Skip to content
Permalink
Browse files
[acgiow] (0) Add a value for 'sandbox' that enables top-level navigat…
…ion.

git-svn-id: http://svn.whatwg.org/webapps@4862 340c8d12-0b0e-0410-8428-c7bf67bfef74
  • Loading branch information
Hixie committed Mar 24, 2010
1 parent 9ad9510 commit 686856a2ee041347a0f2dcfaf3516bd984875b79
Showing with 194 additions and 62 deletions.
  1. +63 −21 complete.html
  2. +63 −21 index
  3. +68 −20 source
@@ -169,7 +169,7 @@

<header class=head id=head><p><a class=logo href=http://www.whatwg.org/ rel=home><img alt=WHATWG src=/images/logo></a></p>
<hgroup><h1>Web Applications 1.0</h1>
<h2 class="no-num no-toc">Draft Standard &mdash; 23 March 2010</h2>
<h2 class="no-num no-toc">Draft Standard &mdash; 24 March 2010</h2>
</hgroup><p>You can take part in this work. <a href=http://www.whatwg.org/mailing-list>Join the working group's discussion list.</a></p>
<p><strong>Web designers!</strong> We have a <a href=http://blog.whatwg.org/faq/>FAQ</a>, a <a href=http://forums.whatwg.org/>forum</a>, and a <a href=http://www.whatwg.org/mailing-list#help>help mailing list</a> for you!</p>
<!--<p class="impl"><strong>Implementors!</strong> We have a <a href="http://www.whatwg.org/mailing-list#implementors">mailing list</a> for you too!</p>-->
@@ -20279,17 +20279,20 @@ <h4 id=the-iframe-element><span class=secno>4.8.2 </span>The <dfn><code>iframe</
any content hosted by the <code><a href=#the-iframe-element>iframe</a></code>. Its value must be an
<a href=#unordered-set-of-unique-space-separated-tokens>unordered set of unique space-separated tokens</a>. The
allowed values are <code title=attr-iframe-sandbox-allow-same-origin><a href=#attr-iframe-sandbox-allow-same-origin>allow-same-origin</a></code>,
<code title=attr-iframe-sandbox-allow-top-navigation><a href=#attr-iframe-sandbox-allow-top-navigation>allow-top-navigation</a></code>,
<code title=attr-iframe-sandbox-allow-forms><a href=#attr-iframe-sandbox-allow-forms>allow-forms</a></code>,
and <code title=attr-iframe-sandbox-allow-scripts><a href=#attr-iframe-sandbox-allow-scripts>allow-scripts</a></code>. When
the attribute is set, the content is treated as being from a unique
<a href=#origin>origin</a>, forms and scripts are disabled, links are
prevented from targeting other <a href=#browsing-context title="browsing
context">browsing contexts</a>, and plugins are disabled. The
<code title=attr-iframe-sandbox-allow-same-origin><a href=#attr-iframe-sandbox-allow-same-origin>allow-same-origin</a></code>
keyword allows the content to be treated as being from the same origin
instead of forcing it into a unique origin, and the <code title=attr-iframe-sandbox-allow-forms><a href=#attr-iframe-sandbox-allow-forms>allow-forms</a></code> and <code title=attr-iframe-sandbox-allow-scripts><a href=#attr-iframe-sandbox-allow-scripts>allow-scripts</a></code>
keywords re-enable forms and scripts respectively (though scripts are
still prevented from creating popups).</p>
keyword allows the content to be treated as being from the same
origin instead of forcing it into a unique origin, the <code title=attr-iframe-sandbox-allow-top-navigation><a href=#attr-iframe-sandbox-allow-top-navigation>allow-top-navigation</a></code>
keyword allows the content to <a href=#navigate>navigate</a> its
<a href=#top-level-browsing-context>top-level browsing context</a>, and the <code title=attr-iframe-sandbox-allow-forms><a href=#attr-iframe-sandbox-allow-forms>allow-forms</a></code> and <code title=attr-iframe-sandbox-allow-scripts><a href=#attr-iframe-sandbox-allow-scripts>allow-scripts</a></code>
keywords re-enable forms and scripts respectively (though scripts
are still prevented from creating popups).</p>

