Skip to content
Permalink
Browse files

[agiow] (0) Rename text/sandboxed-html to text/html-sandboxed so it s…

…orts better in lists of MIME types

git-svn-id: http://svn.whatwg.org/webapps@4585 340c8d12-0b0e-0410-8428-c7bf67bfef74
  • Loading branch information...
Hixie committed Jan 13, 2010
1 parent 5159916 commit fbc9ec2b805730724f698d814fe4d5c0d618be55
Showing with 44 additions and 44 deletions.
  1. +15 −15 complete.html
  2. +15 −15 index
  3. +14 −14 source
@@ -1193,7 +1193,7 @@ <h2 class="no-num no-toc" id=contents>Table of contents</h2>
<li><a href=#iana><span class=secno>15 </span>IANA considerations</a>
<ol>
<li><a href=#text/html><span class=secno>15.1 </span><code>text/html</code></a></li>
<li><a href=#text/sandboxed-html><span class=secno>15.2 </span><code>text/sandboxed-html</code></a></li>
<li><a href=#text/html-sandboxed><span class=secno>15.2 </span><code>text/html-sandboxed</code></a></li>
<li><a href=#application/xhtml+xml><span class=secno>15.3 </span><code>application/xhtml+xml</code></a></li>
<li><a href=#text/cache-manifest><span class=secno>15.4 </span><code>text/cache-manifest</code></a></li>
<li><a href=#text/ping><span class=secno>15.5 </span><code>text/ping</code></a></li>
@@ -1926,7 +1926,7 @@ <h4 id=resources><span class=secno>2.1.1 </span>Resources</h4>
type and subtype, with no MIME Type parameters. <a href=#refsHTTP>[HTTP]</a></p>

<p>The term <dfn id=html-mime-type>HTML MIME type</dfn> is used to refer to the <a href=#mime-type title="MIME type">MIME types</a> <code><a href=#text/html>text/html</a></code> and
<code><a href=#text/sandboxed-html>text/sandboxed-html</a></code>.</p>
<code><a href=#text/html-sandboxed>text/html-sandboxed</a></code>.</p>


<h4 id=xml><span class=secno>2.1.2 </span>XML</h4>

<p class=note>Potentially hostile files can be served from the
same server as the file containing the <code><a href=#the-iframe-element>iframe</a></code> element
by labeling them as <code><a href=#text/sandboxed-html>text/sandboxed-html</a></code> instead of
by labeling them as <code><a href=#text/html-sandboxed>text/html-sandboxed</a></code> instead of
<code><a href=#text/html>text/html</a></code>. This ensures that scripts in the files are
unable to attack the site (as if they were actually served from
another server), even if the user is tricked into visiting those
<code>Document</code> was created</dt>

<dt>If a <code>Document</code> was generated from a resource
labeled as <code><a href=#text/sandboxed-html>text/sandboxed-html</a></code></dt>
labeled as <code><a href=#text/html-sandboxed>text/html-sandboxed</a></code></dt>

<dd>The <a href=#origin>origin</a> is a globally unique identifier
assigned when the <code>Document</code> is created.</dd>
following list, and process the resource as described there:</p>

<dl class=switch><!-- an <span>HTML MIME type</span> --><dt>"<code><a href=#text/html>text/html</a></code>"</dt>
<dt>"<code><a href=#text/sandboxed-html>text/sandboxed-html</a></code>"</dt>
<dt>"<code><a href=#text/html-sandboxed>text/html-sandboxed</a></code>"</dt>
<dd>Follow the steps given in the <a href=#read-html title=navigate-html>HTML document</a> section, and abort
these steps.</dd>

refer to <a href=#the-indicated-part-of-the-document>the indicated part of the document</a>.</p>


<h3 id=text/sandboxed-html><span class=secno>15.2 </span><dfn><code>text/sandboxed-html</code></dfn></h3>
<h3 id=text/html-sandboxed><span class=secno>15.2 </span><dfn><code>text/html-sandboxed</code></dfn></h3>

<p>This registration is for community review and will be submitted
to the IESG for review, approval, and registration with IANA.</p>

<!--
To: ietf-types@iana.org
Subject: Registration of media type text/sandboxed-html
Subject: Registration of media type text/html-sandboxed
-->

