Define 'child-src's algorithms.

w3c · Aug 1, 2016 · 93e62e7 · 93e62e7
1 parent 83cf115
commit 93e62e7
Showing 1 changed file with 29 additions and 4 deletions.
diff --git a/index.src.html b/index.src.html
@@ -1547,13 +1547,38 @@ <h5 id="child-src-algorithms">Algorithms</h5>
 
   This directive's <a for="directive">pre-request check</a> is as follows:
 
-  Given a <a>request</a> (|request|):
+  Given a <a>request</a> (|request|) and a <a>policy</a> (|policy|):
+
+  1.  Let |name| be the result of executing
+      [[#effective-directive-for-a-request]] on |request|.
 
-  ISSUE: TODO.
+  2.  If |name| is not `frame-src` or `worker-src`, return "`Allowed`".
+
+  3.  If |policy| contains a directive whose <a for="directive">name</a>
+      is |name|, return "`Allowed`"
+
+  4.  Return the result of executing the <a for="directive">pre-request
+      check</a> for the <a>directive</a> whose <a for="directive">name</a>
+      is |name| on |request| and |policy|, using this directive's
+      <a for="directive">value</a> for the comparison.
 
   This directive's <a for="directive">post-request check</a> is as follows:
 
-  ISSUE: TODO.
+  Given a <a>request</a> (|request|), a <a>response</a> (|response|), and a
+  <a>policy</a> (|policy|):
+
+  1.  Let |name| be the result of executing
+      [[#effective-directive-for-a-request]] on |request|.
+
+  2.  If |name| is not `frame-src` or `worker-src`, return "`Allowed`".
+
+  3.  If |policy| contains a directive whose <a for="directive">name</a>
+      is |name|, return "`Allowed`"
+
+  4.  Return the result of executing the <a for="directive">post-request
+      check</a> for the <a>directive</a> whose <a for="directive">name</a>
+      is |name| on |request| and |policy|, using this directive's
+      <a for="directive">value</a> for the comparison.
 
   <h4 id="directive-connect-src">`connect-src`</h4>
 
@@ -1765,7 +1790,7 @@ <h5 id="default-src-algorithms">Algorithms</h5>
       same way this algorithm does?
 
   5.  Otherwise, return the result of executing the
-      <a for="directive">pre-request check</a> for the <a>directive</a> whose
+      <a for="directive">post-request check</a> for the <a>directive</a> whose
       <a for="directive">name</a> is |name| on |request| and |policy|, using
       this directive's <a for="directive">value</a> for the comparison.