[giow] (2) Explicitly fire 'error' on <img src=''> (blank src)

git-svn-id: http://svn.whatwg.org/webapps@4841 340c8d12-0b0e-0410-8428-c7bf67bfef74

complete.html

@@ -18534,29 +18534,38 @@ <h4 id=the-img-element><span class=secno>4.8.1 </span>The <dfn><code>img</code><
 
   <hr><p>Unless the user agent cannot support images, or its support for
   images has been disabled, or the user agent only fetches elements on
-  demand, or the element's <code title=attr-img-src><a href=#attr-img-src>src</a></code>
-  attribute's value is the empty string, then, when an
-  <code><a href=#the-img-element>img</a></code> is created with a <code title=attr-img-src><a href=#attr-img-src>src</a></code> attribute, and whenever the <code title=attr-img-src><a href=#attr-img-src>src</a></code> attribute is set subsequently, the
-  user agent must <a href=#resolve-a-url title="resolve a url">resolve</a> the value
-  of that attribute, relative to the element, and if that is
-  successful must then <a href=#fetch>fetch</a> that resource.</p> <!-- Note
-  how this does NOT happen when the base URL changes. --> <!--
-  http-origin privacy sensitive -->
-
-  <!-- same text in <input type=image> section and similar text elsewhere -->
-  <p>Fetching the image must <a href=#delay-the-load-event>delay the load event</a> of the
-  element's document until the <a href=#concept-task title=concept-task>task</a>
-  that is <a href=#queue-a-task title="queue a task">queued</a> by the
-  <a href=#networking-task-source>networking task source</a> once the resource has been <a href=#fetch title=fetch>fetched</a> (defined below) has been run.</p>
+  demand, then, when an <code><a href=#the-img-element>img</a></code> is created with a <code title=attr-img-src><a href=#attr-img-src>src</a></code> attribute, and whenever the <code title=attr-img-src><a href=#attr-img-src>src</a></code> attribute is set subsequently, the
+  user agent must run the following steps:</p> <!-- Note how this does
+  NOT happen when the base URL changes. -->
 
-  <p class=warning>This, unfortunately, can be used to perform a
-  rudimentary port scan of the user's local network (especially in
-  conjunction with scripting, though scripting isn't actually
-  necessary to carry out such an attack). User agents may implement
-  <a href=#origin title=origin>cross-origin</a> access control policies
-  that mitigate this attack.</p>
+  <ol><li><p>If the element's <code title=attr-img-src><a href=#attr-img-src>src</a></code>
+   attribute's value is the empty string, then <a href=#queue-a-task>queue a
+   task</a> to <a href=#fire-a-simple-event>fire a simple event</a> named <code title=event-error>error</code> at the <code><a href=#the-img-element>img</a></code> element,
+   and abort these steps.</li>
 
-  <p>If the image is in a supported image type and its dimensions are
+   <li>
+
+    <p>Otherwise, <a href=#resolve-a-url title="resolve a url">resolve</a> the value
+    of that attribute, relative to the element, and if that is
+    successful must then <a href=#fetch>fetch</a> that resource.</p> <!--
+    http-origin privacy sensitive -->
+
+    <!-- same text in <input type=image> section and similar text
+    elsewhere --> <p>Fetching the image must <a href=#delay-the-load-event>delay the load
+    event</a> of the element's document until the <a href=#concept-task title=concept-task>task</a> that is <a href=#queue-a-task title="queue a
+    task">queued</a> by the <a href=#networking-task-source>networking task source</a>
+    once the resource has been <a href=#fetch title=fetch>fetched</a> (<a href=#img-load>defined below</a>) has been run.</p>
+
+    <p class=warning>This, unfortunately, can be used to perform a
+    rudimentary port scan of the user's local network (especially in
+    conjunction with scripting, though scripting isn't actually
+    necessary to carry out such an attack). User agents may implement
+    <a href=#origin title=origin>cross-origin</a> access control policies
+    that mitigate this attack.</p>
+
+   </li>
+
+  </ol><p>If the image is in a supported image type and its dimensions are
   known, then the image is said to be <dfn id=img-available title=img-available><i>available</i></dfn> (this affects exactly
   what the element represents, as defined below). This can be true
   even before the image is completely downloaded, if the user agent
@@ -18569,9 +18578,8 @@ <h4 id=the-img-element><span class=secno>4.8.1 </span>The <dfn><code>img</code><
 