<dl><dt>Type name:</dt>
<dd>text</dd>
<dt>Subtype name:</dt>
<dd>sandboxed-html</dd>
<dd>html-sandboxed</dd>
<dt>Required parameters:</dt>
<dd>No required parameters</dd>
<dt>Optional parameters:</dt>
<dd>Same as for <code><a href=#text/html>text/html</a></code></dd>
<dt>Security considerations:</dt>
<dd>
<p>The purpose of the <code><a href=#text/sandboxed-html>text/sandboxed-html</a></code> MIME type
<p>The purpose of the <code><a href=#text/html-sandboxed>text/html-sandboxed</a></code> MIME type
is to provide a way for content providers to indicate that they
want the file to be interpreted in a manner that does not give the
file's contents access to the rest of the site. This is achieved
by assigning the <code>Document</code> objects generated from
resources labeled as <code><a href=#text/sandboxed-html>text/sandboxed-html</a></code> unique
resources labeled as <code><a href=#text/html-sandboxed>text/html-sandboxed</a></code> unique
origins.</p>
<p>To avoid having legacy user agents treating resources labeled
as <code><a href=#text/sandboxed-html>text/sandboxed-html</a></code> as regular
as <code><a href=#text/html-sandboxed>text/html-sandboxed</a></code> as regular
<code><a href=#text/html>text/html</a></code> files, authors should avoid using the <code title="">.html</code> or <code title="">.htm</code> extensions for
resources labeled as <code><a href=#text/sandboxed-html>text/sandboxed-html</a></code>.</p>
resources labeled as <code><a href=#text/html-sandboxed>text/html-sandboxed</a></code>.</p>
<p>Beyond this, the type is identical to <code><a href=#text/html>text/html</a></code>,
and the same considerations apply.</p>
</dd>
<dt>Published specification:</dt>
<dd>
This document is the relevant specification. Labeling a resource
with the <code><a href=#text/sandboxed-html>text/sandboxed-html</a></code> type asserts that the
with the <code><a href=#text/html-sandboxed>text/html-sandboxed</a></code> type asserts that the
resource is an <a href=#html-documents title="HTML documents">HTML document</a>
using <a href=#syntax>the HTML syntax</a>.
</dd>
<dt>Additional information:</dt>
<dd>
<dl><dt>Magic number(s):</dt>
<dd>Documents labeled as <code><a href=#text/sandboxed-html>text/sandboxed-html</a></code> are
<dd>Documents labeled as <code><a href=#text/html-sandboxed>text/html-sandboxed</a></code> are
heuristically indistinguishable from those labeled as
<code><a href=#text/html>text/html</a></code>.</dd>
<dt>File extension(s):</dt>
<dd>Ian Hickson &lt;ian@hixie.ch&gt;</dd>
<dt>Change controller:</dt>
<dd>W3C and WHATWG</dd>
</dl><p>Fragment identifiers used with <code><a href=#text/sandboxed-html>text/sandboxed-html</a></code>
</dl><p>Fragment identifiers used with <code><a href=#text/html-sandboxed>text/html-sandboxed</a></code>
resources refer to <a href=#the-indicated-part-of-the-document>the indicated part of the
document</a>.</p>

30 index
@@ -1071,7 +1071,7 @@
<li><a href=#iana><span class=secno>13 </span>IANA considerations</a>
<ol>
<li><a href=#text/html><span class=secno>13.1 </span><code>text/html</code></a></li>
<li><a href=#text/sandboxed-html><span class=secno>13.2 </span><code>text/sandboxed-html</code></a></li>
<li><a href=#text/html-sandboxed><span class=secno>13.2 </span><code>text/html-sandboxed</code></a></li>
<li><a href=#application/xhtml+xml><span class=secno>13.3 </span><code>application/xhtml+xml</code></a></li>
<li><a href=#text/cache-manifest><span class=secno>13.4 </span><code>text/cache-manifest</code></a></li>
<li><a href=#text/ping><span class=secno>13.5 </span><code>text/ping</code></a></li>
@@ -1826,7 +1826,7 @@ a.setAttribute('href', 'http://example.com/'); // change the content attribute d
type and subtype, with no MIME Type parameters. <a href=#refsHTTP>[HTTP]</a></p>

<p>The term <dfn id=html-mime-type>HTML MIME type</dfn> is used to refer to the <a href=#mime-type title="MIME type">MIME types</a> <code><a href=#text/html>text/html</a></code> and
<code><a href=#text/sandboxed-html>text/sandboxed-html</a></code>.</p>
<code><a href=#text/html-sandboxed>text/html-sandboxed</a></code>.</p>


<h4 id=xml><span class=secno>2.1.2 </span>XML</h4>

<p class=note>Potentially hostile files can be served from the
same server as the file containing the <code><a href=#the-iframe-element>iframe</a></code> element
by labeling them as <code><a href=#text/sandboxed-html>text/sandboxed-html</a></code> instead of
by labeling them as <code><a href=#text/html-sandboxed>text/html-sandboxed</a></code> instead of
<code><a href=#text/html>text/html</a></code>. This ensures that scripts in the files are
unable to attack the site (as if they were actually served from
another server), even if the user is tricked into visiting those
<code>Document</code> was created</dt>

