In multi-tenant database systems, customer organizations (also referred to as “tenants”, “orgs”, “tenant orgs”, “tenants/orgs”, or the like) may share database resources in one logical database. The databases themselves are typically shared, and each tenant is typically associated with an organization identifier (org ID) column or field that may be used to identify rows or records belonging to each tenant. Users of a multi-tenant database system (e.g., a tenant/organization (org) or developers associated with the tenant) may develop applications or platforms that interact or integrate with the multi-tenant database system and utilize data from an associated tenant space. The applications/platforms may obtain data from the associated tenant space to render/display visual representations of relevant tenant data. In some cases, the applications/platforms may utilize tenant data for interacting with clients, and may include program code or script(s) that call an application programming interface (API) to obtain and manipulate data, create and execute the sending of various messages based on various triggering events, and/or other like functions.
Some orgs may provide multiple resources, applications, or platforms that correspond with different services or products. At least some of these orgs may wish to integrate multiple resources or applications (or micro-applications) into a same web object (e.g., a webpage, a web application, etc.) even though these resources and/or applications may be hosted by multiple separate servers. In addition, some orgs may wish to integrate content items served from various content providers or partner companies separate from the org into the single web object or application. Examples of such resources/applications may include social network widgets, advertising network content, or the like. As tenants/orgs increasingly develop applications that rely on multiple content and resource sources, webpage sizes continues to rise and content/resources may be served to user systems that are not fully controlled by the multi-tenant database system. This may cause security and performance related issues to arise.
The conventional solution for incorporating multiple webpages into a single web object is to use the hypertext markup language (HTML) inline frames (iFrame). iFrames allow a browser window to be split into multiple segments where each segment can display different documents or resources from the same or different servers. This may allow a main window/iFrame running a main application to be isolated from third party code running in other secondary windows/iFrames. Additionally, the third party code may be prevented from accessing main window domain session cookies and session information. iFrames also have a sandbox attribute that allows a developer to define restrictions for the type of content that may be displayed in an iFrame. However, integration is difficult when using iFrames because each frame runs in its own context and requires an API to allow different iFrames (and content therein) to communicate with one another. Furthermore, the use of iFrames may also reduce performance of code execution and graphics rendering.