   <p>If the image was not fetched (e.g. because the UA's image support
   is disabled, or because the <code title=attr-img-src><a href=#attr-img-src>src</a></code>
-  attribute's value is an <i>ignored self-reference</i>), or if the
-  conditions in the previous paragraph are not met, then the image is
-  <em>not</em> <i title=img-available><a href=#img-available>available</a></i>.</p>
+  attribute's value is the empty string, or if the conditions in the
+  previous paragraph are not met, then the image is <em>not</em> <i title=img-available><a href=#img-available>available</a></i>.</p>
 
   <p class=note>An image might be <i title=img-available><a href=#img-available>available</a></i> in one <a href=#view>view</a> but not
   another. For instance, a <code><a href=#document>Document</a></code> could be rendered by
@@ -18608,8 +18616,9 @@ <h4 id=the-img-element><span class=secno>4.8.1 </span>The <dfn><code>img</code><
   <p>This specification does not specify which image types are to be
   supported.</p>
 
-  <p>The <a href=#concept-task title=concept-task>task</a> that is <a href=#queue-a-task title="queue a task">queued</a> by the <a href=#networking-task-source>networking task
-  source</a> once the resource has been <a href=#fetch title=fetch>fetched</a>, must act as appropriate given the
+  <p id=img-load>The <a href=#concept-task title=concept-task>task</a> that is
+  <a href=#queue-a-task title="queue a task">queued</a> by the <a href=#networking-task-source>networking
+  task source</a> once the resource has been <a href=#fetch title=fetch>fetched</a>, must act as appropriate given the
   following alternatives:</p>
 
   <dl class=switch><dt>If the download was successful and the image is <i title=img-available><a href=#img-available>available</a></i></dt>

index

@@ -18433,29 +18433,38 @@ interface <dfn id=htmlimageelement>HTMLImageElement</dfn> : <a href=#htmlelement
 
   <hr><p>Unless the user agent cannot support images, or its support for
   images has been disabled, or the user agent only fetches elements on
-  demand, or the element's <code title=attr-img-src><a href=#attr-img-src>src</a></code>
-  attribute's value is the empty string, then, when an
-  <code><a href=#the-img-element>img</a></code> is created with a <code title=attr-img-src><a href=#attr-img-src>src</a></code> attribute, and whenever the <code title=attr-img-src><a href=#attr-img-src>src</a></code> attribute is set subsequently, the
-  user agent must <a href=#resolve-a-url title="resolve a url">resolve</a> the value
-  of that attribute, relative to the element, and if that is
-  successful must then <a href=#fetch>fetch</a> that resource.</p> <!-- Note
-  how this does NOT happen when the base URL changes. --> <!--
-  http-origin privacy sensitive -->
-
-  <!-- same text in <input type=image> section and similar text elsewhere -->
-  <p>Fetching the image must <a href=#delay-the-load-event>delay the load event</a> of the
-  element's document until the <a href=#concept-task title=concept-task>task</a>
-  that is <a href=#queue-a-task title="queue a task">queued</a> by the
-  <a href=#networking-task-source>networking task source</a> once the resource has been <a href=#fetch title=fetch>fetched</a> (defined below) has been run.</p>
+  demand, then, when an <code><a href=#the-img-element>img</a></code> is created with a <code title=attr-img-src><a href=#attr-img-src>src</a></code> attribute, and whenever the <code title=attr-img-src><a href=#attr-img-src>src</a></code> attribute is set subsequently, the
+  user agent must run the following steps:</p> <!-- Note how this does
+  NOT happen when the base URL changes. -->
+
+  <ol><li><p>If the element's <code title=attr-img-src><a href=#attr-img-src>src</a></code>
+   attribute's value is the empty string, then <a href=#queue-a-task>queue a
+   task</a> to <a href=#fire-a-simple-event>fire a simple event</a> named <code title=event-error>error</code> at the <code><a href=#the-img-element>img</a></code> element,
+   and abort these steps.</li>
+
+   <li>
+
+    <p>Otherwise, <a href=#resolve-a-url title="resolve a url">resolve</a> the value
+    of that attribute, relative to the element, and if that is
+    successful must then <a href=#fetch>fetch</a> that resource.</p> <!--
+    http-origin privacy sensitive -->
+
+    <!-- same text in <input type=image> section and similar text
+    elsewhere --> <p>Fetching the image must <a href=#delay-the-load-event>delay the load
+    event</a> of the element's document until the <a href=#concept-task title=concept-task>task</a> that is <a href=#queue-a-task title="queue a
+    task">queued</a> by the <a href=#networking-task-source>networking task source</a>
+    once the resource has been <a href=#fetch title=fetch>fetched</a> (<a href=#img-load>defined below</a>) has been run.</p>
 