<dt>If a <code>Document</code> was generated from a resource
labeled as <code><a href=#text/sandboxed-html>text/sandboxed-html</a></code></dt>
labeled as <code><a href=#text/html-sandboxed>text/html-sandboxed</a></code></dt>

<dd>The <a href=#origin>origin</a> is a globally unique identifier
assigned when the <code>Document</code> is created.</dd>
following list, and process the resource as described there:</p>

<dl class=switch><!-- an <span>HTML MIME type</span> --><dt>"<code><a href=#text/html>text/html</a></code>"</dt>
<dt>"<code><a href=#text/sandboxed-html>text/sandboxed-html</a></code>"</dt>
<dt>"<code><a href=#text/html-sandboxed>text/html-sandboxed</a></code>"</dt>
<dd>Follow the steps given in the <a href=#read-html title=navigate-html>HTML document</a> section, and abort
these steps.</dd>

refer to <a href=#the-indicated-part-of-the-document>the indicated part of the document</a>.</p>


<h3 id=text/sandboxed-html><span class=secno>13.2 </span><dfn><code>text/sandboxed-html</code></dfn></h3>
<h3 id=text/html-sandboxed><span class=secno>13.2 </span><dfn><code>text/html-sandboxed</code></dfn></h3>

<p>This registration is for community review and will be submitted
to the IESG for review, approval, and registration with IANA.</p>

<!--
To: ietf-types@iana.org
Subject: Registration of media type text/sandboxed-html
Subject: Registration of media type text/html-sandboxed
-->

<dl><dt>Type name:</dt>
<dd>text</dd>
<dt>Subtype name:</dt>
<dd>sandboxed-html</dd>
<dd>html-sandboxed</dd>
<dt>Required parameters:</dt>
<dd>No required parameters</dd>
<dt>Optional parameters:</dt>
<dd>Same as for <code><a href=#text/html>text/html</a></code></dd>
<dt>Security considerations:</dt>
<dd>
<p>The purpose of the <code><a href=#text/sandboxed-html>text/sandboxed-html</a></code> MIME type
<p>The purpose of the <code><a href=#text/html-sandboxed>text/html-sandboxed</a></code> MIME type
is to provide a way for content providers to indicate that they
want the file to be interpreted in a manner that does not give the
file's contents access to the rest of the site. This is achieved
by assigning the <code>Document</code> objects generated from
resources labeled as <code><a href=#text/sandboxed-html>text/sandboxed-html</a></code> unique
resources labeled as <code><a href=#text/html-sandboxed>text/html-sandboxed</a></code> unique
origins.</p>
<p>To avoid having legacy user agents treating resources labeled
as <code><a href=#text/sandboxed-html>text/sandboxed-html</a></code> as regular
as <code><a href=#text/html-sandboxed>text/html-sandboxed</a></code> as regular
<code><a href=#text/html>text/html</a></code> files, authors should avoid using the <code title="">.html</code> or <code title="">.htm</code> extensions for
resources labeled as <code><a href=#text/sandboxed-html>text/sandboxed-html</a></code>.</p>
resources labeled as <code><a href=#text/html-sandboxed>text/html-sandboxed</a></code>.</p>
<p>Beyond this, the type is identical to <code><a href=#text/html>text/html</a></code>,
and the same considerations apply.</p>
</dd>
<dt>Published specification:</dt>
<dd>
This document is the relevant specification. Labeling a resource
with the <code><a href=#text/sandboxed-html>text/sandboxed-html</a></code> type asserts that the
with the <code><a href=#text/html-sandboxed>text/html-sandboxed</a></code> type asserts that the
resource is an <a href=#html-documents title="HTML documents">HTML document</a>
using <a href=#syntax>the HTML syntax</a>.
</dd>
<dt>Additional information:</dt>
<dd>
<dl><dt>Magic number(s):</dt>
<dd>Documents labeled as <code><a href=#text/sandboxed-html>text/sandboxed-html</a></code> are
<dd>Documents labeled as <code><a href=#text/html-sandboxed>text/html-sandboxed</a></code> are
heuristically indistinguishable from those labeled as
<code><a href=#text/html>text/html</a></code>.</dd>
<dt>File extension(s):</dt>
<dd>Ian Hickson &lt;ian@hixie.ch&gt;</dd>
<dt>Change controller:</dt>
<dd>W3C and WHATWG</dd>
</dl><p>Fragment identifiers used with <code><a href=#text/sandboxed-html>text/sandboxed-html</a></code>
</dl><p>Fragment identifiers used with <code><a href=#text/html-sandboxed>text/html-sandboxed</a></code>
resources refer to <a href=#the-indicated-part-of-the-document>the indicated part of the
document</a>.</p>

