Browse files

[] (0) Cleanup around <img> requirements. Disallow scripts to run in …

…<img> images.

git-svn-id: http://svn.whatwg.org/webapps@1956 340c8d12-0b0e-0410-8428-c7bf67bfef74
  • Loading branch information...
1 parent 51c0579 commit 0796a5509736cb4588752c83f2bccf79b7dc149d @Hixie Hixie committed Jul 30, 2008
Showing with 39 additions and 28 deletions.
  1. +20 −14 index
  2. +19 −14 source
View
34 index
@@ -15436,16 +15436,17 @@ interface <dfn id=htmlimageelement>HTMLImageElement</dfn> : <a href="#htmlelemen
href="#img">img</a></code> element's <a href="#fallback">fallback
content</a>.
- <p><strong>Authoring requirements</strong>: The <code title=attr-img-src><a
- href="#src">src</a></code> attribute must be present, and must contain a
- <a href="#valid">valid URL</a>. The requirements on the <code
- title=attr-img-alt><a href="#alt0">alt</a></code> attribute's value are
- described <a href="#alt">in the next section</a>.
+ <p>The <code title=attr-img-src><a href="#src">src</a></code> attribute
+ must be present, and must contain a <a href="#valid">valid URL</a>.
<p class=big-issue>Should we restrict the URL to pointing to an image?
What's an image? Is PDF an image? (Safari supports PDFs in &lt;img>
elements.) How about SVG? (Opera supports those). WMFs? XPMs? HTML?
+ <p>The requirements on the <code title=attr-img-alt><a
+ href="#alt0">alt</a></code> attribute's value are described <a
+ href="#alt">in the next section</a>.
+
<p class=big-issue>There has been some suggestion that the <code
title="">longdesc</code> attribute from HTML4, or some other mechanism
that is more powerful than <code title="">alt=""</code>, should be
@@ -15458,11 +15459,10 @@ interface <dfn id=htmlimageelement>HTMLImageElement</dfn> : <a href="#htmlelemen
<hr>
- <p><strong>User agent requirements</strong>: When the <code
- title=attr-img-alt><a href="#alt0">alt</a></code> attribute is present and
- its value is the empty string, the image supplements the surrounding
- content. In such cases, the image may be omitted without affecting the
- meaning of the document.
+ <p>When the <code title=attr-img-alt><a href="#alt0">alt</a></code>
+ attribute is present and its value is the empty string, the image
+ supplements the surrounding content. In such cases, the image may be
+ omitted in the rendering without affecting the meaning of the document.
<p>When the <code title=attr-img-alt><a href="#alt0">alt</a></code>
attribute is present and its value is not the empty string, the image is a
@@ -15487,6 +15487,13 @@ interface <dfn id=htmlimageelement>HTMLImageElement</dfn> : <a href="#htmlelemen
<code title=attr-img-alt><a href="#alt0">alt</a></code> attribute, if any,
or nothing, if that attribute is empty or absent.
+ <p>When the <code title=attr-img-src><a href="#src">src</a></code>
+ attribute is present, the element represents the image given by that
+ attribute.
+
+ <p>The contents of <code><a href="#img">img</a></code> elements, if any,
+ are ignored for the purposes of rendering.
+
<hr>
<p>When an <code><a href="#img">img</a></code> is created with a <code
@@ -15526,7 +15533,8 @@ interface <dfn id=htmlimageelement>HTMLImageElement</dfn> : <a href="#htmlelemen
<p class=note>This allows servers to return images with error responses.
<p>User agents must not support non-image resources with the <code><a
- href="#img">img</a></code> element.
+ href="#img">img</a></code> element. User agents must not run executable
+ code (e.g. scripts) embedded in the image resource.
<hr>
@@ -15549,9 +15557,7 @@ interface <dfn id=htmlimageelement>HTMLImageElement</dfn> : <a href="#htmlelemen
title=attr-hyperlink-href><a href="#href6">href</a></code> attribute.
