- From: Ian Hickson via cvs-syncmail <cvsmail@w3.org>
- Date: Wed, 13 Aug 2008 02:35:03 +0000
- To: public-html-commits@w3.org
Update of /sources/public/html5/spec
In directory hutz:/tmp/cvs-serv18095
Modified Files:
Overview.html
Log Message:
Refine the rules to allow for more privacy. (whatwg r2071)
Index: Overview.html
===================================================================
RCS file: /sources/public/html5/spec/Overview.html,v
retrieving revision 1.1245
retrieving revision 1.1246
diff -u -d -r1.1245 -r1.1246
--- Overview.html 13 Aug 2008 00:20:45 -0000 1.1245
+++ Overview.html 13 Aug 2008 02:35:00 -0000 1.1246
@@ -1307,15 +1307,19 @@
</span>Notifications</a>
</ul>
- <li><a href="#browser0"><span class=secno>5.6 </span>Browser state</a>
+ <li><a href="#system"><span class=secno>5.6 </span>System state and
+ capabilities</a>
<ul class=toc>
- <li><a href="#custom-handlers"><span class=secno>5.6.1 </span>Custom
+ <li><a href="#client"><span class=secno>5.6.1 </span>Client
+ identification</a>
+
+ <li><a href="#custom-handlers"><span class=secno>5.6.2 </span>Custom
protocol and content handlers</a>
<ul class=toc>
- <li><a href="#security5"><span class=secno>5.6.1.1. </span>Security
+ <li><a href="#security5"><span class=secno>5.6.2.1. </span>Security
and privacy</a>
- <li><a href="#sample-handler-impl"><span class=secno>5.6.1.2.
+ <li><a href="#sample-handler-impl"><span class=secno>5.6.2.2.
</span>Sample user interface</a>
</ul>
</ul>
@@ -1355,7 +1359,7 @@
<li><a href="#application"><span class=secno>5.7.6 </span>Application
cache API</a>
- <li><a href="#browser1"><span class=secno>5.7.7 </span>Browser
+ <li><a href="#browser0"><span class=secno>5.7.7 </span>Browser
state</a>
</ul>
@@ -16958,15 +16962,15 @@
<p>The <dfn id=name1 title=attr-iframe-name><code>name</code></dfn>
attribute, if present, must be a <a href="#valid9">valid browsing context
name</a>. When the browsing context is created, if the attribute is
- present, the <a href="#browsing2">browsing context name</a> must be set to
- the value of this attribute; otherwise, the <a href="#browsing2">browsing
+ present, the <a href="#browsing3">browsing context name</a> must be set to
+ the value of this attribute; otherwise, the <a href="#browsing3">browsing
context name</a> must be set to the empty string.
<p>Whenever the <code title=attr-iframe-name><a
href="#name1">name</a></code> attribute is set, the nested <a
- href="#browsing1">browsing context</a>'s <a href="#browsing2"
+ href="#browsing1">browsing context</a>'s <a href="#browsing3"
title="browsing context name">name</a> must be changed to the new value.
- If the attribute is removed, the <a href="#browsing2">browsing context
+ If the attribute is removed, the <a href="#browsing3">browsing context
name</a> must be set to the empty string.
<p>When content loads in an <code><a href="#iframe">iframe</a></code>,
@@ -17745,8 +17749,8 @@
<p>If the <code title=attr-object-name><a
href="#name3">name</a></code> attribute is present, the <a
- href="#browsing2">browsing context name</a> must be set to the value
- of this attribute; otherwise, the <a href="#browsing2">browsing
+ href="#browsing3">browsing context name</a> must be set to the value
+ of this attribute; otherwise, the <a href="#browsing3">browsing
context name</a> must be set to the empty string.</p>
<p class=big-issue>navigation might end up treating it as something
@@ -17836,11 +17840,11 @@
<p>Whenever the <code title=attr-object-name><a
href="#name3">name</a></code> attribute is set, if the <code><a
href="#object">object</a></code> element has a nested <a
- href="#browsing1">browsing context</a>, its <a href="#browsing2"
+ href="#browsing1">browsing context</a>, its <a href="#browsing3"
title="browsing context name">name</a> must be changed to the new value.