<p class=warning>Setting both the <code title=attr-iframe-sandbox-allow-scripts><a href=#attr-iframe-sandbox-allow-scripts>allow-scripts</a></code> and
<code title=attr-iframe-sandbox-allow-same-origin><a href=#attr-iframe-sandbox-allow-same-origin>allow-same-origin</a></code>
@@ -20328,7 +20331,9 @@ <h4 id=the-iframe-element><span class=secno>4.8.2 </span>The <dfn><code>iframe</
<p>This flag <a href=#sandboxLinks>prevents content from
navigating browsing contexts other than the sandboxed browsing
context itself</a> (or browsing contexts further nested inside
it).</p>
it), and the <a href=#top-level-browsing-context>top-level browsing context</a> (which is
protected by the <a href=#sandboxed-top-level-navigation-browsing-context-flag>sandboxed top-level navigation browsing
context flag</a> defined next).</p>

<p>This flag also <a href=#sandboxWindowOpen>prevents content
from creating new auxiliary browsing contexts</a>, e.g. using the
@@ -20338,6 +20343,26 @@ <h4 id=the-iframe-element><span class=secno>4.8.2 </span>The <dfn><code>iframe</
</dd>


<dt>The <dfn id=sandboxed-top-level-navigation-browsing-context-flag>sandboxed top-level navigation browsing context
flag</dfn>, unless the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attribute's value, when
<a href=#split-a-string-on-spaces title="split a string on spaces">split on spaces</a>, is
found to have the <dfn id=attr-iframe-sandbox-allow-top-navigation title=attr-iframe-sandbox-allow-top-navigation><code>allow-top-navigation</code></dfn>
keyword set</dt>

<dd>

<p>This flag <a href=#sandboxLinks>prevents content from
navigating their <span>top-level browsing context</span></a>.</p>

<p>When the <code title=attr-iframe-sandbox-allow-top-navigation><a href=#attr-iframe-sandbox-allow-top-navigation>allow-top-navigation</a></code>
is set, content can navigate its <a href=#top-level-browsing-context>top-level browsing
context</a>, but other <a href=#browsing-context title="browsing context">browsing
contexts</a> are still protected by the <a href=#sandboxed-navigation-browsing-context-flag>sandboxed
navigation browsing context flag</a> defined above.</p>

</dd>


<dt>The <dfn id=sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing context flag</dfn></dt>

<dd>
@@ -54768,21 +54793,38 @@ <h4 id=navigating-across-documents><span class=secno>6.5.1 </span>Navigating acr

<ol><li><p>Release the <a href=#storage-mutex>storage mutex</a>.</li>

<li id=sandboxLinks><p>If the <a href=#source-browsing-context>source browsing
context</a> is not the same as the <a href=#browsing-context>browsing context</a>
being navigated, and the <a href=#source-browsing-context>source browsing context</a> is
not one of the <a href=#ancestor-browsing-context title="ancestor browsing context">ancestor
browsing contexts</a> of the <a href=#browsing-context>browsing context</a> being
navigated, and the <a href=#source-browsing-context>source browsing context</a> had its
<a href=#sandboxed-navigation-browsing-context-flag>sandboxed navigation browsing context flag</a> set when
its <a href=#active-document>active document</a> was created, then abort these
steps. The user agent may offer to open the new resource in a new
<a href=#top-level-browsing-context>top-level browsing context</a> or in the <a href=#top-level-browsing-context>top-level
browsing context</a> of the <a href=#source-browsing-context>source browsing
context</a>, at the user's option, in which case the user agent
must <a href=#navigate>navigate</a> that designated <a href=#top-level-browsing-context>top-level browsing
context</a> to the new resource as if the user had requested it
independently.</li>
<li id=sandboxLinks>

