- From: Jochen Eisinger <eisinger@google.com>
- Date: Fri, 07 Apr 2017 08:11:40 +0000
- To: "public-webappsec@w3.org" <public-webappsec@w3.org>
Received on Friday, 7 April 2017 08:12:26 UTC
Hey all,
I started to look at our suborigin implementation in blink, and one of the
things I was stumbling over was the serialization of an origin with a
suborigin, i.e. (scheme, host, port, suborigin) getting serialized to
${scheme}-so://${suborigin}.${host}:${port}/
It seems that the main reason for doing this is to break postMessage for
code that is not aware of suborigins. Is that the case?
If that was the case, have we considered other ways to break this, e.g.
make origin return the null value and add instead a new property to message
(e.g. initiator with two properties origin and suborigin)?
best
-jochen
Received on Friday, 7 April 2017 08:12:26 UTC