If the attribute is removed, if the <code><a
href="#object">object</a></code> element has a <a
- href="#browsing1">browsing context</a>, the <a href="#browsing2">browsing
+ href="#browsing1">browsing context</a>, the <a href="#browsing3">browsing
context name</a> must be set to the empty string.
<p>The <code title=attr-hyperlink-usemap><a
@@ -31580,14 +31584,17 @@
elements) can instantiate further <a href="#browsing1" title="browsing
context">browsing contexts</a>. These are called <dfn id=nested0
title="nested browsing context">nested browsing contexts</dfn>. If a
- browsing context <var title="">P</var> has an element in one of its
- <code>Document</code>s <var title="">D</var> that nests another browsing
- context <var title="">C</var> inside it, then <var title="">P</var> is
- said to be the <dfn id=parent>parent browsing context</dfn> of <var
- title="">C</var>, <var title="">C</var> is said to be a <dfn
- id=child>child browsing context</dfn> of <var title="">P</var>, and <var
- title="">C</var> is said to be <dfn id=nested1 title="browsing context
- nested through">nested through</dfn> <var title="">D</var>.
+ browsing context <var title="">P</var> has an element <var
+ title="">E</var> in one of its <code>Document</code>s <var
+ title="">D</var> that nests another browsing context <var title="">C</var>
+ inside it, then <var title="">P</var> is said to be the <dfn
+ id=parent>parent browsing context</dfn> of <var title="">C</var>, <var
+ title="">C</var> is said to be a <dfn id=child>child browsing
+ context</dfn> of <var title="">P</var>, <var title="">C</var> is said to
+ be <dfn id=nested1 title="browsing context nested through">nested
+ through</dfn> <var title="">D</var>, and <var title="">E</var> is said to
+ be the <dfn id=browsing2>browsing context container</dfn> of <var
+ title="">C</var>.
<p>A browsing context <var title="">A</var> is said to be an ancestor of a
browsing context <var title="">B</var> if there exists a browsing context
@@ -31640,6 +31647,8 @@
<code><a href="#window">Window</a></code> object if it was a <a
href="#top-level">top-level browsing context</a> itself).
+ <hr>
+
<p>The <dfn id=parent0 title=dom-parent><code>parent</code></dfn> DOM
attribute on the <code><a href="#window">Window</a></code> object of a <a
href="#browsing1">browsing context</a> <var title="">b</var> must return
@@ -31651,6 +31660,29 @@
otherwise (i.e. if it is a <a href="#top-level">top-level browsing
context</a>).
+ <p>The <dfn id=frameelement
+ title=dom-frameElement><code>frameElement</code></dfn> DOM attribute on
+ the <code><a href="#window">Window</a></code> object of a <a
+ href="#browsing1">browsing context</a> <var title="">b</var>, on getting,
+ must run the following algorithm:
+
+ <ol>
+ <li>
+ <p>If <var title="">b</var> is not a <a href="#child">child browsing
+ context</a>, return null and abort these steps.
+
+ <li>
+ <p>If the <a href="#parent">parent browsing context</a>'s <a
+ href="#active">active document</a> does not have the <span>same</span>
+ <span>effective origin</span> as the script that is accessing the <code
+ title=dom-frameElement><a href="#frameelement">frameElement</a></code>
+ attribute, then throw a <a href="#security10">security exception</a>.
+
+ <li>
+ <p>Otherwise, return the <a href="#browsing2">browsing context
+ container</a> for <var title="">b</var>.
+ </ol>
+
<h4 id=auxiliary><span class=secno>5.1.2 </span>Auxiliary browsing contexts</h4>
<p>It is possible to create new browsing contexts that are related to a
@@ -31757,7 +31789,7 @@
<h4 id=browsing><span class=secno>5.1.6 </span>Browsing context names</h4>
- <p>Browsing contexts can have a <dfn id=browsing2>browsing context
+ <p>Browsing contexts can have a <dfn id=browsing3>browsing context
name</dfn>. By default, a browsing context has no name (its name is not
set).
