Cross domain ajax request without CORS using iframe and postMessage

cross-domain.js

$.fn.crossDomainRequest = function(url, method, data, fn) {
    var self = this;
    var receiver = self.attr('src').replace(/\/.*$/, '').replace(/^https?::\/\//, '');
    function get(event) {
        if (event.origin.match(receiver)) {
            // event.data is response from POST
            fn(event.data);
        }
    }
    if (window.addEventListener){
        addEventListener("message", get, false)
    } else {
        attachEvent("onmessage", get)
    }
    var payload = JSON.stringify({url: url, method: method, data: data);
    self[0].contentWindow.postMessage(payload, self.attr('src'));
};
$.crossDomainResponse = function(url) {
    function listener(event) {
        if (event.origin.match(domain.replace(/\./g, '\\.'))) {
            var data = JSON.parse(event.data);
            $[data.method](data.url, data.data, function(reponse) {
                window.parent.postMessage(reponse, "*");
            });
        }
    }
    if (window.addEventListener){
        addEventListener("message", listener, false)
    } else {
        attachEvent("onmessage", listener)
    }
};
}

usage.js

// in sender.com
var iframe = $('<iframe/>').attr('src', 'http://reciver.com/cross-domain').hide().appendTo('body');
iframe.crossDomainRequest('/some/page', 'get', {}, function(response) {
    console.log(response);
});
// in reciver.com
$.crossDomainResponse('sender.com');

I think there is a typo there: the function crossDomainResponse takes in domain instead of url.