting a consultation with the industry before the Bill comes into force and any regulations are passed.

It is important to note that all senders (whether in Canada or not) should plan for the changes now so that you are not caught off guard later. As always, if you have any questions, do not hesitate to contact our Delivery team. CakeMail will continue to keep all of our clients informed as matters develop.

Bye for now,
Kevin

Kevin Huxham is CakeMail’s Director of Deliverability. You can follow Kevin on twitter @cakemail_kev.

The iframe cross-domain policy problem

By Cedric Dugas, on January 24, 2011 - 11 Comments
Tag(s):

If you are a front-end developer that need to use a cross-domain iframe, you know pain. You could write a nice bit of code and get it working on firefox but it would crash on IE. You would think that would be easy – facebook, twitter and all the others cool kids are doing it! Well, not quite.

Here at Cakemail we are currently building a platform that will enable our users to create forms and embed them in their website directly (think an email list subscription form). So basically, we needed to have javascript control in the parent and in the child.

We had 2 problems to solve based on embedding. One was to change the iframe height dynamically (no way in hell were we going to save the iframe height in a database). And sometimes, depending on what functionality our users embedded in their website, we needed to actually redirect the parent page.

Why it is so hard?

Security: I’m sure I don’t really have to tell you what an intruder could do to your website if it had access to your document. It could bind itself to your login process and just get all your users email/password, redirect your website, etc. This is why implementing a cross-domain communication is not to be taken lightly.

Even if you do it right, you have to think about what could happen if your embedded script was compromised. Especially if you embed that script in other websites that are not yours!

Accessing to a parent window and document

Accessing to a parent document is really simple when you are on the same domain, you do a quick window.opener.MyParentFunction(), and you’re done.

However doing this cross-domain? Not so easy. You’ll get something along the line of: Child document does not have the right to access parent document. In fact there is a lot of documentation on the web about how to achieve it, but the problem is that it is often outdated, with solutions that often only works in a couples of browsers.

Doing it the old way: An iframe in an iframe in an iframe

A clever idea that popped up some time ago – embedding an iframe in your child window that’s on the same domain that your parent window. It works, most of the time, but there are variants to this technique where some work and some don’t. Some variants involve the url using a hash to pass data (#), which is really bad if you want to pass lots of data, and also makes annoying noise in IE and a horrible browsing history.


Image source

But remember that this is still a hack. You’re bypassing the protection using a somewhat clever idea, and there is always a chance that it will stop working one day with a browser update.

A nice resource for the old hacks

This website really gets into detail on how to make the iframe hacks work. It’s really useful if you want to understand in details how the iframe cross-domain policy works.

The HTML5 way

Ahhh HTML5, the savior of all our problems – right? For the cross-domain issue, HTML5 implemented a nice new javascript method, postmessage.

window.postmessage was specifically implemented to resolve the cross domain policy problem, safely (well as safe as possible..). Here’s what a communication would look like:

It comes with 2 options to make it as secure as possible, origin and source. Origin being the message domain origin and source being a reference to the window object.

What about ie?

Postmessage is in ie8, however it’s not in ie7 & ie6 (obviously). If you need to support those browsers you will have to rely on another technique.

You can get a really complete description and examples of postmessage on the Mozilla javascript documentation website.

As usual, for a good cross-browser solution we need to compromise

As with a lot of things with the DOM, the best way to do it cross browser is to use the best solution possible, and rely on hacks for older browsers.

Fortunately, that is exactly what easyXDM did for you. This library is (or has been) used by a lot of websites, including Twitter and Disqus! It gives you a nice api that works everywhere. Let’s have a look:

What about IE, how does easyXDM work its magic?

You would think that easyXDM use the simple iframes trick to work in ie7 & ie6, but in fact it use a much more clever hack. It use an ie only protocol (some kind of vbscript) that makes cross-domain communication possible, the NixTransport.

“This implementation therefore wraps the JavaScript objects used inside a VBScript class. Since VBScript objects are passed in JavaScript as a COM wrapper (like DOM objects), they are thus opaque to JavaScript (except for the interface they expose). This therefore provides a safe method of transport. Initially based on FrameElementTransport which shares some similarities to this method. “

You can get more information about the NixTransport here.

Limitations

One clear limitation I noticed using this library is that loading a children window without being embedded from the parent make easyXDM throw a js error. There are ways on the forum to correct this using a third window but it’s not really convenient, I also did some tests with the onReady option. It seemed to work at first, but it sometimes still throws an error anyway.

For what it’s worth, it is still the most powerful library I found out there, I sent a message of 1mb and it still got through, even in IE7, and its really fast.

That’s it!

Hope this can help you get all your cross-domain communication going!

This piece was written by Cedric Dugas, CakeMail’s Interface Developer. You can follow Cedric on twitter @posabsolute.

« Previous PageNext Page »