@@ -31796,7 +31828,7 @@
<li>
<p>If the given browsing context name is not <code title="">_blank</code>
- and there exists a browsing context whose <a href="#browsing2"
+ and there exists a browsing context whose <a href="#browsing3"
title="browsing context name">name</a> is the same as the given browsing
context name, and the current browsing context is <a
href="#allowed">allowed to navigate</a> that browsing context, and the
@@ -31894,6 +31926,7 @@
readonly attribute <a href="#window">Window</a> <a href="#top0" title=dom-top>top</a>;
readonly attribute <a href="#window">Window</a> <a href="#opener0" title=dom-opener>opener</a>;
readonly attribute <a href="#window">Window</a> <a href="#parent0" title=dom-parent>parent</a>;
+ readonly attribute <span>Element</span> <a href="#frameelement" title=dom-frameElement>frameElement</a>;
<a href="#window">Window</a> <a href="#open2" title=dom-open>open</a>();
<a href="#window">Window</a> <a href="#open2" title=dom-open>open</a>(in DOMString url);
<a href="#window">Window</a> <a href="#open2" title=dom-open>open</a>(in DOMString url, in DOMString target);
@@ -31901,7 +31934,7 @@
<a href="#window">Window</a> <a href="#open2" title=dom-open>open</a>(in DOMString url, in DOMString target, in DOMString features, in DOMString replace);
// the user agent
- readonly attribute <a href="#clientinformation">ClientInformation</a> <a href="#navigator" title=dom-navigator>navigator</a>; <!-- XXX IE6 also has window.clientInformation pointing to this same object -->
+ readonly attribute <a href="#navigator0">Navigator</a> <a href="#navigator" title=dom-navigator>navigator</a>; <!-- XXX IE6 also has window.clientInformation pointing to this same object -->
readonly attribute <a href="#storage0">Storage</a> <a href="#localstorage" title=dom-localStorage>localStorage</a>;
readonly attribute <a href="#storage0">Storage</a> <a href="#sessionstorage" title=dom-sessionStorage>sessionStorage</a>;
<a href="#database0">Database</a> <a href="#opendatabase" title=dom-opendatabase>openDatabase</a>(in DOMString name, in DOMString version, in DOMString displayName, in unsigned long estimatedSize);
@@ -32030,7 +32063,7 @@
invoked.
<p>The second argument, <var title="">target</var>, specifies the <a
- href="#browsing2" title="browsing context name">name</a> of the browsing
+ href="#browsing3" title="browsing context name">name</a> of the browsing
context that is to be navigated. It must be a <a href="#valid10">valid
browsing context name or keyword</a>. If fewer than two arguments are
provided, then the <var title="">name</var> argument defaults to the value
@@ -33716,25 +33749,103 @@
brought to the user's attention, and the <var title="">onclick</var>
callback should then be invoked.
- <h3 id=browser0><span class=secno>5.6 </span>Browser state</h3>
+ <h3 id=system><span class=secno>5.6 </span>System state and capabilities</h3>
<p>The <dfn id=navigator title=dom-navigator><code>navigator</code></dfn>
attribute of the <code><a href="#window">Window</a></code> interface must
- return an instance of the <code><a
- href="#clientinformation">ClientInformation</a></code> interface, which
- represents the identity and state of the user agent (the client), and
- allows Web pages to register themselves as potential protocol and content
- handlers:
+ return an instance of the <code><a href="#navigator0">Navigator</a></code>
+ interface, which represents the identity and state of the user agent (the
+ client), and allows Web pages to register themselves as potential protocol
+ and content handlers:
- <pre
- class=idl>interface <dfn id=clientinformation>ClientInformation</dfn> {
+ <pre class=idl>interface <dfn id=navigator0>Navigator</dfn> {
+ // client identification<!--
+ readonly attribute DOMString <span title="dom-navigator-appCodeName">appCodeName</span>;-->
+ readonly attribute DOMString <a href="#appname" title=dom-navigator-appName>appName</a>;
+ readonly attribute DOMString <a href="#appversion" title=dom-navigator-appVersion>appVersion</a>;
+ readonly attribute DOMString <a href="#platform" title=dom-navigator-platform>platform</a>;
