nwfaketop breaks postMessage #8285
Description
nwfaketop breaking window.parent.postMessage seems to be the intended behavior, but I file this as an issue because the documentation states that nwfaketop is required to prevent the iframe from accessing nodejs apis:
https://nwjs.readthedocs.io/en/latest/References/Changes%20to%20DOM/#attribute-nwdisable
This attribute doesn’t prevent the page in normal frames accessing its parent and top frames. Then they can still get access to Node.js APIs. So usually you may want to use this attribute with nwfaketop togather.
this requirement would mean setting nwfaketop breaks standard behavior between iframe and its window.parent. but my intention is to fully prevent nodejs api in the iframe while also retaining the standard behavior.
Wouldn't this be a typo in the documentation though? The way I read that quote is if you have an iframe element with nwdisable attribute set, you should also set nwfaketop to fully prevent it from accessing node apis. But shouldn't this note be in the nwframetop instead? In my tests using only nwdisable prevents access to require and nw objects, while nwfaketop alone does not. So logically I would think the quote mentioned earlier should pertain in nwfaketop section not in the nwdisable one. Maybe I'm missing something? I guess I'm just confused.