Skip to content
Permalink
Browse files

[e] (0) Add warning notes to the Security sections of Location and Wi…

…ndow since they are in flux with no end in sight.

Affected topics: DOM APIs, Security

git-svn-id: http://svn.whatwg.org/webapps@8196 340c8d12-0b0e-0410-8428-c7bf67bfef74
  • Loading branch information...
Hixie committed Sep 23, 2013
1 parent 627ce03 commit 2b70548181234f80203743ecb4f59c9df466157a
Showing with 36 additions and 0 deletions.
  1. +12 −0 complete.html
  2. +12 −0 index
  3. +12 −0 source

<h4 id=security-window><span class=secno>6.2.1 </span>Security</h4>

<p class=XXX>This section describes a security model that is underdefined, imperfect, and does
not match implementations. Work is ongoing to attempt to resolve this, but in the meantime, please
do not rely on this section for precision. Implementors are urged to send their feedback on how
cross-origin cross-global access to <code><a href=#window>Window</a></code> and <code><a href=#location>Location</a></code> objects should
work.</p>

<p id=security-2>User agents must throw a <code><a href=#securityerror>SecurityError</a></code> exception whenever any
properties of a <code><a href=#window>Window</a></code> object are accessed when the <a href=#incumbent-script>incumbent script</a> has
an <a href=#effective-script-origin>effective script origin</a> that is not the <a href=#same-origin title="same origin">same</a> as

<h5 id=security-location><span class=secno>6.5.3.1 </span>Security</h5>

<p class=XXX>This section describes a security model that is underdefined, imperfect, and does
not match implementations. Work is ongoing to attempt to resolve this, but in the meantime, please
do not rely on this section for precision. Implementors are urged to send their feedback on how
cross-origin cross-global access to <code><a href=#window>Window</a></code> and <code><a href=#location>Location</a></code> objects should
work.</p>

<p id=security-3>User agents must throw a <code><a href=#securityerror>SecurityError</a></code> exception whenever any
properties of a <code><a href=#location>Location</a></code> object are accessed when the <a href=#entry-script>entry script</a> has an
<a href=#effective-script-origin>effective script origin</a> that is not the <a href=#same-origin title="same origin">same</a> as the
12 index

<h4 id=security-window><span class=secno>6.2.1 </span>Security</h4>

<p class=XXX>This section describes a security model that is underdefined, imperfect, and does
not match implementations. Work is ongoing to attempt to resolve this, but in the meantime, please
do not rely on this section for precision. Implementors are urged to send their feedback on how
cross-origin cross-global access to <code><a href=#window>Window</a></code> and <code><a href=#location>Location</a></code> objects should
work.</p>

<p id=security-2>User agents must throw a <code><a href=#securityerror>SecurityError</a></code> exception whenever any
properties of a <code><a href=#window>Window</a></code> object are accessed when the <a href=#incumbent-script>incumbent script</a> has
an <a href=#effective-script-origin>effective script origin</a> that is not the <a href=#same-origin title="same origin">same</a> as

<h5 id=security-location><span class=secno>6.5.3.1 </span>Security</h5>

<p class=XXX>This section describes a security model that is underdefined, imperfect, and does
not match implementations. Work is ongoing to attempt to resolve this, but in the meantime, please
do not rely on this section for precision. Implementors are urged to send their feedback on how
cross-origin cross-global access to <code><a href=#window>Window</a></code> and <code><a href=#location>Location</a></code> objects should
work.</p>

<p id=security-3>User agents must throw a <code><a href=#securityerror>SecurityError</a></code> exception whenever any
properties of a <code><a href=#location>Location</a></code> object are accessed when the <a href=#entry-script>entry script</a> has an
<a href=#effective-script-origin>effective script origin</a> that is not the <a href=#same-origin title="same origin">same</a> as the
12 source

<h4 id="security-window">Security</h4>

<p class="XXX">This section describes a security model that is underdefined, imperfect, and does
not match implementations. Work is ongoing to attempt to resolve this, but in the meantime, please
do not rely on this section for precision. Implementors are urged to send their feedback on how
cross-origin cross-global access to <code>Window</code> and <code>Location</code> objects should
work.</p>

<p id="security-2">User agents must throw a <code>SecurityError</code> exception whenever any
properties of a <code>Window</code> object are accessed when the <span>incumbent script</span> has
an <span>effective script origin</span> that is not the <span title="same origin">same</span> as

<h5 id="security-location">Security</h5>

<p class="XXX">This section describes a security model that is underdefined, imperfect, and does
not match implementations. Work is ongoing to attempt to resolve this, but in the meantime, please
do not rely on this section for precision. Implementors are urged to send their feedback on how
cross-origin cross-global access to <code>Window</code> and <code>Location</code> objects should
work.</p>

<p id="security-3">User agents must throw a <code>SecurityError</code> exception whenever any
properties of a <code>Location</code> object are accessed when the <span>entry script</span> has an
<span>effective script origin</span> that is not the <span title="same origin">same</span> as the

0 comments on commit 2b70548

Please sign in to comment.
You can’t perform that action at this time.