Skip to content

/ html

Permalink
Browse files

[giow] (2) Prevent cross-origin javascript: navigation of browsing co… 

…ntexts. Define the base URL and document's address of pages generated by javascript: URLs. Minor editorial tweaks.

git-svn-id: http://svn.whatwg.org/webapps@2683 340c8d12-0b0e-0410-8428-c7bf67bfef74
  • Loading branch information
@Hixie
Hixie committed Jan 21, 2009
1 parent 4158511 commit 4ec2ac80df1035b99df24c217af6ebd881685224
Unified Split
Showing with 51 additions and 67 deletions.
  1. +25 −32 index
  2. +26 −35 source
57 index
View file
<i><a href=#initial-code-entry-point>initial code entry-point</a></i> of this <a href=#concept-script title=concept-script>script</a>. If an exception was
raised, let <var title="">result</var> be void instead.</p>

</dd>

<dt>If a <a href=#browsing-context>browsing context</a> is being <a href=#navigate title=navigate>navigated</a> to a <code>javascript:</code>
URL, and the <a href=#active-document>active document</a> of that browsing
context has an <a href=#origin-0>origin</a> that is <em>not</em> the <a href=#same-origin title="same origin">same</a> as that of the script given by
the URL</dt>

<dd>

<p><a href=#create-an-impotent-script>Create an impotent script</a> using the
aforementioned script source, with the scripting language set to
JavaScript, and with the <a href=#browsing-context>browsing context</a> being
<a href=#navigate title=navigate>navigated</a> as the browsing
context.</p>

<p>Let <var title="">result</var> be the return value of the
<i><a href=#initial-code-entry-point>initial code entry-point</a></i> of this <a href=#concept-script title=concept-script>script</a>. If an exception was
raised, let <var title="">result</var> be void instead.</p>
<p>When it comes time to <a href="#set-the-document's-address">set the document's address</a>
in the <a href=#navigate title=navigate>navigation algorithm</a>, use
the <a href="#script's-base-url">script's base URL</a> as the <a href=#override-url>override
URL</a>.</p>

</dd>

<p>If <var title="">candidate</var> is not marked as <a href=#concept-appcache-foreign title=concept-appcache-foreign>foreign</a>, then the user
agent must discard the failed load and instead continue along
these steps using <var title="">candidate</var> as the
resource.</p>

<p>For the purposes of session history (and features that depend
on session history, e.g. bookmarking) the user agent must use the
URL of the resource that was requested (the one that matched the
<a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>fallback
namespace</a>), not the fallback resource, as the resource's
<a href="#the-document's-address" title="the document's address">address</a>. However, the
user agent may indicate to the user that the original page load
failed, that the page used was a fallback resource, and what the
URL of the fallback resource actually is.</p>
resource. <a href="#the-document's-address">The document's address</a>, if appropriate,
will still be the originally requested URL, not the fallback URL,
but the user agent may indicate to the user that the original page
load failed, that the page used was a fallback resource, and what
the URL of the fallback resource actually is.</p>

</li>

<dd>Follow the steps given in the <a href=#read-plugin title=navigate-plugin>plugin</a> section, and abort these
steps.</dd>

</dl><p>Any <code>Document</code> created by these steps must have its
<a href="#the-document's-address" title="the document's address">address</a> set to the
</dl><p><dfn id="set-the-document's-address" title="set the document's address">Setting the document's
address</dfn>: If there is no <dfn id=override-url>override URL</dfn>, then any
<code>Document</code> created by these steps must have its <a href="#the-document's-address" title="the document's address">address</a> set to the
<a href=#url>URL</a> that was originally to be <a href=#fetch title=fetch>fetched</a>, ignoring any other data that was
used to obtain the resource (e.g. the entity body in the case of a
POST submission is not part of <a href="#the-document's-address">the document's
address</a>, nor is the URL of the fallback resource in the
case of the original load having failed and that URL having been
found to match a <a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>fallback
namespace</a>).</p>
namespace</a>). However, if there <em>is</em> an <a href=#override-url>override
URL</a>, then any <code>Document</code> created by these steps
must have its <a href="#the-document's-address" title="the document's address">address</a>
set to that <a href=#url>URL</a> instead.</p>

