W3C home > Mailing lists > Public > public-html-commits@w3.org > January 2010

html5/spec Overview.html,1.3656,1.3657

From: Ian Hickson via cvs-syncmail <cvsmail@w3.org>
Date: Tue, 12 Jan 2010 11:45:53 +0000
To: public-html-commits@w3.org
Message-Id: <E1NUfC5-0008P4-UL@lionel-hutz.w3.org>
Update of /sources/public/html5/spec
In directory hutz:/tmp/cvs-serv32284

Modified Files:
	Overview.html 
Log Message:
Provide a safe way to host hostile content for use with an <iframe sandbox> on the same site. (whatwg r4581)

Index: Overview.html
===================================================================
RCS file: /sources/public/html5/spec/Overview.html,v
retrieving revision 1.3656
retrieving revision 1.3657
diff -u -d -r1.3656 -r1.3657
--- Overview.html	12 Jan 2010 08:16:58 -0000	1.3656
+++ Overview.html	12 Jan 2010 11:45:50 -0000	1.3657
@@ -281,7 +281,7 @@
    </dl><p>This specification is available in the following formats: 
     <a href="Overview.html">single page HTML</a>,
     <a href="spec.html">multipage HTML</a>.
-    This is revision $Revision $.
+    This is revision $Revision$.
    </p> 
    <p class="copyright"><a href="http://www.w3.org/Consortium/Legal/ipr-notice#Copyright">Copyright</a>
    &copy; 2009 <a href="http://www.w3.org/"><abbr title="World Wide
@@ -1208,11 +1208,12 @@
  <li><a href="#iana"><span class="secno">11 </span>IANA considerations</a>
   <ol>
    <li><a href="#text-html"><span class="secno">11.1 </span><code>text/html</code></a></li>
-   <li><a href="#application-xhtml-xml"><span class="secno">11.2 </span><code>application/xhtml+xml</code></a></li>
-   <li><a href="#text-cache-manifest"><span class="secno">11.3 </span><code>text/cache-manifest</code></a></li>
-   <li><a href="#text-ping"><span class="secno">11.4 </span><code>text/ping</code></a></li>
-   <li><a href="#ping-from"><span class="secno">11.5 </span><code>Ping-From</code></a></li>
-   <li><a href="#ping-to"><span class="secno">11.6 </span><code>Ping-To</code></a></ol></li>
+   <li><a href="#text-sandboxed-html"><span class="secno">11.2 </span><code>text/sandboxed-html</code></a></li>
+   <li><a href="#application-xhtml-xml"><span class="secno">11.3 </span><code>application/xhtml+xml</code></a></li>
+   <li><a href="#text-cache-manifest"><span class="secno">11.4 </span><code>text/cache-manifest</code></a></li>
+   <li><a href="#text-ping"><span class="secno">11.5 </span><code>text/ping</code></a></li>
+   <li><a href="#ping-from"><span class="secno">11.6 </span><code>Ping-From</code></a></li>
+   <li><a href="#ping-to"><span class="secno">11.7 </span><code>Ping-To</code></a></ol></li>
  <li><a class="no-num" href="#index">Index</a>
   <ol>
    <li><a class="no-num" href="#elements-1">Elements</a></li>
@@ -1352,10 +1353,10 @@
   resources that use this abstract language, two of which are defined
   in this specification.<p>The first such concrete syntax is the HTML syntax. This is the
   format suggested for most authors. It is compatible with most legacy
-  Web browsers. If a document is transmitted with the <a href="#mime-type">MIME
-  type</a> <code><a href="#text-html">text/html</a></code>, then it will be processed as an
-  HTML document by Web browsers. This specification defines version 5
-  of the HTML syntax, known as "HTML5".<p>The second concrete syntax is the XHTML syntax, which is an
+  Web browsers. If a document is transmitted with an <a href="#html-mime-type">HTML MIME
+  type</a>, such as <code><a href="#text-html">text/html</a></code>, then it will be
+  processed as an HTML document by Web browsers. This specification
+  defines version 5 of the HTML syntax, known as "HTML5".<p>The second concrete syntax is the XHTML syntax, which is an
   application of XML. When a document is transmitted with an <a href="#xml-mime-type">XML
   MIME type</a>, such as <code><a href="#application-xhtml-xml">application/xhtml+xml</a></code>, then
   it is treated as an XML document by Web browsers, to be parsed by an
@@ -1629,7 +1630,8 @@
   matches the <code title="">media-type</code> rule defined in section
   3.7 "Media Types" of RFC 2616, but does not contain any U+003B
   SEMICOLON characters (;). In other words, if it consists only of a
-  type and subtype, with no MIME Type parameters. <a href="#refsHTTP">[HTTP]</a><h4 id="xml"><span class="secno">2.1.2 </span>XML</h4><p class="XXX annotation"><b>Status: </b><i>Last call for comments</i><p id="html-namespace">To ease migration from HTML to XHTML, UAs
+  type and subtype, with no MIME Type parameters. <a href="#refsHTTP">[HTTP]</a><p>The term <dfn id="html-mime-type">HTML MIME type</dfn> is used to refer to the <a href="#mime-type" title="MIME type">MIME types</a> <code><a href="#text-html">text/html</a></code> and
+  <code><a href="#text-sandboxed-html">text/sandboxed-html</a></code>.<h4 id="xml"><span class="secno">2.1.2 </span>XML</h4><p class="XXX annotation"><b>Status: </b><i>Last call for comments</i><p id="html-namespace">To ease migration from HTML to XHTML, UAs
   conforming to this specification will place elements in HTML in the
   <code>http://www.w3.org/1999/xhtml</code> namespace, at least for
   the purposes of the DOM and CSS. The term "<dfn id="html-elements">HTML
@@ -1771,8 +1773,9 @@
     element that forms part of the transform.</p>
 
