<script>(opener||parent).postMessage(isSecureContext, '*')</script>