On Sun, Feb 19, 2012 at 2:28 PM, Charles Pritchard <[email protected]> wrote: > On 2/17/12 1:35 AM, Anne van Kesteren wrote: >> >> Our proposal takes its cues and algorithms from the postMessage API, and >> allows the source site to restrict drop targets to only those origins which >> it trusts, and allows drop targets to see which origin was the source of a >> drag. The majority of the algorithm can be copied from postMessage, >> including the syntax for allowed target origins. >> >> interface DataTransfer { >> ... >> readonly attribute DOMString origin; >> void allowTargetOrigin(DOMString targetOrigin); >> }; > > Any chance we could get D&D to pass a window object or message port so we > could use postMessage?
The source might be in a different unit of related browsing contexts, which might mean in a different process in a multi-process browser. In those cases, we wouldn't want to provide a window reference. > window.open/iframe seems the only way to link; I've used an > iframe+sharedworker setup before, which works pretty well. Correct. That's by design. Adam
