Closes #8110.

Follows whatwg/meta#254.

This is the current behavior of Chrome, and is that of Firefox for CSP.

Part of #6809.

Closes #7830.

These algorithms actually do not accept a timestamp, so it was incorrect to pass one. Closes #7193

This matches implementations, which only whitespace-strip the type="" attribute.

Closes #7923.

Notably, the unversioned web-animations URL seems to point to an unofficial draft that no longer contains the relevant definition.

Helps with #4592.

Fixes #4867.

This was missed in 6682bde.

According to CSP, the interface for the securitypolicyviolation event is SecurityPolicyViolationEvent, not Event: https://w3c.github.io/webappsec-csp/#report-violation.

Removes the idea of sectioning content influencing the document's outline. Instead, the outline is derived from all of the document's h1-h6 elements. (Sectioning content still plays a role in scoping header and footer elements.) This ensures that the outline generated by the outline algorithm, i.e. the document's semantics for authors, better aligns with the way screen reader users navigate through headings and the corresponding normative requirements for implementations in the HTML-AAM specification.

Updates the hgroup element to have a new content model, to use p elements for related content such as subheadings, alternative titles, or taglines (instead of using heading elements for those).

Updates all of the spec's examples to have proper outlines, according to the new outline algorithm. This includes preferring h2 to h1 in markup fragment cases, so as to better suggest that they are part of a larger document whose outline contains a h1.

Closes #83. Closes #3499 by superseding it. Closes #6462 by updating hgroup's suggested usage instead of obsoleting it. See #7867 for potential followup work in avoiding sectioning content and hgroup influencing the style of h1-h6 elements.

Co-authored-by: Anne van Kesteren <annevk@annevk.nl>
Co-authored-by: Domenic Denicola <d@domenic.me>

Closes #3871.

The comment to make the current behavior with bfcache more obvious, as mentioned in #6588. (This is just an additional note and doesn't actually change any behavior.)

Closes #6588.

Each time we are about to pause for a user prompt, and after each pause, invoke the appropriate WebDriver BiDi algorithms.

The example incorrectly used "password" instead of "current-password".

Fixes #8019.

This allows displaying Web Authentication credentials through conditional mediation.

Fixes #7999.

This is technically not a normative change right now, but it will be when whatwg/storage#144 lands.

This is notably planned to be used by the ARIA specification.

Co-authored-by: Alice Boxhall <aboxhall@chromium.org>

Closes #3917 by superseding it.

Fixes #4526.

Also remove our definition of the input event, instead pointing to the one in the UI Events specification.

Previously we only had one for origins.

Algorithmize USVString, DOMString, and DOMString? reflection. This is easier to read, partially because it spreads out the steps and branches, and partially because of the asserts making some conditions explicit.

Rewrites the section on enumerated attributes to be more clear about how they work. Notably this gives an explicit algorithm for determining the state, instead of a couple paragraphs of prose. It also broadens the definition of "canonical keyword" to automatically be determined in simpler cases, instead of only used in tricky cases.

Finally, make it clear that DOMString?-reflected enumerated attributes (of which crossOrigin/crossorigin=""  is the only one currently) are always "limited to only known values".

This ensures that ErrorEvent has equivalent expressiveness to reportError().

Fixes #7853.

Fixes #7973.

Both are already supported by Gecko, and WebKit and Chromium already support nonce.

See whatwg/fetch#1433 and whatwg/fetch#1432 for background.

Builds upon whatwg/fetch#1447.

Sometimes a navigation causes a BCG swap, e.g. when the cross-origin isolated capability changes. In that case:

* The timestamps should coarsened based on both documents.
* Some user-agents unload in parallel, which should not become part of the new document's timing info.
* Time origin should be according to the new global's time origin, but coarsened by both.

Closes w3c/navigation-timing#169.

See #7890 for more refactoring follow-up work.