chrome: URIs are immutable, and when we try to blow away the userPass part of the URI created from the provided origin, it fails and causes postMessage to silently fail. You can send the message if you use "*" to do so, but it's not particularly safe to do so if navigation occurs to an untrusted page after the call happens (not likely since that navigation would require privileges or unlucky user interaction, but still not good). Not sure what a good solution would be here that doesn't unnecessarily muddy up the path of execution for a particular use case...
Component: DOM: Mozilla Extensions → DOM
Product: Core → Core
You need to log in before you can comment on or make changes to this bug.