Passing "origin" with intents

Hi all,

I saw some earlier mention [1] of the inability for web-intents to
obtain the origin of the calling site.

Is this something that will be added?

I am also working on an authentication protocol; and without the
ability to verify the origin of a message, WebIntents are almost
useless. (I can work around it by making the call to the intent from a
content-script running in my chrome extension that shares a secret
with the intent; but that feels very fragile).

A couple of other use-cases for including the origin could be:
• Content-filtering: If I am running an image sharing web-intent, I
might want to block content from http://*.xxx.
• UI enhancement: If I am running an editing web-intent, it would be
nice to be able to tell the user "return to <origin>"
• Authentication: If I am running an authentication web-intent, it's
essential to know which website is asking for the user's identity (I
don't want to give it to a malicious 3rd-party by accident).

Conrad

[1] http://lists.w3.org/Archives/Public/public-web-intents/2012May/0012.html

Received on Monday, 27 August 2012 02:32:58 UTC