Skip to content
Permalink
Browse files

Make allowfullscreen and allowusermedia match implementations

Fullscreen sandboxing was never implemented and it appears there are no
immediate plans for it by either Google or Mozilla. So let’s remove it.
Fixes #1240.

This also removes sandboxing for getUserMedia() as that meant to follow
the example set by fullscreen. A feature that can be allowed in nested
browsing contexts, is not by default, and does not require sandboxing
to be enabled for it to be allowed.

Furthermore, the way allowfullscreen works in implementations is by
dynamically checking the attribute. That requires moving to an “allowed
to use” algorithm rather than using a fullscreen enabled flag. The
fullscreen enabled flag was determined upon creation of the document
and frozen afterwards. This new model allows setting the attribute at
any point. (Note that this is different from how sandboxing works,
which is frozen upon creation, but now they are no longer tied that
matters less.) Fixes #1481.

(Aside, the fullscreen enabled flag logic got broken in
688df43, but that no longer matters.)

This change also aligns the recently introduced allowusermedia with
that model since implementers likely want that to remain matching
allowfullscreen.
  • Loading branch information...
annevk authored and domenic committed Jul 6, 2016
1 parent 523f7a8 commit 9f6b91cb14a0f497ee5b3e7118ee65e687eaea78
Showing with 44 additions and 76 deletions.
  1. +44 −76 source
120 source
<ul class="brief">
<li>The <dfn data-noexport="" data-x-href="https://fullscreen.spec.whatwg.org/#top-layer">top layer</dfn> concept</li>
<li><dfn data-noexport="" data-x-href="https://fullscreen.spec.whatwg.org/#dom-element-requestfullscreen"><code data-x="dom-element-requestFullscreen">requestFullscreen()</code></dfn>
<li>The <dfn data-noexport="" data-x-href="https://fullscreen.spec.whatwg.org/#fullscreen-enabled-flag">fullscreen enabled flag</dfn></li>
</ul>

<p>The <cite>High Resolution Time</cite> specification provides the <dfn
has a <span>nested browsing context</span>, the user agent must <span data-x="parse a sandboxing
directive">parse the sandboxing directive</span> using the attribute's value as the
<var>input</var> and the <code>iframe</code> element's <span>nested browsing context</span>'s
<span><code>iframe</code> sandboxing flag set</span> as the output. If the <code>iframe</code> has
an <code data-x="attr-iframe-allowfullscreen">allowfullscreen</code> attribute, set the <var>allow
fullscreen flag</var>; if the <code>iframe</code> has an <code
data-x="attr-iframe-allowusermedia">allowusermedia</code> attribute, set the <var>allow user media
flag</var>.</p>
<span><code>iframe</code> sandboxing flag set</span> as the output.</p>

<p>When an <code>iframe</code> element's <code data-x="attr-iframe-sandbox">sandbox</code>
attribute is removed while it has a <span>nested browsing context</span>, the user agent must
</div>


<hr> <!-- FULLSCREEN -->
<hr> <!-- ALLOW FULLSCREEN / USER MEDIA -->

<p>The <dfn><code data-x="attr-iframe-allowfullscreen">allowfullscreen</code></dfn> attribute is a
<span>boolean attribute</span>. When specified, it indicates that <code>Document</code> objects in

</div>

<hr> <!-- USER MEDIA -->

<p>The <dfn><code data-x="attr-iframe-allowusermedia">allowusermedia</code></dfn> attribute is a
<span>boolean attribute</span>. When specified, it indicates that <code>Document</code> objects in
the <code>iframe</code> element's <span>browsing context</span> are to be allowed to use <code
data-x="dom-MediaDevices-getUserMedia">getUserMedia()</code> (if it's not blocked for other
reasons, e.g. there is another ancestor <code>iframe</code> without this attribute set).</p>

<div w-nodev>
<p id="fullscreen-logic">To determine whether a <code>Document</code> object <var>document</var>
is <dfn>allowed to use</dfn> the feature indicated by attribute name <var>allowattribute</var>,
run these steps:</p>

<ol>
<li><p>If <var>document</var> has no <span data-x="concept-document-bc">browsing context</span>,
then return false.</p></li>

<li><p>If <var>document</var>'s <span data-x="concept-document-bc">browsing context</span> has
no <span>browsing context container</span>, then return true.</p></li>

<li><p>If <var>document</var>'s <span data-x="concept-document-bc">browsing context</span> has a
<span>browsing context container</span> that is an <code>iframe</code> element with an
<var>allowattribute</var> attribute specified, and whose <span>node document</span> is
<span>allowed to use</span> the feature indicated by <var>allowattribute</var>, then return
true.</p></li>

<li><p>Return false.</p></li>
</ol>
</div>

<hr> <!-- DIM ATTRIBUTES -->

<p>The <code>iframe</code> element supports <span>dimension attributes</span> for cases where the
</dd>


<dt>The <dfn>sandboxed fullscreen browsing context flag</dfn></dt>

<dd>

<p>This flag prevents content from using the <code
data-x="dom-element-requestFullscreen">requestFullscreen()</code> method.</p>