<p>If the <a href=#source-browsing-context>source browsing context</a> is not the same as
the <a href=#browsing-context>browsing context</a> being navigated, and the
<a href=#source-browsing-context>source browsing context</a> is not one of the <a href=#ancestor-browsing-context title="ancestor browsing context">ancestor browsing
contexts</a> of the <a href=#browsing-context>browsing context</a> being
navigated, and the <a href=#browsing-context>browsing context</a> being navigated is
not both a <a href=#top-level-browsing-context>top-level browsing context</a> and one of the
<a href=#ancestor-browsing-context title="ancestor browsing context">ancestor browsing
contexts</a> of the <a href=#source-browsing-context>source browsing context</a>, and
the <a href=#source-browsing-context>source browsing context</a> had its <a href=#sandboxed-navigation-browsing-context-flag>sandboxed
navigation browsing context flag</a> set when its <a href=#active-document>active
document</a> was created, then abort these steps.</p>

<p>Otherwise, if the <a href=#browsing-context>browsing context</a> being navigated
is a <a href=#top-level-browsing-context>top-level browsing context</a>, and is one of the
<a href=#ancestor-browsing-context title="ancestor browsing context">ancestor browsing
contexts</a> of the <a href=#source-browsing-context>source browsing context</a>, and
the <a href=#source-browsing-context>source browsing context</a> had its <a href=#sandboxed-top-level-navigation-browsing-context-flag>sandboxed
top-level navigation browsing context flag</a> set when its
<a href=#active-document>active document</a> was created, then abort these
steps.</p>

<p>In both cases, the user agent may additionally offer to open
the new resource in a new <a href=#top-level-browsing-context>top-level browsing context</a>
or in the <a href=#top-level-browsing-context>top-level browsing context</a> of the
<a href=#source-browsing-context>source browsing context</a>, at the user's option, in
which case the user agent must <a href=#navigate>navigate</a> that
designated <a href=#top-level-browsing-context>top-level browsing context</a> to the new
resource as if the user had requested it independently.</p>

</li>

<li id=seamlessLinks><p>If the <a href=#source-browsing-context>source browsing
context</a> is the same as the <a href=#browsing-context>browsing context</a>
84 index
@@ -173,7 +173,7 @@

