[whatwg] DND: proposal to expose origin

Adam Barth w3c at adambarth.com
Sun Feb 19 16:28:02 PST 2012

On Sun, Feb 19, 2012 at 2:28 PM, Charles Pritchard <chuck at jumis.com> wrote:
> On 2/17/12 1:35 AM, Anne van Kesteren wrote:
>> Our proposal takes its cues and algorithms from the postMessage API, and
>> allows the source site to restrict drop targets to only those origins which
>> it trusts, and allows drop targets to see which origin was the source of a
>> drag. The majority of the algorithm can be copied from postMessage,
>> including the syntax for allowed target origins.
>> interface DataTransfer {
>>  ...
>>  readonly attribute DOMString origin;
>>  void allowTargetOrigin(DOMString targetOrigin);
>> };
> Any chance we could get D&D to pass a window object or message port so we
> could use postMessage?

The source might be in a different unit of related browsing contexts,
which might mean in a different process in a multi-process browser.
In those cases, we wouldn't want to provide a window reference.

> window.open/iframe seems the only way to link; I've used an
> iframe+sharedworker setup before, which works pretty well.

Correct.  That's by design.


More information about the whatwg mailing list