Browse files

[giow] (2) Prevent cross-origin javascript: navigation of browsing co…

…ntexts. Define the base URL and document's address of pages generated by javascript: URLs. Minor editorial tweaks.

git-svn-id: http://svn.whatwg.org/webapps@2683 340c8d12-0b0e-0410-8428-c7bf67bfef74
  • Loading branch information...
1 parent 4158511 commit 4ec2ac80df1035b99df24c217af6ebd881685224 @Hixie Hixie committed Jan 21, 2009
Showing with 51 additions and 67 deletions.
  1. +25 −32 index
  2. +26 −35 source
View
57 index
@@ -34937,24 +34937,10 @@ JSURL: http://ietfreport.isoc.org/all-ids/draft-hoehrmann-javascript-scheme-00.t
<i><a href=#initial-code-entry-point>initial code entry-point</a></i> of this <a href=#concept-script title=concept-script>script</a>. If an exception was
raised, let <var title="">result</var> be void instead.</p>
- </dd>
-
- <dt>If a <a href=#browsing-context>browsing context</a> is being <a href=#navigate title=navigate>navigated</a> to a <code>javascript:</code>
- URL, and the <a href=#active-document>active document</a> of that browsing
- context has an <a href=#origin-0>origin</a> that is <em>not</em> the <a href=#same-origin title="same origin">same</a> as that of the script given by
- the URL</dt>
-
- <dd>
-
- <p><a href=#create-an-impotent-script>Create an impotent script</a> using the
- aforementioned script source, with the scripting language set to
- JavaScript, and with the <a href=#browsing-context>browsing context</a> being
- <a href=#navigate title=navigate>navigated</a> as the browsing
- context.</p>
-
- <p>Let <var title="">result</var> be the return value of the
- <i><a href=#initial-code-entry-point>initial code entry-point</a></i> of this <a href=#concept-script title=concept-script>script</a>. If an exception was
- raised, let <var title="">result</var> be void instead.</p>
+ <p>When it comes time to <a href="#set-the-document's-address">set the document's address</a>
+ in the <a href=#navigate title=navigate>navigation algorithm</a>, use
+ the <a href="#script's-base-url">script's base URL</a> as the <a href=#override-url>override
+ URL</a>.</p>
</dd>
@@ -38499,17 +38485,11 @@ user reload must be equivalent to .reload()
<p>If <var title="">candidate</var> is not marked as <a href=#concept-appcache-foreign title=concept-appcache-foreign>foreign</a>, then the user
agent must discard the failed load and instead continue along
these steps using <var title="">candidate</var> as the
- resource.</p>
-
- <p>For the purposes of session history (and features that depend
- on session history, e.g. bookmarking) the user agent must use the
- URL of the resource that was requested (the one that matched the
- <a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>fallback
- namespace</a>), not the fallback resource, as the resource's
- <a href="#the-document's-address" title="the document's address">address</a>. However, the
- user agent may indicate to the user that the original page load
- failed, that the page used was a fallback resource, and what the
- URL of the fallback resource actually is.</p>
+ resource. <a href="#the-document's-address">The document's address</a>, if appropriate,
+ will still be the originally requested URL, not the fallback URL,
+ but the user agent may indicate to the user that the original page
+ load failed, that the page used was a fallback resource, and what
+ the URL of the fallback resource actually is.</p>
</li>
@@ -38582,15 +38562,23 @@ user reload must be equivalent to .reload()
<dd>Follow the steps given in the <a href=#read-plugin title=navigate-plugin>plugin</a> section, and abort these
steps.</dd>
- </dl><p>Any <code>Document</code> created by these steps must have its
- <a href="#the-document's-address" title="the document's address">address</a> set to the
+ </dl><p><dfn id="set-the-document's-address" title="set the document's address">Setting the document's
+ address</dfn>: If there is no <dfn id=override-url>override URL</dfn>, then any
+ <code>Document</code> created by these steps must have its <a href="#the-document's-address" title="the document's address">address</a> set to the
<a href=#url>URL</a> that was originally to be <a href=#fetch title=fetch>fetched</a>, ignoring any other data that was
used to obtain the resource (e.g. the entity body in the case of a
POST submission is not part of <a href="#the-document's-address">the document's
address</a>, nor is the URL of the fallback resource in the
case of the original load having failed and that URL having been
found to match a <a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>fallback
- namespace</a>).</p>
+ namespace</a>). However, if there <em>is</em> an <a href=#override-url>override
+ URL</a>, then any <code>Document</code> created by these steps
+ must have its <a href="#the-document's-address" title="the document's address">address</a>
+ set to that <a href=#url>URL</a> instead.</p>
+
+ <p class=note>An <a href=#override-url title="override URL">override URL</a>
