[Bug 15994] New: origin attribute

https://www.w3.org/Bugs/Public/show_bug.cgi?id=15994

           Summary: origin attribute
           Product: HTML WG
           Version: unspecified
          Platform: PC
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: HTML5 spec (editor: Ian Hickson)
        AssignedTo: ian@hixie.ch
        ReportedBy: karl+w3c@la-grange.net
         QAContact: public-html-bugzilla@w3.org
                CC: mike@w3.org, public-html-wg-issue-tracking@w3.org,
                    public-html@w3.org


The definition of origin attribute in Web Messaging specification Editor's
Draft from January 18, 2012 says at
http://dev.w3.org/html5/postmsg/#dom-messageevent-origin


> It represents, in server-sent events and cross-document 
> messaging, the origin of the document that sent the 
> message (typically the scheme, hostname, and port of 
> the document, but not its path or fragment identifier).

>From this I suspect that the scheme could be anything: http, https, mailto,
irc, etc. In the context a script I was wondering if 

    iframe.contentWindow.postMessage('message','http://dev.opera.com')

could be rewritten

    iframe.contentWindow.postMessage('message','//dev.opera.com')

allowing Web sites to work with or without https without having to rewrite the
code. If this is authorized maybe, the paragraph could be modified with 

    It represents, in server-sent events and cross-document 
    messaging, the origin of the document that sent the 
    message (typically the scheme null string included, 
    hostname, and port of the document, but not its path or 
    fragment identifier). 

    Some examples of valid origin values

    http://foo.example.com
    https://foo.example.com
    //foo.example.com

-- 
Configure bugmail: https://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.

Received on Wednesday, 15 February 2012 19:26:46 UTC