<p>The <code><a href="#img">img</a></code> element supports <a
- href="#dimension0">dimension attributes</a>.</p>
- <!-- XXX contents of <img> should be ignored for rendering but not
- for semantics, e.g. <script>, <input>, etc. -->
+ href="#dimension0">dimension attributes</a>.
<p>The DOM attributes <dfn id=alt1
title=dom-img-alt><code>alt</code></dfn>, <dfn id=src0
View
33 source
@@ -12982,17 +12982,18 @@ interface <dfn>HTMLImageElement</dfn> : <span>HTMLElement</span> {
title="attr-img-alt"><code>alt</code></dfn> attribute is the
<code>img</code> element's <span>fallback content</span>.</p>
- <p><strong>Authoring requirements</strong>: The <code
- title="attr-img-src">src</code> attribute must be present, and must
- contain a <span>valid URL</span>. The requirements on the <code
- title="attr-img-alt">alt</code> attribute's value are described <a
- href="#alt">in the next section</a>.</p>
+ <p>The <code title="attr-img-src">src</code> attribute must be
+ present, and must contain a <span>valid URL</span>.</p>
<p class="big-issue">Should we restrict the URL to pointing to an
image? What's an image? Is PDF an image? (Safari supports PDFs in
&lt;img> elements.) How about SVG? (Opera supports those). WMFs?
XPMs? HTML?</p>
+ <p>The requirements on the <code title="attr-img-alt">alt</code>
+ attribute's value are described <a href="#alt">in the next
+ section</a>.</p>
+
<p class="big-issue">There has been some suggestion that the <code
title="">longdesc</code> attribute from HTML4, or some other
mechanism that is more powerful than <code title="">alt=""</code>,
@@ -13005,11 +13006,10 @@ interface <dfn>HTMLImageElement</dfn> : <span>HTMLElement</span> {
<hr>
- <p><strong>User agent requirements</strong>: When the <code
- title="attr-img-alt">alt</code> attribute is present and its value
- is the empty string, the image supplements the surrounding
- content. In such cases, the image may be omitted without affecting
- the meaning of the document.</p>
+ <p>When the <code title="attr-img-alt">alt</code> attribute is
+ present and its value is the empty string, the image supplements the
+ surrounding content. In such cases, the image may be omitted in the
+ rendering without affecting the meaning of the document.</p>
<p>When the <code title="attr-img-alt">alt</code> attribute is
present and its value is not the empty string, the image is a
@@ -13035,6 +13035,13 @@ interface <dfn>HTMLImageElement</dfn> : <span>HTMLElement</span> {
element's <code title="attr-img-alt">alt</code> attribute, if any,
or nothing, if that attribute is empty or absent.</p>
+ <p>When the <code title="attr-img-src">src</code> attribute is
+ present, the element represents the image given by that
+ attribute.</p>
+
+ <p>The contents of <code>img</code> elements, if any, are ignored
+ for the purposes of rendering.</p>
+
<hr>
<p>When an <code>img</code> is created with a <code
@@ -13075,7 +13082,8 @@ interface <dfn>HTMLImageElement</dfn> : <span>HTMLElement</span> {
responses.</p>
<p>User agents must not support non-image resources with the
- <code>img</code> element.</p>
+ <code>img</code> element. User agents must not run executable code
+ (e.g. scripts) embedded in the image resource.</p>
<hr>
@@ -13099,9 +13107,6 @@ interface <dfn>HTMLImageElement</dfn> : <span>HTMLElement</span> {
<p>The <code>img</code> element supports <span>dimension
attributes</span>.</p>
- <!-- XXX contents of <img> should be ignored for rendering but not
- for semantics, e.g. <script>, <input>, etc. -->
-
<p>The DOM attributes <dfn
title="dom-img-alt"><code>alt</code></dfn>, <dfn
title="dom-img-src"><code>src</code></dfn>, <dfn

0 comments on commit 0796a55

Please sign in to comment.