This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.
This was was cloned from bug 15994 as part of operation convergence. Originally filed: 2012-02-15 19:26:00 +0000 Original reporter: Karl Dubost <karl+w3c@la-grange.net> ================================================================================ #0 Karl Dubost 2012-02-15 19:26:39 +0000 -------------------------------------------------------------------------------- The definition of origin attribute in Web Messaging specification Editor's Draft from January 18, 2012 says at http://dev.w3.org/html5/postmsg/#dom-messageevent-origin > It represents, in server-sent events and cross-document > messaging, the origin of the document that sent the > message (typically the scheme, hostname, and port of > the document, but not its path or fragment identifier). From this I suspect that the scheme could be anything: http, https, mailto, irc, etc. In the context a script I was wondering if iframe.contentWindow.postMessage('message','http://dev.opera.com') could be rewritten iframe.contentWindow.postMessage('message','//dev.opera.com') allowing Web sites to work with or without https without having to rewrite the code. If this is authorized maybe, the paragraph could be modified with It represents, in server-sent events and cross-document messaging, the origin of the document that sent the message (typically the scheme null string included, hostname, and port of the document, but not its path or fragment identifier). Some examples of valid origin values http://foo.example.com https://foo.example.com //foo.example.com ================================================================================ #1 Simon Pieters 2012-02-15 19:39:58 +0000 -------------------------------------------------------------------------------- The scheme can't be omitted. However, if you want "allow the same origin as myself", there's a special value for that, "/". ================================================================================ #2 Karl Dubost 2012-02-15 20:04:17 +0000 -------------------------------------------------------------------------------- Ah thanks. This could be put in the specification too. Though that doesn't solve the use case I was mentioning. Hmmm too bad, I guess. Thanks Simon. ================================================================================
*** Bug 15994 has been marked as a duplicate of this bug. ***