-  <p class=warning>This, unfortunately, can be used to perform a
-  rudimentary port scan of the user's local network (especially in
-  conjunction with scripting, though scripting isn't actually
-  necessary to carry out such an attack). User agents may implement
-  <a href=#origin title=origin>cross-origin</a> access control policies
-  that mitigate this attack.</p>
+    <p class=warning>This, unfortunately, can be used to perform a
+    rudimentary port scan of the user's local network (especially in
+    conjunction with scripting, though scripting isn't actually
+    necessary to carry out such an attack). User agents may implement
+    <a href=#origin title=origin>cross-origin</a> access control policies
+    that mitigate this attack.</p>
 
-  <p>If the image is in a supported image type and its dimensions are
+   </li>
+
+  </ol><p>If the image is in a supported image type and its dimensions are
   known, then the image is said to be <dfn id=img-available title=img-available><i>available</i></dfn> (this affects exactly
   what the element represents, as defined below). This can be true
   even before the image is completely downloaded, if the user agent
@@ -18468,9 +18477,8 @@ interface <dfn id=htmlimageelement>HTMLImageElement</dfn> : <a href=#htmlelement
 
   <p>If the image was not fetched (e.g. because the UA's image support
   is disabled, or because the <code title=attr-img-src><a href=#attr-img-src>src</a></code>
-  attribute's value is an <i>ignored self-reference</i>), or if the
-  conditions in the previous paragraph are not met, then the image is
-  <em>not</em> <i title=img-available><a href=#img-available>available</a></i>.</p>
+  attribute's value is the empty string, or if the conditions in the
+  previous paragraph are not met, then the image is <em>not</em> <i title=img-available><a href=#img-available>available</a></i>.</p>
 
   <p class=note>An image might be <i title=img-available><a href=#img-available>available</a></i> in one <a href=#view>view</a> but not
   another. For instance, a <code><a href=#document>Document</a></code> could be rendered by
@@ -18507,8 +18515,9 @@ interface <dfn id=htmlimageelement>HTMLImageElement</dfn> : <a href=#htmlelement
   <p>This specification does not specify which image types are to be
   supported.</p>
 
-  <p>The <a href=#concept-task title=concept-task>task</a> that is <a href=#queue-a-task title="queue a task">queued</a> by the <a href=#networking-task-source>networking task
-  source</a> once the resource has been <a href=#fetch title=fetch>fetched</a>, must act as appropriate given the
+  <p id=img-load>The <a href=#concept-task title=concept-task>task</a> that is
+  <a href=#queue-a-task title="queue a task">queued</a> by the <a href=#networking-task-source>networking
+  task source</a> once the resource has been <a href=#fetch title=fetch>fetched</a>, must act as appropriate given the
   following alternatives:</p>
 
   <dl class=switch><dt>If the download was successful and the image is <i title=img-available><a href=#img-available>available</a></i></dt>

source

@@ -19657,30 +19657,45 @@ interface <dfn>HTMLImageElement</dfn> : <span>HTMLElement</span> {
 
