Live preview with Hash with different origin

In this POC, we pass the hash to the iframe by setting it in the window object (Why are we doing that? Read the explanation of the previous POC). This method is a security risk and is not allowed when the parent and iframes are hosted on different origins. You can check the error in the browser's console.

You should see an Uncaught SecurityError. If you don' see the error, it may be due to iframe loading speed. Refresh the page and you should see an error.

Hence, we found an alternative to setting the values to the window object, demonstrated in the following POC.