Skip to content
Permalink
Browse files

[giow] (3) More security fixes: Location is now entirely Unforgeable,…

… and wording for some other security paragraphs is now consistent.

Affected topics: DOM APIs, Security, Web Storage

git-svn-id: http://svn.whatwg.org/webapps@7515 340c8d12-0b0e-0410-8428-c7bf67bfef74
  • Loading branch information...
Hixie committed Nov 20, 2012
1 parent 624dafd commit 5f17db455453c3610db2e6d8a244bf200d223932
Showing with 58 additions and 85 deletions.
  1. +19 −28 complete.html
  2. +19 −28 index
  3. +20 −29 source
<!--ADD-TOPIC:Security-->
<h4 id=security-document><span class=secno>3.1.2 </span>Security</h4>

<p id=security>User agents <span class=impl>must</span> throw a
<code><a href=#securityerror>SecurityError</a></code> exception whenever any properties of a
<code><a href=#document>Document</a></code> object are accessed by scripts whose
<a href=#effective-script-origin>effective script origin</a> is not the <a href=#same-origin title="same
origin">same</a> as the <code><a href=#document>Document</a></code>'s <a href=#effective-script-origin>effective
script origin</a>.</p>
<p id=security>User agents must throw a <code><a href=#securityerror>SecurityError</a></code> exception whenever any
properties of a <code><a href=#document>Document</a></code> object are accessed by scripts whose <a href=#effective-script-origin>effective script
origin</a> is not the <a href=#same-origin title="same origin">same</a> as the <code><a href=#document>Document</a></code>'s
<a href=#effective-script-origin>effective script origin</a>.</p>
<!--REMOVE-TOPIC:Security-->



<h4 id=security-window><span class=secno>6.2.1 </span>Security</h4>

<p id=security-2>User agents must throw a
<code><a href=#securityerror>SecurityError</a></code> exception whenever any properties of a
<code><a href=#window>Window</a></code> object are accessed by scripts whose
<a href=#effective-script-origin>effective script origin</a> is not the same as the
<code><a href=#window>Window</a></code> object's <code><a href=#document>Document</a></code>'s <a href=#effective-script-origin>effective
script origin</a>, with the following exceptions:</p>
<p id=security-2>User agents must throw a <code><a href=#securityerror>SecurityError</a></code> exception whenever any
properties of a <code><a href=#window>Window</a></code> object are accessed by scripts whose <a href=#effective-script-origin>effective script
origin</a> is not the <a href=#same-origin title="same origin">same</a> as the <code><a href=#window>Window</a></code> object's
<code><a href=#document>Document</a></code>'s <a href=#effective-script-origin>effective script origin</a>, with the following exceptions:</p>

<ul><li>The <code title=dom-location><a href=#dom-location>location</a></code> attribute

<a href=#browsing-context>browsing context</a>, and allow the <a href=#current-entry>current entry</a> of the <a href=#browsing-context>browsing
context</a>'s session history to be changed, by adding or replacing entries in the <code title=dom-history><a href=#dom-history>history</a></code> object.</p>

<pre class=idl>interface <dfn id=location>Location</dfn> {
<pre class=idl>[Unforgeable] interface <dfn id=location>Location</dfn> {
stringifier attribute DOMString <a href=#dom-location-href title=dom-location-href>href</a>;
void <a href=#dom-location-assign title=dom-location-assign>assign</a>(DOMString url);
void <a href=#dom-location-replace title=dom-location-replace>replace</a>(DOMString url);

