Teach ExtendableMessageEvent to work with origins.#1821
Teach ExtendableMessageEvent to work with origins.#1821yoshisatoyanagisawa merged 3 commits intow3c:mainfrom
Conversation
Currently, ExtendableMessageEvent's origin holds a serialized origin. In order for Origin.from(...) to function as intended for sources with opaque origins, we need to hold an origin on ExtendableMessageEvent instead. This patch adds an "origin" concept to `ExtendableMessageEvent`, and shifts call sites to initialize that value with an origin whenever possible. It also adds "extract an origin" steps to return the stored origin when present, and to return null in cases where the object was initialized with an untrusted origin representation (e.g., when its constructor is called with a ExtendableMessageEventInit dictionary). This replicates whatwg/html#11993's work on `MessageEvent`, and should fix w3c#1820.
annevk
left a comment
annevk
left a comment
There was a problem hiding this comment.
This looks good to me. A Service Worker editor should probably do final approval.
index.bs
Outdated
| text: visibilityState; for: Document; url: page-visibility | ||
| type: dfn | ||
| urlPrefix: comms.html | ||
| text: concept-MessageEvent-origin; url: concept-messageevent-origin |
There was a problem hiding this comment.
I didn't expect anyone outside HTML would need it. Silly me. I'll send you a PR in a minute to add the attribute.
There was a problem hiding this comment.
Ah. Actually we did export it. I guess it just hasn't landed in the references DB yet. We should be able to drop this ~tomorrow.
|
Thanks for the update. To ensure full parity with the changes made to Since |
|
Thanks for pointing that out. Added it in c890bb1. |
|
lgtm. Thank you! |
SHA: c9b4790 Reason: push, by yoshisatoyanagisawa Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
SHA: c9b4790 Reason: push, by pull[bot] Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
3 participants
Currently, ExtendableMessageEvent's origin holds a serialized origin. In order for Origin.from(...) to function as intended for sources with opaque origins, we need to hold an origin on ExtendableMessageEvent instead.
This patch adds an "origin" concept to
ExtendableMessageEvent, and shifts call sites to initialize that value with an origin whenever possible. It also adds "extract an origin" steps to return the stored origin when present, and to return null in cases where the object was initialized with an untrusted origin representation (e.g., when its constructor is called with a ExtendableMessageEventInit dictionary).This replicates whatwg/html#11993's work on
MessageEvent, and should fix #1820.Preview | Diff