<header class=head id=head><p><a class=logo href=http://www.whatwg.org/ rel=home><img alt=WHATWG src=/images/logo></a></p>
<hgroup><h1>HTML5 (including next generation additions still in development)</h1>
<h2 class="no-num no-toc">Draft Standard &mdash; 23 March 2010</h2>
<h2 class="no-num no-toc">Draft Standard &mdash; 24 March 2010</h2>
</hgroup><p>You can take part in this work. <a href=http://www.whatwg.org/mailing-list>Join the working group's discussion list.</a></p>
<p><strong>Web designers!</strong> We have a <a href=http://blog.whatwg.org/faq/>FAQ</a>, a <a href=http://forums.whatwg.org/>forum</a>, and a <a href=http://www.whatwg.org/mailing-list#help>help mailing list</a> for you!</p>
<!--<p class="impl"><strong>Implementors!</strong> We have a <a href="http://www.whatwg.org/mailing-list#implementors">mailing list</a> for you too!</p>-->
@@ -20178,17 +20178,20 @@ href="?audio"&gt;audio&lt;/a&gt; test instead.)&lt;/p&gt;</pre>
any content hosted by the <code><a href=#the-iframe-element>iframe</a></code>. Its value must be an
<a href=#unordered-set-of-unique-space-separated-tokens>unordered set of unique space-separated tokens</a>. The
allowed values are <code title=attr-iframe-sandbox-allow-same-origin><a href=#attr-iframe-sandbox-allow-same-origin>allow-same-origin</a></code>,
<code title=attr-iframe-sandbox-allow-top-navigation><a href=#attr-iframe-sandbox-allow-top-navigation>allow-top-navigation</a></code>,
<code title=attr-iframe-sandbox-allow-forms><a href=#attr-iframe-sandbox-allow-forms>allow-forms</a></code>,
and <code title=attr-iframe-sandbox-allow-scripts><a href=#attr-iframe-sandbox-allow-scripts>allow-scripts</a></code>. When
the attribute is set, the content is treated as being from a unique
<a href=#origin>origin</a>, forms and scripts are disabled, links are
prevented from targeting other <a href=#browsing-context title="browsing
context">browsing contexts</a>, and plugins are disabled. The
<code title=attr-iframe-sandbox-allow-same-origin><a href=#attr-iframe-sandbox-allow-same-origin>allow-same-origin</a></code>
keyword allows the content to be treated as being from the same origin
instead of forcing it into a unique origin, and the <code title=attr-iframe-sandbox-allow-forms><a href=#attr-iframe-sandbox-allow-forms>allow-forms</a></code> and <code title=attr-iframe-sandbox-allow-scripts><a href=#attr-iframe-sandbox-allow-scripts>allow-scripts</a></code>
keywords re-enable forms and scripts respectively (though scripts are
still prevented from creating popups).</p>
keyword allows the content to be treated as being from the same
origin instead of forcing it into a unique origin, the <code title=attr-iframe-sandbox-allow-top-navigation><a href=#attr-iframe-sandbox-allow-top-navigation>allow-top-navigation</a></code>
keyword allows the content to <a href=#navigate>navigate</a> its
<a href=#top-level-browsing-context>top-level browsing context</a>, and the <code title=attr-iframe-sandbox-allow-forms><a href=#attr-iframe-sandbox-allow-forms>allow-forms</a></code> and <code title=attr-iframe-sandbox-allow-scripts><a href=#attr-iframe-sandbox-allow-scripts>allow-scripts</a></code>
keywords re-enable forms and scripts respectively (though scripts
are still prevented from creating popups).</p>

<p class=warning>Setting both the <code title=attr-iframe-sandbox-allow-scripts><a href=#attr-iframe-sandbox-allow-scripts>allow-scripts</a></code> and
<code title=attr-iframe-sandbox-allow-same-origin><a href=#attr-iframe-sandbox-allow-same-origin>allow-same-origin</a></code>
@@ -20227,7 +20230,9 @@ href="?audio"&gt;audio&lt;/a&gt; test instead.)&lt;/p&gt;</pre>
<p>This flag <a href=#sandboxLinks>prevents content from
navigating browsing contexts other than the sandboxed browsing
context itself</a> (or browsing contexts further nested inside
it).</p>
it), and the <a href=#top-level-browsing-context>top-level browsing context</a> (which is
protected by the <a href=#sandboxed-top-level-navigation-browsing-context-flag>sandboxed top-level navigation browsing
context flag</a> defined next).</p>

<p>This flag also <a href=#sandboxWindowOpen>prevents content
from creating new auxiliary browsing contexts</a>, e.g. using the
@@ -20237,6 +20242,26 @@ href="?audio"&gt;audio&lt;/a&gt; test instead.)&lt;/p&gt;</pre>
</dd>


<dt>The <dfn id=sandboxed-top-level-navigation-browsing-context-flag>sandboxed top-level navigation browsing context
flag</dfn>, unless the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attribute's value, when
<a href=#split-a-string-on-spaces title="split a string on spaces">split on spaces</a>, is
found to have the <dfn id=attr-iframe-sandbox-allow-top-navigation title=attr-iframe-sandbox-allow-top-navigation><code>allow-top-navigation</code></dfn>
keyword set</dt>

<dd>

<p>This flag <a href=#sandboxLinks>prevents content from
navigating their <span>top-level browsing context</span></a>.</p>

<p>When the <code title=attr-iframe-sandbox-allow-top-navigation><a href=#attr-iframe-sandbox-allow-top-navigation>allow-top-navigation</a></code>
is set, content can navigate its <a href=#top-level-browsing-context>top-level browsing
context</a>, but other <a href=#browsing-context title="browsing context">browsing
contexts</a> are still protected by the <a href=#sandboxed-navigation-browsing-context-flag>sandboxed
navigation browsing context flag</a> defined above.</p>

