- From: Timothy Gu <notifications@github.com>
- Date: Sun, 14 Oct 2018 09:48:05 -0700
- To: whatwg/url <url@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Sunday, 14 October 2018 16:48:27 UTC
Unlike other `URL` attributes, `origin` is specifically designed *not* to be a verbatim URL fragment. Consider `new URL('https://user:pass@host.com/').origin`, IIRC it returns `'https://host.com'` which is assembled from nonlinear chunks of the URL.
URL origins serve a very specific purpose in the web security model and one shouldn’t think of it as a part of the URL in general. This is also why `origin` is a read-only attribute.
> Do we really want JS devs to have to write code like `if (!url.origin || url.origin === 'null')`?
I don’t remember a case where `url.origin` could ever be falsey.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/url/issues/310#issuecomment-429642012
Received on Sunday, 14 October 2018 16:48:27 UTC