   <p>Unless the user agent cannot support images, or its support for
   images has been disabled, or the user agent only fetches elements on
-  demand, or the element's <code title="attr-img-src">src</code>
-  attribute's value is the empty string, then, when an
-  <code>img</code> is created with a <code
+  demand, then, when an <code>img</code> is created with a <code
   title="attr-img-src">src</code> attribute, and whenever the <code
   title="attr-img-src">src</code> attribute is set subsequently, the
-  user agent must <span title="resolve a url">resolve</span> the value
-  of that attribute, relative to the element, and if that is
-  successful must then <span>fetch</span> that resource.</p> <!-- Note
-  how this does NOT happen when the base URL changes. --> <!--
-  http-origin privacy sensitive -->
+  user agent must run the following steps:</p> <!-- Note how this does
+  NOT happen when the base URL changes. -->
 
-  <!-- same text in <input type=image> section and similar text elsewhere -->
-  <p>Fetching the image must <span>delay the load event</span> of the
-  element's document until the <span title="concept-task">task</span>
-  that is <span title="queue a task">queued</span> by the
-  <span>networking task source</span> once the resource has been <span
-  title="fetch">fetched</span> (defined below) has been run.</p>
+  <ol>
 
-  <p class="warning">This, unfortunately, can be used to perform a
-  rudimentary port scan of the user's local network (especially in
-  conjunction with scripting, though scripting isn't actually
-  necessary to carry out such an attack). User agents may implement
-  <span title="origin">cross-origin</span> access control policies
-  that mitigate this attack.</p>
+   <li><p>If the element's <code title="attr-img-src">src</code>
+   attribute's value is the empty string, then <span>queue a
+   task</span> to <span>fire a simple event</span> named <code
+   title="event-error">error</code> at the <code>img</code> element,
+   and abort these steps.</p></li>
+
+   <li>
+
+    <p>Otherwise, <span title="resolve a url">resolve</span> the value
+    of that attribute, relative to the element, and if that is
+    successful must then <span>fetch</span> that resource.</p> <!--
+    http-origin privacy sensitive -->
+
+    <!-- same text in <input type=image> section and similar text
+    elsewhere --> <p>Fetching the image must <span>delay the load
+    event</span> of the element's document until the <span
+    title="concept-task">task</span> that is <span title="queue a
+    task">queued</span> by the <span>networking task source</span>
+    once the resource has been <span title="fetch">fetched</span> (<a
+    href="#img-load">defined below</a>) has been run.</p>
+
+    <p class="warning">This, unfortunately, can be used to perform a
+    rudimentary port scan of the user's local network (especially in
+    conjunction with scripting, though scripting isn't actually
+    necessary to carry out such an attack). User agents may implement
+    <span title="origin">cross-origin</span> access control policies
+    that mitigate this attack.</p>
+
+   </li>
+
+  </ol>
 
   <p>If the image is in a supported image type and its dimensions are
   known, then the image is said to be <dfn
@@ -19697,9 +19712,9 @@ interface <dfn>HTMLImageElement</dfn> : <span>HTMLElement</span> {
 
   <p>If the image was not fetched (e.g. because the UA's image support
   is disabled, or because the <code title="attr-img-src">src</code>
-  attribute's value is an <i>ignored self-reference</i>), or if the
-  conditions in the previous paragraph are not met, then the image is
-  <em>not</em> <i title="img-available">available</i>.</p>
+  attribute's value is the empty string, or if the conditions in the
+  previous paragraph are not met, then the image is <em>not</em> <i
+  title="img-available">available</i>.</p>
 
   <p class="note">An image might be <i
   title="img-available">available</i> in one <span>view</span> but not
@@ -19739,9 +19754,9 @@ interface <dfn>HTMLImageElement</dfn> : <span>HTMLElement</span> {
   <p>This specification does not specify which image types are to be
   supported.</p>
 
-  <p>The <span title="concept-task">task</span> that is <span
-  title="queue a task">queued</span> by the <span>networking task
-  source</span> once the resource has been <span
+  <p id="img-load">The <span title="concept-task">task</span> that is
+  <span title="queue a task">queued</span> by the <span>networking
+  task source</span> once the resource has been <span
   title="fetch">fetched</span>, must act as appropriate given the
   following alternatives:</p>