+ readonly attribute DOMString <a href="#useragent" title=dom-navigator-userAgent>userAgent</a>;
+
+ // system state
readonly attribute boolean <a href="#navigator.online" title=dom-navigator-onLine>onLine</a>;
void <a href="#registerprotocolhandler" title=dom-navigator-registerProtocolHandler>registerProtocolHandler</a>(in DOMString protocol, in DOMString url, in DOMString title);
void <a href="#registercontenthandler" title=dom-navigator-registerContentHandler>registerContentHandler</a>(in DOMString mimeType, in DOMString url, in DOMString title);
-<!-- XXX there are other attributes! -->};</pre>
- <!-- also, see window.external.AddSearchProvider() and similar DOM APIs from IE -->
+};</pre>
+ <!-- XXX also, see window.external.AddSearchProvider() and similar DOM APIs from IE -->
+ <!-- XXX also, see: cookieEnabled geolocator javaEnabled mimeTypes mozIsLocallyAvailable plugins preference -->
+ <!-- XXX also, could expose languages:
+ <dt><dfn title="dom-navigator-browserLanguage"><code>browserLanguage</code></dfn></dt> <!- - Opera and IE only - ->
+ <dd><p>Must return either null or a language code representing the language the browser uses in its interface.</p></dd>
+ <dt><dfn title="dom-navigator-userLanguage"><code>userLanguage</code></dfn></dt> <!- - Opera and IE only - ->
+ <dt><dfn title="dom-navigator-language"><code>language</code></dfn></dt> <!- - Opera, Safari, and Mozilla only - ->
+ <dd><p>Must return either null or a language code representing the user's preferred language.</p></dd>
+ -->
- <h4 id=custom-handlers><span class=secno>5.6.1 </span>Custom protocol and
+ <h4 id=client><span class=secno>5.6.1 </span>Client identification</h4>
+
+ <p>In certain cases, despite the best efforts of the entire industry, Web
+ browsers have bugs and limitations that Web authors are forced to work
+ around.
+
+ <p>This section defines a collection of attributes that can be used to
+ determine, from script, the kind of user agent in use, in order to work
+ around these issues.
+
+ <p>Client detection should always be limited to detecting known current
+ versions; future versions and unknown versions should always be assumed to
+ be fully compliant.
+
+ <dl><!-- redundant
+ <dt><dfn title="dom-navigator-appCodeName"><code>appCodeName</code></dfn></dt>
+ <dd><p>Must return the string "<code title="">Mozilla</code>".</p></dd>
+ -->
+ <!-- appMinorVersion: IE only. In IE8b1, returns " Beta" (with the space) -->
+
+ <dt><dfn id=appname title=dom-navigator-appName><code>appName</code></dfn>
+
+ <dd>
+ <p>Must return either the string "<code title="">Netscape</code>" or the
+ full name of the browser, e.g. "<code title="">Mellblom
+ Browsernator</code>".
+
+ <dt><dfn id=appversion
+ title=dom-navigator-appVersion><code>appVersion</code></dfn>
+
+ <dd>
+ <p>Must return either the string "<code title="">4.0</code>" or a string
+ representing the version of the browser in detail, e.g. "<code
+ title="">1.0 (VMS; en-US) Mellblomenator/9000</code>".
+ </dd>
+ <!-- buildID: Mozilla only -->
+ <!-- oscpu: Mozilla only -->
+
+ <dt><dfn id=platform
+ title=dom-navigator-platform><code>platform</code></dfn>
+
+ <dd>
+ <p>Must return either the empty string or a string representing the
+ platform on which the browser is executing, e.g. "<code
+ title="">MacIntel</code>", "<code title="">Win32</code>", "<code
+ title="">FreeBSD i386</code>", "<code title="">WebTV OS</code>".
+ </dd>
+ <!-- product: Mozilla and Safari only; always returns "Gecko" -->
+ <!-- productSub: Mozilla and Safari only; returns same as buildID in Mozilla, and returns the fixed string "20030107" in Safari -->
+ <!-- securityPolicy: Mozilla only; always returns "" -->
+ <!-- taintEnabled(): Opera, IE and Mozilla have this function as one that always returns false -->
+
+ <dt><dfn id=useragent
+ title=dom-navigator-userAgent><code>userAgent</code></dfn>
+
+ <dd>
+ <p>Must return the string used for the value of the "<code
+ title="">User-Agent</code>" header in HTTP requests, or the empty string
+ if no such header is ever sent.