+ is set when <a href=#concept-js-deref title=concept-js-deref>dereferencing a
+ <code>javascript:</code> URL</a>.</p>
</li>
@@ -56204,6 +56192,11 @@ TODO (or delay):
http://code.google.com/p/support/issues/detail?id=1#makechanges
XXX * become more consistent about what markup we use to mark up
productions (nothing? <i>? <code>?)
+ XXX * expose the value of a radio button group
+ - either on the NodeList returned by HTMLFormControlCollection
+ - or on the radio button itself
+ - or both, so it works even when the form controls have names
+ that vary more than HTMLFormControlCollection allows?
-->
View
61 source
@@ -39723,27 +39723,10 @@ JSURL: http://ietfreport.isoc.org/all-ids/draft-hoehrmann-javascript-scheme-00.t
title="concept-script">script</span>. If an exception was
raised, let <var title="">result</var> be void instead.</p>
- </dd>
-
- <dt>If a <span>browsing context</span> is being <span
- title="navigate">navigated</span> to a <code>javascript:</code>
- URL, and the <span>active document</span> of that browsing
- context has an <span>origin</span> that is <em>not</em> the <span
- title="same origin">same</span> as that of the script given by
- the URL</dt>
-
- <dd>
-
- <p><span>Create an impotent script</span> using the
- aforementioned script source, with the scripting language set to
- JavaScript, and with the <span>browsing context</span> being
- <span title="navigate">navigated</span> as the browsing
- context.</p>
-
- <p>Let <var title="">result</var> be the return value of the
- <i>initial code entry-point</i> of this <span
- title="concept-script">script</span>. If an exception was
- raised, let <var title="">result</var> be void instead.</p>
+ <p>When it comes time to <span>set the document's address</span>
+ in the <span title="navigate">navigation algorithm</span>, use
+ the <span>script's base URL</span> as the <span>override
+ URL</span>.</p>
</dd>
@@ -43838,17 +43821,11 @@ user reload must be equivalent to .reload()
title="concept-appcache-foreign">foreign</span>, then the user
agent must discard the failed load and instead continue along
these steps using <var title="">candidate</var> as the
- resource.</p>
-
- <p>For the purposes of session history (and features that depend
- on session history, e.g. bookmarking) the user agent must use the
- URL of the resource that was requested (the one that matched the
- <span title="concept-appcache-fallback-ns">fallback
- namespace</span>), not the fallback resource, as the resource's
- <span title="the document's address">address</span>. However, the
- user agent may indicate to the user that the original page load
- failed, that the page used was a fallback resource, and what the
- URL of the fallback resource actually is.</p>
+ resource. <span>The document's address</span>, if appropriate,
+ will still be the originally requested URL, not the fallback URL,
+ but the user agent may indicate to the user that the original page
+ load failed, that the page used was a fallback resource, and what
+ the URL of the fallback resource actually is.</p>
</li>
@@ -43931,8 +43908,10 @@ user reload must be equivalent to .reload()
</dl>
- <p>Any <code>Document</code> created by these steps must have its
- <span title="the document's address">address</span> set to the
+ <p><dfn title="set the document's address">Setting the document's
+ address</dfn>: If there is no <dfn>override URL</dfn>, then any
+ <code>Document</code> created by these steps must have its <span
+ title="the document's address">address</span> set to the
<span>URL</span> that was originally to be <span
title="fetch">fetched</span>, ignoring any other data that was
used to obtain the resource (e.g. the entity body in the case of a
@@ -43941,7 +43920,14 @@ user reload must be equivalent to .reload()
case of the original load having failed and that URL having been
found to match a <span
title="concept-appcache-fallback-ns">fallback
- namespace</span>).</p>
+ namespace</span>). However, if there <em>is</em> an <span>override
+ URL</span>, then any <code>Document</code> created by these steps
+ must have its <span title="the document's address">address</span>
+ set to that <span>URL</span> instead.</p>
+
+ <p class="note">An <span title="override URL">override URL</span>
+ is set when <span title="concept-js-deref">dereferencing a
+ <code>javascript:</code> URL</span>.</p>
</li>
@@ -61469,6 +61455,11 @@ TODO (or delay):
http://code.google.com/p/support/issues/detail?id=1#makechanges
XXX * become more consistent about what markup we use to mark up
productions (nothing? <i>? <code>?)
+ XXX * expose the value of a radio button group
+ - either on the NodeList returned by HTMLFormControlCollection
+ - or on the radio button itself
+ - or both, so it works even when the form controls have names
+ that vary more than HTMLFormControlCollection allows?
-->
</body>

0 comments on commit 4ec2ac8

Please sign in to comment.