<p class=note>An <a href=#override-url title="override URL">override URL</a>
is set when <a href=#concept-js-deref title=concept-js-deref>dereferencing a
<code>javascript:</code> URL</a>.</p>

</li>

http://code.google.com/p/support/issues/detail?id=1#makechanges
XXX * become more consistent about what markup we use to mark up
productions (nothing? <i>? <code>?)
XXX * expose the value of a radio button group
- either on the NodeList returned by HTMLFormControlCollection
- or on the radio button itself
- or both, so it works even when the form controls have names
that vary more than HTMLFormControlCollection allows?
-->


61 source
View file
title="concept-script">script</span>. If an exception was
raised, let <var title="">result</var> be void instead.</p>

</dd>

<dt>If a <span>browsing context</span> is being <span
title="navigate">navigated</span> to a <code>javascript:</code>
URL, and the <span>active document</span> of that browsing
context has an <span>origin</span> that is <em>not</em> the <span
title="same origin">same</span> as that of the script given by
the URL</dt>

<dd>

<p><span>Create an impotent script</span> using the
aforementioned script source, with the scripting language set to
JavaScript, and with the <span>browsing context</span> being
<span title="navigate">navigated</span> as the browsing
context.</p>

<p>Let <var title="">result</var> be the return value of the
<i>initial code entry-point</i> of this <span
title="concept-script">script</span>. If an exception was
raised, let <var title="">result</var> be void instead.</p>
<p>When it comes time to <span>set the document's address</span>
in the <span title="navigate">navigation algorithm</span>, use
the <span>script's base URL</span> as the <span>override
URL</span>.</p>

</dd>

title="concept-appcache-foreign">foreign</span>, then the user
agent must discard the failed load and instead continue along
these steps using <var title="">candidate</var> as the
resource.</p>

<p>For the purposes of session history (and features that depend
on session history, e.g. bookmarking) the user agent must use the
URL of the resource that was requested (the one that matched the
<span title="concept-appcache-fallback-ns">fallback
namespace</span>), not the fallback resource, as the resource's
<span title="the document's address">address</span>. However, the
user agent may indicate to the user that the original page load
failed, that the page used was a fallback resource, and what the
URL of the fallback resource actually is.</p>
resource. <span>The document's address</span>, if appropriate,
will still be the originally requested URL, not the fallback URL,
but the user agent may indicate to the user that the original page
load failed, that the page used was a fallback resource, and what
the URL of the fallback resource actually is.</p>

</li>


</dl>

<p>Any <code>Document</code> created by these steps must have its
<span title="the document's address">address</span> set to the
<p><dfn title="set the document's address">Setting the document's
address</dfn>: If there is no <dfn>override URL</dfn>, then any
<code>Document</code> created by these steps must have its <span
title="the document's address">address</span> set to the
<span>URL</span> that was originally to be <span
title="fetch">fetched</span>, ignoring any other data that was
used to obtain the resource (e.g. the entity body in the case of a
case of the original load having failed and that URL having been
found to match a <span
title="concept-appcache-fallback-ns">fallback
namespace</span>).</p>
namespace</span>). However, if there <em>is</em> an <span>override
URL</span>, then any <code>Document</code> created by these steps
must have its <span title="the document's address">address</span>
set to that <span>URL</span> instead.</p>

<p class="note">An <span title="override URL">override URL</span>
is set when <span title="concept-js-deref">dereferencing a
<code>javascript:</code> URL</span>.</p>

</li>

http://code.google.com/p/support/issues/detail?id=1#makechanges
XXX * become more consistent about what markup we use to mark up
productions (nothing? <i>? <code>?)
XXX * expose the value of a radio button group
- either on the NodeList returned by HTMLFormControlCollection
- or on the radio button itself
- or both, so it works even when the form controls have names
that vary more than HTMLFormControlCollection allows?
-->

</body>

0 comments on commit 4ec2ac8

Please sign in to comment.
You can’t perform that action at this time.