+ </dd>
+ <!-- vendor: Mozilla and Safari only; always returns "" in Mozilla, and returns the fixed string "Apple Computer, Inc." in Safari -->
+ <!-- vendorSub: Mozilla and Safari only; always returns "" -->
+ </dl>
+
+ <h4 id=custom-handlers><span class=secno>5.6.2 </span>Custom protocol and
content handlers</h4>
<p>The <dfn id=registerprotocolhandler
@@ -33881,7 +33992,7 @@
non-idempotent transaction), as the remote site would not be able to fetch
the same data.
- <h5 id=security5><span class=secno>5.6.1.1. </span>Security and privacy</h5>
+ <h5 id=security5><span class=secno>5.6.2.1. </span>Security and privacy</h5>
<p>These mechanisms can introduce a number of concerns, in particular
privacy concerns.
@@ -33959,7 +34070,7 @@
trust the third-party handler, a decision many users are unable to make or
even understand).
- <h5 id=sample-handler-impl><span class=secno>5.6.1.2. </span>Sample user
+ <h5 id=sample-handler-impl><span class=secno>5.6.2.2. </span>Sample user
interface</h5>
<p><em>This section is non-normative.</em>
@@ -35554,7 +35665,7 @@
href="#applicationcache">ApplicationCache</a></code> object.
</dl>
- <h4 id=browser1><span class=secno>5.7.7 </span>Browser state</h4>
+ <h4 id=browser0><span class=secno>5.7.7 </span>Browser state</h4>
<p>The <dfn id=navigator.online
title=dom-navigator-onLine><code>navigator.onLine</code></dfn> attribute
@@ -35908,15 +36019,16 @@
<h4 id=the-location><span class=secno>5.8.4 </span>The <code><a
href="#location2">Location</a></code> interface</h4>
- <p>Each <code>Document</code> object in a browsing context's session
- history is associated with a unique instance of a <code><a
- href="#location2">Location</a></code> object.
+ <p>Each <code>Document</code> object in a <a href="#browsing1">browsing
+ context</a>'s session history is associated with a unique instance of a
+ <code><a href="#location2">Location</a></code> object.
<p>The <dfn id=location0
title=dom-document-location><code>location</code></dfn> attribute of the
<code><a href="#htmldocument">HTMLDocument</a></code> interface must
return the <code><a href="#location2">Location</a></code> object for that
- <code>Document</code> object.
+ <code>Document</code> object, if it is in a <span>browser context</span>,
+ and null otherwise.
<p>The <dfn id=location1 title=dom-location><code>location</code></dfn>
attribute of the <code><a href="#window">Window</a></code> interface must
@@ -36789,14 +36901,14 @@
href="#current1">current entry</a>, then the following sub-sub-steps
must be run:
<ol>
- <li>The current <a href="#browsing2">browsing context name</a> must be
+ <li>The current <a href="#browsing3">browsing context name</a> must be
stored with all the entries in the history that are associated with
<code>Document</code> objects with the <a href="#same-origin">same
origin</a> as the <a href="#active">active document</a> <em>and</em>
that are contiguous with the <a href="#current1">current entry</a>.
<li id=resetBCName>The browsing context's <a
- href="#browsing2">browsing context name</a> must be unset.
+ href="#browsing3">browsing context name</a> must be unset.
</ol>
<li id=appcache-history-2>The user agent must make the <i>specified
@@ -36806,14 +36918,14 @@
href="#appcache-history-1">change</a> which <a
href="#application0">application cache</a> it is associated with.)
- <li>If the <i>specified entry</i> has a <a href="#browsing2">browsing
+ <li>If the <i>specified entry</i> has a <a href="#browsing3">browsing
context name</a> stored with it, then the following sub-sub-steps must
be run:
<ol>
- <li>The browsing context's <a href="#browsing2">browsing context
+ <li>The browsing context's <a href="#browsing3">browsing context
name</a> must be set to the name stored with the specified entry.