</dd>


<dt>The <dfn id=sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing context flag</dfn></dt>

<dd>
@@ -54670,21 +54695,38 @@ State: &lt;OUTPUT NAME=I&gt;1&lt;/OUTPUT&gt; &lt;INPUT VALUE="Increment" TYPE=BU

<ol><li><p>Release the <a href=#storage-mutex>storage mutex</a>.</li>

<li id=sandboxLinks><p>If the <a href=#source-browsing-context>source browsing
context</a> is not the same as the <a href=#browsing-context>browsing context</a>
being navigated, and the <a href=#source-browsing-context>source browsing context</a> is
not one of the <a href=#ancestor-browsing-context title="ancestor browsing context">ancestor
browsing contexts</a> of the <a href=#browsing-context>browsing context</a> being
navigated, and the <a href=#source-browsing-context>source browsing context</a> had its
<a href=#sandboxed-navigation-browsing-context-flag>sandboxed navigation browsing context flag</a> set when
its <a href=#active-document>active document</a> was created, then abort these
steps. The user agent may offer to open the new resource in a new
<a href=#top-level-browsing-context>top-level browsing context</a> or in the <a href=#top-level-browsing-context>top-level
browsing context</a> of the <a href=#source-browsing-context>source browsing
context</a>, at the user's option, in which case the user agent
must <a href=#navigate>navigate</a> that designated <a href=#top-level-browsing-context>top-level browsing
context</a> to the new resource as if the user had requested it
independently.</li>
<li id=sandboxLinks>

<p>If the <a href=#source-browsing-context>source browsing context</a> is not the same as
the <a href=#browsing-context>browsing context</a> being navigated, and the
<a href=#source-browsing-context>source browsing context</a> is not one of the <a href=#ancestor-browsing-context title="ancestor browsing context">ancestor browsing
contexts</a> of the <a href=#browsing-context>browsing context</a> being
navigated, and the <a href=#browsing-context>browsing context</a> being navigated is
not both a <a href=#top-level-browsing-context>top-level browsing context</a> and one of the
<a href=#ancestor-browsing-context title="ancestor browsing context">ancestor browsing
contexts</a> of the <a href=#source-browsing-context>source browsing context</a>, and
the <a href=#source-browsing-context>source browsing context</a> had its <a href=#sandboxed-navigation-browsing-context-flag>sandboxed
navigation browsing context flag</a> set when its <a href=#active-document>active
document</a> was created, then abort these steps.</p>

<p>Otherwise, if the <a href=#browsing-context>browsing context</a> being navigated
is a <a href=#top-level-browsing-context>top-level browsing context</a>, and is one of the
<a href=#ancestor-browsing-context title="ancestor browsing context">ancestor browsing
contexts</a> of the <a href=#source-browsing-context>source browsing context</a>, and
the <a href=#source-browsing-context>source browsing context</a> had its <a href=#sandboxed-top-level-navigation-browsing-context-flag>sandboxed
top-level navigation browsing context flag</a> set when its
<a href=#active-document>active document</a> was created, then abort these
steps.</p>

<p>In both cases, the user agent may additionally offer to open
the new resource in a new <a href=#top-level-browsing-context>top-level browsing context</a>
or in the <a href=#top-level-browsing-context>top-level browsing context</a> of the
<a href=#source-browsing-context>source browsing context</a>, at the user's option, in
which case the user agent must <a href=#navigate>navigate</a> that
designated <a href=#top-level-browsing-context>top-level browsing context</a> to the new
resource as if the user had requested it independently.</p>

</li>

<li id=seamlessLinks><p>If the <a href=#source-browsing-context>source browsing
context</a> is the same as the <a href=#browsing-context>browsing context</a>
Loading

0 comments on commit 686856a

Please sign in to comment.