<h5 id=security-location><span class=secno>6.5.3.1 </span>Security</h5>

<p id=security-3>User agents must throw a
<code><a href=#securityerror>SecurityError</a></code> exception whenever any of the members of a
<code><a href=#location>Location</a></code> object are accessed by scripts whose
<a href=#effective-script-origin>effective script origin</a> is not the <a href=#same-origin title="same
origin">same</a> as the <code><a href=#location>Location</a></code> object's associated
<code><a href=#document>Document</a></code>'s <a href=#effective-script-origin>effective script origin</a>, with
the following exceptions:</p>
<p id=security-3>User agents must throw a <code><a href=#securityerror>SecurityError</a></code> exception whenever any
properties of a <code><a href=#location>Location</a></code> object are accessed by scripts whose <a href=#effective-script-origin>effective script
origin</a> is not the <a href=#same-origin title="same origin">same</a> as the <code><a href=#location>Location</a></code>
object's associated <code><a href=#document>Document</a></code>'s <a href=#effective-script-origin>effective script origin</a>, with the
following exceptions:</p>

<ul><li>The <code title=dom-location-href><a href=#dom-location-href>href</a></code> setter, if the
script is running in a <a href=#browsing-context>browsing context</a> that is
<!--ADD-TOPIC:Security-->
<h5 id=security-localStorage><span class=secno>11.2.3.1 </span>Security</h5>

<p>User agents must throw a <code><a href=#securityerror>SecurityError</a></code> exception
whenever any of the members of a <code><a href=#storage-0>Storage</a></code> object
originally returned by the <code title=dom-localStorage><a href=#dom-localstorage>localStorage</a></code> attribute are accessed
by scripts whose <a href=#effective-script-origin>effective script origin</a> is not the
<a href=#same-origin title="same origin">same</a> as the <a href=#origin>origin</a> of
the <code><a href=#document>Document</a></code> of the <code><a href=#window>Window</a></code> object on which
the <code title=dom-localStorage><a href=#dom-localstorage>localStorage</a></code> attribute was
accessed.</p>
<p>User agents must throw a <code><a href=#securityerror>SecurityError</a></code> exception whenever any properties of a
<code><a href=#storage-0>Storage</a></code> object originally returned by the <code title=dom-localStorage><a href=#dom-localstorage>localStorage</a></code> attribute are accessed by scripts whose
<a href=#effective-script-origin>effective script origin</a> is not the <a href=#same-origin title="same origin">same</a> as the
<a href=#origin>origin</a> of the <code><a href=#document>Document</a></code> of the <code><a href=#window>Window</a></code> object on which the
<code title=dom-localStorage><a href=#dom-localstorage>localStorage</a></code> attribute was accessed.</p>

<p class=note>This means <code><a href=#storage-0>Storage</a></code> objects are neutered
when the <code title=dom-document-domain><a href=#dom-document-domain>document.domain</a></code>
47 index
<!--ADD-TOPIC:Security-->
<h4 id=security-document><span class=secno>3.1.2 </span>Security</h4>

<p id=security>User agents <span class=impl>must</span> throw a
<code><a href=#securityerror>SecurityError</a></code> exception whenever any properties of a
<code><a href=#document>Document</a></code> object are accessed by scripts whose
<a href=#effective-script-origin>effective script origin</a> is not the <a href=#same-origin title="same
origin">same</a> as the <code><a href=#document>Document</a></code>'s <a href=#effective-script-origin>effective
script origin</a>.</p>
<p id=security>User agents must throw a <code><a href=#securityerror>SecurityError</a></code> exception whenever any
properties of a <code><a href=#document>Document</a></code> object are accessed by scripts whose <a href=#effective-script-origin>effective script
origin</a> is not the <a href=#same-origin title="same origin">same</a> as the <code><a href=#document>Document</a></code>'s
<a href=#effective-script-origin>effective script origin</a>.</p>
<!--REMOVE-TOPIC:Security-->



<h4 id=security-window><span class=secno>6.2.1 </span>Security</h4>

<p id=security-2>User agents must throw a
<code><a href=#securityerror>SecurityError</a></code> exception whenever any properties of a
<code><a href=#window>Window</a></code> object are accessed by scripts whose
<a href=#effective-script-origin>effective script origin</a> is not the same as the
<code><a href=#window>Window</a></code> object's <code><a href=#document>Document</a></code>'s <a href=#effective-script-origin>effective
script origin</a>, with the following exceptions:</p>
<p id=security-2>User agents must throw a <code><a href=#securityerror>SecurityError</a></code> exception whenever any
properties of a <code><a href=#window>Window</a></code> object are accessed by scripts whose <a href=#effective-script-origin>effective script
origin</a> is not the <a href=#same-origin title="same origin">same</a> as the <code><a href=#window>Window</a></code> object's
<code><a href=#document>Document</a></code>'s <a href=#effective-script-origin>effective script origin</a>, with the following exceptions:</p>