- <li>Any <a href="#browsing2">browsing context name</a> stored with the
+ <li>Any <a href="#browsing3">browsing context name</a> stored with the
entries in the history that are associated with <code>Document</code>
objects with the <a href="#same-origin">same origin</a> as the new <a
href="#active">active document</a>, and that are contiguous with the
@@ -55262,24 +55374,24 @@
Distler, James Graham, James Justin Harrell, James M Snell, James Perrett,
Jan-Klaas Kollhof, Jason White, Jasper Bryant-Greene, Jeff Cutsinger, Jeff
Schiller, Jeff Walden, Jens Bannmann, Jens Fendler, Jeroen van der Meer,
- Jim Jewett, Jim Meehan, Joe Clark, Jjgod Jiang, Joel Spolsky, Johan
- Herland, John Boyer, John Bussjaeger, John Harding, Johnny Stenback, Jon
- Perlow, Jonathan Worent, Jorgen Horstink, Josh Levenberg, Joshua Randall,
- Jukka K. Korpela, Julian Reschke, Kai Hendry, <!-- Keryx Web, = Lars
- Gunther -->
- Kornel Lesinski, 黒澤剛志 (KUROSAWA Takeshi),
- Kristof Zelechovski, Lachlan Hunt, Larry Page, Lars Gunther, Laura L.
- Carlson, Laura Wisewell, Laurens Holst, Lee Kowalkowski, Leif Halvard
- Silli, Lenny Domnitser, Léonard Bouchet, Leons Petrazickis,
- Logan<!-- on moz irc -->, Loune, Maciej Stachowiak, Magnus
- Kristiansen<!-- Dashiva -->, Malcolm Rowe, Mark Nottingham, Mark
- Rowe<!--bdash-->, Mark Schenk, Martijn Wargers, Martin Atkins, Martin
- Dürst, Martin Honnen, Masataka Yakura, Mathieu Henri, Matthew
- Mastracci, Matthew Raymond, Matthew Thomas, Mattias Waldau, Max
- Romantschuk, Michael 'Ratt' Iannarelli, Michael A. Nachbaur, Michael A.
- Puls II<!--Shadow2531-->, Michael Carter, Michael Gratton, Michael Powers,
- Michael(tm) Smith, Michel Fortin, Michiel van der Blonk, Mihai
- Şucan<!-- from ROBO Design -->, Mike Brown, Mike
+ Jim Jewett, Jim Meehan, Joe Clark, Joseph Kesselman, Jjgod Jiang, Joel
+ Spolsky, Johan Herland, John Boyer, John Bussjaeger, John Harding, Johnny
+ Stenback, Jon Perlow, Jonathan Worent, Jorgen Horstink, Josh Levenberg,
+ Joshua Randall, Jukka K. Korpela, Julian Reschke, Kai Hendry,
+ <!-- Keryx Web, = Lars
+ Gunther --> Kornel Lesinski,
+ 黒澤剛志 (KUROSAWA Takeshi), Kristof Zelechovski,
+ Lachlan Hunt, Larry Page, Lars Gunther, Laura L. Carlson, Laura Wisewell,
+ Laurens Holst, Lee Kowalkowski, Leif Halvard Silli, Lenny Domnitser,
+ Léonard Bouchet, Leons Petrazickis, Logan<!-- on moz irc -->,
+ Loune, Maciej Stachowiak, Magnus Kristiansen<!-- Dashiva -->, Malcolm
+ Rowe, Mark Nottingham, Mark Rowe<!--bdash-->, Mark Schenk, Martijn
+ Wargers, Martin Atkins, Martin Dürst, Martin Honnen, Masataka Yakura,
+ Mathieu Henri, Matthew Mastracci, Matthew Raymond, Matthew Thomas, Mattias
+ Waldau, Max Romantschuk, Michael 'Ratt' Iannarelli, Michael A. Nachbaur,
+ Michael A. Puls II<!--Shadow2531-->, Michael Carter, Michael Gratton,
+ Michael Powers, Michael(tm) Smith, Michel Fortin, Michiel van der Blonk,
+ Mihai Şucan<!-- from ROBO Design -->, Mike Brown, Mike
Dierken<!-- S. Mike Dierken -->, Mike Dixon, Mike Schinkel, Mike Shaver,
Mikko Rantalainen, Neil Deakin, Neil Soiffer, Olaf Hoffmann, Olav Junker
Kjær, Oliver Hunt, Peter Karlsson, Peter Kasting, Philip
Received on Wednesday, 13 August 2008 02:35:40 UTC