28 source
@@ -829,7 +829,7 @@ a.setAttribute('href', 'http://example.com/'); // change the content attribute d

<p>The term <dfn>HTML MIME type</dfn> is used to refer to the <span
title="MIME type">MIME types</span> <code>text/html</code> and
<code>text/sandboxed-html</code>.</p>
<code>text/html-sandboxed</code>.</p>


<h4>XML</h4>

<p class="note">Potentially hostile files can be served from the
same server as the file containing the <code>iframe</code> element
by labeling them as <code>text/sandboxed-html</code> instead of
by labeling them as <code>text/html-sandboxed</code> instead of
<code>text/html</code>. This ensures that scripts in the files are
unable to attack the site (as if they were actually served from
another server), even if the user is tricked into visiting those
<code>Document</code> was created</dt>

<dt>If a <code>Document</code> was generated from a resource
labeled as <code>text/sandboxed-html</code></dt>
labeled as <code>text/html-sandboxed</code></dt>

<dd>The <span>origin</span> is a globally unique identifier
assigned when the <code>Document</code> is created.</dd>

<!-- an <span>HTML MIME type</span> -->
<dt>"<code>text/html</code>"</dt>
<dt>"<code>text/sandboxed-html</code>"</dt>
<dt>"<code>text/html-sandboxed</code>"</dt>
<dd>Follow the steps given in the <span
title="navigate-html">HTML document</span> section, and abort
these steps.</dd>
refer to <span>the indicated part of the document</span>.</p>


<h3><dfn><code>text/sandboxed-html</code></dfn></h3>
<h3><dfn><code>text/html-sandboxed</code></dfn></h3>

<p>This registration is for community review and will be submitted
to the IESG for review, approval, and registration with IANA.</p>

<!--
To: ietf-types@iana.org
Subject: Registration of media type text/sandboxed-html
Subject: Registration of media type text/html-sandboxed
-->

<dl>
<dt>Type name:</dt>
<dd>text</dd>
<dt>Subtype name:</dt>
<dd>sandboxed-html</dd>
<dd>html-sandboxed</dd>
<dt>Required parameters:</dt>
<dd>No required parameters</dd>
<dt>Optional parameters:</dt>
<dd>Same as for <code>text/html</code></dd>
<dt>Security considerations:</dt>
<dd>
<p>The purpose of the <code>text/sandboxed-html</code> MIME type
<p>The purpose of the <code>text/html-sandboxed</code> MIME type
is to provide a way for content providers to indicate that they
want the file to be interpreted in a manner that does not give the
file's contents access to the rest of the site. This is achieved
by assigning the <code>Document</code> objects generated from
resources labeled as <code>text/sandboxed-html</code> unique
resources labeled as <code>text/html-sandboxed</code> unique
origins.</p>
<p>To avoid having legacy user agents treating resources labeled
as <code>text/sandboxed-html</code> as regular
as <code>text/html-sandboxed</code> as regular
<code>text/html</code> files, authors should avoid using the <code
title="">.html</code> or <code title="">.htm</code> extensions for
resources labeled as <code>text/sandboxed-html</code>.</p>
resources labeled as <code>text/html-sandboxed</code>.</p>
<p>Beyond this, the type is identical to <code>text/html</code>,
and the same considerations apply.</p>
</dd>
<dt>Published specification:</dt>
<dd>
This document is the relevant specification. Labeling a resource
with the <code>text/sandboxed-html</code> type asserts that the
with the <code>text/html-sandboxed</code> type asserts that the
resource is an <span title="HTML documents">HTML document</span>
using <span>the HTML syntax</span>.
</dd>
<dd>
<dl>
<dt>Magic number(s):</dt>
<dd>Documents labeled as <code>text/sandboxed-html</code> are
<dd>Documents labeled as <code>text/html-sandboxed</code> are
heuristically indistinguishable from those labeled as
<code>text/html</code>.</dd>
<dt>File extension(s):</dt>
<dd>W3C and WHATWG</dd>
</dl>

<p>Fragment identifiers used with <code>text/sandboxed-html</code>
<p>Fragment identifiers used with <code>text/html-sandboxed</code>
resources refer to <span>the indicated part of the
document</span>.</p>

0 comments on commit fbc9ec2

Please sign in to comment.
You can’t perform that action at this time.