The SignDoc Browser Capture library needs access to the top-level window object in the DOM.

To support scenarios where the sdbc.js library runs inside an IFrame whose domain is different compared to the domain of the hosting web application, additional effort is needed.

Generally, there are two approaches to solve this:

Include sdbc-iframe-ext.js extension

An extension of the SignDoc Browser Capture library can be found in the sdbc subfolder of the SignDoc SDK shipment: sdbc/sdbc-iframe-ext.js

Add this extension as JavaScript library to your main webpage, which hosts the SignDoc Browser Capture inside an IFrame.

<head>  
    <script src="sdbc-iframe-ext.js"></script>	 

The SignDoc Browser Capture library inside the IFrame will recognize the extension and use it to get access to the top-level window object.

Technically, the Windows Messaging API is used for communication.

For security reasons, it is recommended to restrict the communication to one origin. You can do this by specifying the domain of the IFrame web application in a global sdbc object in your main application.

<head>  
    <script src="sdbc-iframe-ext.js"></script> 
    <script> 
        window.sdbc = { 
           origin: "http://domain-of-iframe-web-app” 
        } 
    </script>   

Use a reverse proxy

If you do not want to include the sdbc-iframe-ext.js extension in your web application, you can set up a reverse proxy environment that serves both web applications using the same domain.