</dd>

<dt>The <dfn>sandboxed user media browsing context flag</dfn></dt>

<dd>

<p>This flag prevents content from using the <code
data-x="dom-MediaDevices-getUserMedia">getUserMedia()</code> method.</p>

</dd>


<dt>The <dfn>sandboxed <code data-x="dom-document-domain">document.domain</code> browsing context flag</dfn></dt>

<dd>

</dl>

<p>When the user agent is to <dfn>parse a sandboxing directive</dfn>, given a string <var>input</var>, a <span>sandboxing flag set</span> <var>output</var>, and
optionally an <var>allow fullscreen flag</var> and <var>allow user media flag</var>, it must run the following steps:</p>
<p>When the user agent is to <dfn>parse a sandboxing directive</dfn>, given a string
<var>input</var>, a <span>sandboxing flag set</span> <var>output</var>, it must run the following
steps:</p>

<ol>


<li><p>The <span>sandboxed storage area URLs flag</span>.</p></li>

<li><p>The <span>sandboxed fullscreen browsing context flag</span>, unless the <var>allow fullscreen flag</var> was passed to the <span>parse a sandboxing
directive</span> algorithm.</p></li>

<li><p>The <span>sandboxed user media browsing context flag</span>, unless the <var>allow user media flag</var> was passed to the <span>parse a sandboxing
directive</span> algorithm.</p></li>

<li><p>The <span>sandboxed <code data-x="dom-document-domain">document.domain</code> browsing
context flag</span>.</p></li>

<hr>

<p>To <dfn>implement the sandboxing</dfn> for a <code>Document</code> object <var>document</var>,
run these steps:</p>

<ol>
<li>
<p>Populate <var>document</var>'s <span>active sandboxing flag set</span> with the union of the
flags that are present in the following <span data-x="sandboxing flag set">sandboxing flag
sets</span>:</p>

<ul>
<li><p>If <var>document</var>'s <span data-x="concept-document-bc">browsing context</span> is a
<span>top-level browsing context</span>, then: the flags set on the <span>browsing
context</span>'s <span>popup sandboxing flag set</span>.</p></li>

<li><p>If <var>document</var>'s <span data-x="concept-document-bc">browsing context</span> is a
<span>nested browsing context</span>, then: the flags set on the <span>browsing
context</span>'s <span><code>iframe</code> sandboxing flag set</span>.</p></li>

<li><p>If <var>document</var>'s <span data-x="concept-document-bc">browsing context</span> is a
<span>nested browsing context</span>, then: the flags set on the <span>browsing
context</span>'s <span>parent browsing context</span>'s <span>active document</span>'s
<span>active sandboxing flag set</span>.</p></li>
populate <var>document</var>'s <span>active sandboxing flag set</span> with the union of the flags
that are present in the following <span data-x="sandboxing flag set">sandboxing flag
sets</span>:</p>

<li><p>The flags set on <var>document</var>'s resource's <span>forced sandboxing flag
set</span>, if it has one.</p></li>
</ul>
</li>
<ul>
<li><p>If <var>document</var>'s <span data-x="concept-document-bc">browsing context</span> is a
<span>top-level browsing context</span>, then: the flags set on the <span>browsing
context</span>'s <span>popup sandboxing flag set</span>.</p></li>

<li id="fullscreen-logic"><p>If the <span>active sandboxing flag set</span> of
<var>document</var>'s <span data-x="concept-document-bc">browsing context</span> or any of its
<span data-x="ancestor browsing context">ancestor browsing contexts</span> (if any) have the
<span>sandboxed fullscreen browsing context flag</span> set, then abort these steps.</p></li>
<li><p>If <var>document</var>'s <span data-x="concept-document-bc">browsing context</span> is a
<span>nested browsing context</span>, then: the flags set on the <span>browsing context</span>'s
<span><code>iframe</code> sandboxing flag set</span>.</p></li>

<li><p>If <var>document</var>'s <span data-x="concept-document-bc">browsing context</span> has a
<span>browsing context container</span> that is an <code>iframe</code> element with an <code
data-x="attr-iframe-allowfullscreen">allowfullscreen</code> attribute specified, and whose
<span>node document</span> has the <span>fullscreen enabled flag</span> set, then set
<var>document</var>'s <span>fullscreen enabled flag</span>.</p></li>
<li><p>If <var>document</var>'s <span data-x="concept-document-bc">browsing context</span> is a
<span>nested browsing context</span>, then: the flags set on the <span>browsing context</span>'s
<span>parent browsing context</span>'s <span>active document</span>'s <span>active sandboxing
flag set</span>.</p></li>

<li><p>If <var>document</var>'s <span data-x="concept-document-bc">browsing context</span> has a
<span>browsing context container</span> that is an <code>iframe</code> element with an <code
data-x="attr-iframe-allowfullscreen">allowusermedia</code> attribute specified, and whose
<span>node document</span> has the <span>user media enabled flag</span> set, then set
<var>document</var>'s <span>user media enabled flag</span>.</p></li>
</ol>
<li><p>The flags set on <var>document</var>'s resource's <span>forced sandboxing flag set</span>,
if it has one.</p></li>
</ul>



0 comments on commit 9f6b91c

Please sign in to comment.
You can’t perform that action at this time.