Yea, that's a good use case you mentioned regarding the browser-build application.
Why we want this library, at Wingify, is something related to heatmaps and showing previews of changes made to the site in new tabs. Please read the detailed explanation I gave to @martin-adams in the above comment.
Yes, there are many.
I'm a developer at Wingify, an A/B Testing tool and we are using this library I created a few days back. We have something called heatmaps - https://vwo.com/features/#heatmaps-clickmaps
To view a heatmap, user has to enter a URL, select date-range(Optional), and select the segmentation(eg. Direct, Referral, Location, Device, etc.)(optional).
A new tab is opened up with the specified URL each time on clicking the generate button.
So, let's say, you have to view heatmap of your site for:
1.The last week and only for those who live in US
2. The last week and only for those who uses Windows
3. The last month and who came directly to your site
4. The entire duration of the campaign and for all users
Now, for each configuration, there's an opened tab with the specified URL opened in it and the data for the requested segments and dates.
To pass on the data to and fro from one tab to another, and to track the status of all tabs(active/close), to notify other tabs when one gets closed, to notify all the children tabs when the opener tab gets closed, to send a message to a specific tab(eg. change segment) and to send a message to all tabs(eg. fetch data for new date applied), this library comes in handy. All this can be achieved with its simple API.
Yea, that's totally true.
I would recommend using an origin property to be used every time an instance of the Library is created. Please refer: https://github.com/wingify/across-tabs#usage
Then don't have a default that works without doing so. Really, defaults like this lead to "works, ship it" and totally unnecessary cases of vulnerable software.
Does that mean, the library should not act when an origin is not specified and throw some kinda message in the console?
How can it be enforced? Any suggestions?
Users can also make it a bit more complicated while using `*` to get hacked by accepting responses which match some kinda pattern(it's not bullet-proof though) and simply discarding others.