<ul><li>The <code title=dom-location><a href=#dom-location>location</a></code> attribute

<a href=#browsing-context>browsing context</a>, and allow the <a href=#current-entry>current entry</a> of the <a href=#browsing-context>browsing
context</a>'s session history to be changed, by adding or replacing entries in the <code title=dom-history><a href=#dom-history>history</a></code> object.</p>

<pre class=idl>interface <dfn id=location>Location</dfn> {
<pre class=idl>[Unforgeable] interface <dfn id=location>Location</dfn> {
stringifier attribute DOMString <a href=#dom-location-href title=dom-location-href>href</a>;
void <a href=#dom-location-assign title=dom-location-assign>assign</a>(DOMString url);
void <a href=#dom-location-replace title=dom-location-replace>replace</a>(DOMString url);

<h5 id=security-location><span class=secno>6.5.3.1 </span>Security</h5>

<p id=security-3>User agents must throw a
<code><a href=#securityerror>SecurityError</a></code> exception whenever any of the members of a
<code><a href=#location>Location</a></code> object are accessed by scripts whose
<a href=#effective-script-origin>effective script origin</a> is not the <a href=#same-origin title="same
origin">same</a> as the <code><a href=#location>Location</a></code> object's associated
<code><a href=#document>Document</a></code>'s <a href=#effective-script-origin>effective script origin</a>, with
the following exceptions:</p>
<p id=security-3>User agents must throw a <code><a href=#securityerror>SecurityError</a></code> exception whenever any
properties of a <code><a href=#location>Location</a></code> object are accessed by scripts whose <a href=#effective-script-origin>effective script
origin</a> is not the <a href=#same-origin title="same origin">same</a> as the <code><a href=#location>Location</a></code>
object's associated <code><a href=#document>Document</a></code>'s <a href=#effective-script-origin>effective script origin</a>, with the
following exceptions:</p>

<ul><li>The <code title=dom-location-href><a href=#dom-location-href>href</a></code> setter, if the
script is running in a <a href=#browsing-context>browsing context</a> that is
<!--ADD-TOPIC:Security-->
<h5 id=security-localStorage><span class=secno>11.2.3.1 </span>Security</h5>

<p>User agents must throw a <code><a href=#securityerror>SecurityError</a></code> exception
whenever any of the members of a <code><a href=#storage-0>Storage</a></code> object
originally returned by the <code title=dom-localStorage><a href=#dom-localstorage>localStorage</a></code> attribute are accessed
by scripts whose <a href=#effective-script-origin>effective script origin</a> is not the
<a href=#same-origin title="same origin">same</a> as the <a href=#origin>origin</a> of
the <code><a href=#document>Document</a></code> of the <code><a href=#window>Window</a></code> object on which
the <code title=dom-localStorage><a href=#dom-localstorage>localStorage</a></code> attribute was
accessed.</p>
<p>User agents must throw a <code><a href=#securityerror>SecurityError</a></code> exception whenever any properties of a
<code><a href=#storage-0>Storage</a></code> object originally returned by the <code title=dom-localStorage><a href=#dom-localstorage>localStorage</a></code> attribute are accessed by scripts whose
<a href=#effective-script-origin>effective script origin</a> is not the <a href=#same-origin title="same origin">same</a> as the
<a href=#origin>origin</a> of the <code><a href=#document>Document</a></code> of the <code><a href=#window>Window</a></code> object on which the
<code title=dom-localStorage><a href=#dom-localstorage>localStorage</a></code> attribute was accessed.</p>

