diff --git a/index.html b/index.html index eb1bacd1..7886abb7 100644 --- a/index.html +++ b/index.html @@ -223,26 +223,31 @@
A navigation scope is a [[!URL]] that represents the set of
URLs to which an application context can be navigated while the
- manifest is being applied. A developer specifies the navigation
- scope via the scope
member.
+ manifest is applied. To determine if a URL is within the
+ navigation scope, the user agent MUST run the within
+ scope algorithm.
- A URL A is said the be within scope of navigation
- scope B, if:
+ A string targetURL is said the be within scope of
+ navigation scope scopeURL if the following algorithm returns
+ true
:
undefined
.
+ undefined
(i.e., it is
+ unbounded because of an error or it was not declared in the
+ manifest), return true
.
false
.
pathname
starts with
+ scope's pathname
, return
+ true
.
false
.
+ Enforcing the navigation scope depends on [[!HTML]]'s navigate @@ -256,10 +261,43 @@
SecurityError
.
+
+ A developer specifies the navigation scope via the
+ scope
member. In the case where the
+ scope
member is missing or in error, the navigation
+ scope is treated as unbounded (represented as the value
+ undefined
). In such a case, the manifest is applied to all
+ URLs the application context is navigated to (see related security
+ considerations).
+
+ When the navigation scope is unbounded and a display
+ mode other than browser
is being applied, it is
+ RECOMMENDED that user agents signal to the end-user when security
+ and/or privacy sensitive navigations occur. The manner of signaling
+ is left up to implementers, but can include things like showing the
+ URL of the application context, dropping out of fullscreen to the
+ browser display mode. Examples of security and/or privacy sensitive
+ navigations include, but are not limited to:
+