[tbb-dev] TargetPrincipalDoesNotMatch message from postMessage in JS Console even though target / recipient origins match.

[Dan Bryant]

Is this an intentional veto of the windows.postMessage API?
Understandable if it is, but I failed to see where it was implemented
or how to override it (to re-enable postMessage).

This error shows up when trying to use the TREZOR cryptocurrency
wallet on https://www.MyCrypto.com (a popular ethereum wallet).  The
problem arises when www.mycrypto.com tries to authorize through
connect.trezor.io.  The authorization is performed through
window.postMessage communication channel.

The text of the error in the JS Console is obviously the
TargetPrincipalDoesNotMatch message (ref1, line 249).  There is only
one spot that this message is presented in the postMessage workflow
(ref2, line 128).  This is only called in a failed equality check,
which, according to the message text, shouldn't have failed (ref3).
Since all origins mentioned match "https://connect.trezor.io" I'm
curious as to why the equality check (ref3, line 96) would have
failed.

Anyway, I'll be happy to open this as a ticket, I just didn't know if
this was a known exclusion that is somehow setup upstream of this
call.

## JS Console Message
---
Failed to execute ‘postMessage’ on ‘DOMWindow’:
The target origin provided (‘https://connect.trezor.io’) does not
match the recipient window’s origin (‘https://connect.trezor.io’).
---

## Reference
git: https://gitweb.torproject.org/tor-browser.git
branch: tor-browser-60.7.0esr-8.5-1
ref1: /dom/locales/en-US/chrome/dom/dom.properties : 249
ref2: /dom/base/PostMessageEvent.cpp?h=tor-browser-60.7.0esr-8.5-1 : 128
ref3: /dom/base/PostMessageEvent.cpp?h=tor-browser-60.7.0esr-8.5-1 : 96