- From: Ian Hickson <ian@hixie.ch>
- Date: Fri, 15 Jun 2012 00:06:43 +0000 (UTC)
- To: João Eiras <joaoe@opera.com>
- Cc: "whatwg@whatwg.org" <whatwg@whatwg.org>
- Message-ID: <Pine.LNX.4.64.1206150004320.30734@ps20323.dreamhostps.com>
On Fri, 10 Feb 2012, João Eiras wrote: > > Step 1 of the spec [1] for postMessage says: > > "1. If the value of the targetOrigin argument is neither a single U+002A > ASTERISK character (*), a single U+002F SOLIDUS character (/), nor an > absolute URL, then throw a SyntaxError exception and abort the overall > set of steps." > > The absolute URL part will create problems when the origin of the > scripting environment does not serialize to an absolute URL. > > For instance, if you have two documents A and B in a non http context, > where typically the origin will be "null", like file: or data:, and post > a message from A to B, B will receive a message event which event.origin > property has a value of "null". If the listener then does > > # event.source.postMessage(reply, event.origin) > > (which is a code snippet easily found in online tutorials) step 1 causes > that call to fail with a SYNTAX_ERR exception. > > Step 1 should be changed to instead of referring to an absolute URI, > refer to a valid origin, as serialized by the origin serialization > algorithm. If the origin doesn't serialise to an absolute URL, then we don't have a way to check it (they're all "null"). So I don't think that works. That's why it always throws SYNTAX_ERR for "null" origins. -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
Received on Friday, 15 June 2012 00:08:18 UTC