<p class=note>This means <code><a href=#storage-0>Storage</a></code> objects are neutered
when the <code title=dom-document-domain><a href=#dom-document-domain>document.domain</a></code>
49 source
<!--ADD-TOPIC:Security-->
<h4 id="security-document">Security</h4>

<p id="security">User agents <span class="impl">must</span> throw a
<code>SecurityError</code> exception whenever any properties of a
<code>Document</code> object are accessed by scripts whose
<span>effective script origin</span> is not the <span title="same
origin">same</span> as the <code>Document</code>'s <span>effective
script origin</span>.</p>
<p id="security">User agents must throw a <code>SecurityError</code> exception whenever any
properties of a <code>Document</code> object are accessed by scripts whose <span>effective script
origin</span> is not the <span title="same origin">same</span> as the <code>Document</code>'s
<span>effective script origin</span>.</p>
<!--REMOVE-TOPIC:Security-->



<h4 id="security-window">Security</h4>

<p id="security-2">User agents must throw a
<code>SecurityError</code> exception whenever any properties of a
<code>Window</code> object are accessed by scripts whose
<span>effective script origin</span> is not the same as the
<code>Window</code> object's <code>Document</code>'s <span>effective
script origin</span>, with the following exceptions:</p>
<p id="security-2">User agents must throw a <code>SecurityError</code> exception whenever any
properties of a <code>Window</code> object are accessed by scripts whose <span>effective script
origin</span> is not the <span title="same origin">same</span> as the <code>Window</code> object's
<code>Document</code>'s <span>effective script origin</span>, with the following exceptions:</p>

<ul>

context</span>'s session history to be changed, by adding or replacing entries in the <code
title="dom-history">history</code> object.</p>

<pre class="idl">interface <dfn>Location</dfn> {
<pre class="idl">[Unforgeable] interface <dfn>Location</dfn> {
stringifier attribute DOMString <span title="dom-location-href">href</span>;
void <span title="dom-location-assign">assign</span>(DOMString url);
void <span title="dom-location-replace">replace</span>(DOMString url);

<h5 id="security-location">Security</h5>

<p id="security-3">User agents must throw a
<code>SecurityError</code> exception whenever any of the members of a
<code>Location</code> object are accessed by scripts whose
<span>effective script origin</span> is not the <span title="same
origin">same</span> as the <code>Location</code> object's associated
<code>Document</code>'s <span>effective script origin</span>, with
the following exceptions:</p>
<p id="security-3">User agents must throw a <code>SecurityError</code> exception whenever any
properties of a <code>Location</code> object are accessed by scripts whose <span>effective script
origin</span> is not the <span title="same origin">same</span> as the <code>Location</code>
object's associated <code>Document</code>'s <span>effective script origin</span>, with the
following exceptions:</p>

<ul>

<!--ADD-TOPIC:Security-->
<h6 id="security-localStorage">Security</h6>

<p>User agents must throw a <code>SecurityError</code> exception
whenever any of the members of a <code>Storage</code> object
originally returned by the <code
title="dom-localStorage">localStorage</code> attribute are accessed
by scripts whose <span>effective script origin</span> is not the
<span title="same origin">same</span> as the <span>origin</span> of
the <code>Document</code> of the <code>Window</code> object on which
the <code title="dom-localStorage">localStorage</code> attribute was
accessed.</p>
<p>User agents must throw a <code>SecurityError</code> exception whenever any properties of a
<code>Storage</code> object originally returned by the <code
title="dom-localStorage">localStorage</code> attribute are accessed by scripts whose
<span>effective script origin</span> is not the <span title="same origin">same</span> as the
<span>origin</span> of the <code>Document</code> of the <code>Window</code> object on which the
<code title="dom-localStorage">localStorage</code> attribute was accessed.</p>

<p class="note">This means <code>Storage</code> objects are neutered
when the <code title="dom-document-domain">document.domain</code>

0 comments on commit 5f17db4

Please sign in to comment.
You can’t perform that action at this time.