     <p>Web browsers that support <a href="#syntax">the HTML syntax</a> must
-    process documents labeled as <code><a href="#text-html">text/html</a></code> as described
-    in this specification, so that users can interact with them.</p>
+    process documents labeled with an <a href="#html-mime-type">HTML MIME type</a> as
+    described in this specification, so that users can interact with
+    them.</p>
 
     <p>User agents that support scripting must also be conforming
     implementations of the IDL fragments in this specification, as
@@ -5739,11 +5742,11 @@
   </div>
 
   </div><h3 id="namespaces"><span class="secno">2.8 </span>Namespaces</h3><p class="XXX annotation"><b>Status: </b><i>Last call for comments</i><p>The <dfn id="html-namespace-0">HTML namespace</dfn> is: <code>http://www.w3.org/1999/xhtml</code><p>The <dfn id="mathml-namespace">MathML namespace</dfn> is: <code>http://www.w3.org/1998/Math/MathML</code><p>The <dfn id="svg-namespace">SVG namespace</dfn> is: <code>http://www.w3.org/2000/svg</code><p>The <dfn id="xlink-namespace">XLink namespace</dfn> is: <code>http://www.w3.org/1999/xlink</code><p>The <dfn id="xml-namespace">XML namespace</dfn> is: <code>http://www.w3.org/XML/1998/namespace</code><p>The <dfn id="xmlns-namespace">XMLNS namespace</dfn> is: <code>http://www.w3.org/2000/xmlns/</code><hr><p>Data mining tools and other user agents that perform operations
-  on <code><a href="#text-html">text/html</a></code> content without running scripts,
-  evaluating CSS or XPath expressions, or otherwise exposing the
-  resulting DOM to arbitrary content, may "support namespaces" by just
-  asserting that their DOM node analogues are in certain namespaces,
-  without actually exposing the above strings.<h2 id="dom"><span class="secno">3 </span>Semantics, structure, and APIs of HTML documents</h2><p class="XXX annotation"><b>Status: </b><i>Last call for comments</i><h3 id="documents"><span class="secno">3.1 </span>Documents</h3><p class="XXX annotation"><b>Status: </b><i>Last call for comments</i><p>Every XML and HTML document in an HTML UA is represented by a
+  on content without running scripts, evaluating CSS or XPath
+  expressions, or otherwise exposing the resulting DOM to arbitrary
+  content, may "support namespaces" by just asserting that their DOM
+  node analogues are in certain namespaces, without actually exposing
+  the above strings.<h2 id="dom"><span class="secno">3 </span>Semantics, structure, and APIs of HTML documents</h2><p class="XXX annotation"><b>Status: </b><i>Last call for comments</i><h3 id="documents"><span class="secno">3.1 </span>Documents</h3><p class="XXX annotation"><b>Status: </b><i>Last call for comments</i><p>Every XML and HTML document in an HTML UA is represented by a
   <code>Document</code> object. <a href="#refsDOMCORE">[DOMCORE]</a><p><dfn id="the-document-s-address">The document's address</dfn> is an <a href="#absolute-url">absolute URL</a>
   that is set when the <code>Document</code> is created. <dfn id="the-document-s-current-address">The
   document's current address</dfn> is an <a href="#absolute-url">absolute URL</a>
@@ -16975,11 +16978,6 @@
     <p>This flag <a href="#sandboxScriptBlocked">blocks script
     execution</a>.</p>
 
-    <p class="warning">This flag only takes effect when the
-    <a href="#nested-browsing-context">nested browsing context</a> of the <code><a href="#the-iframe-element">iframe</a></code> is
-    <a href="#navigate" title="navigate">navigated</a>. Removing it has no effect
-    on an already-loaded page.</p>
-
    </dd>
 
   </dl><p>These flags must not be set unless the conditions listed above
@@ -17022,7 +17020,19 @@
    <pre>&lt;iframe sandbox="allow-same-origin allow-forms allow-scripts"
         src="http://maps.example.com/embedded.html"&gt;&lt;/iframe&gt;</pre>
 
-  </div><hr><!-- v2: Might be interesting to have a value on seamless that
+  </div><p class="note">Potentially hostile files can be served from the
+  same server as the file containing the <code><a href="#the-iframe-element">iframe</a></code> element
+  by labeling them as <code><a href="#text-sandboxed-html">text/sandboxed-html</a></code> instead of
+  <code><a href="#text-html">text/html</a></code>. This ensures that scripts in the files are
+  unable to attack the site (as if they were actually served from
+  another server), even if the user is tricked into visiting those
+  pages directly, without the protection of the <code title="attr-iframe-sandbox"><a href="#attr-iframe-sandbox">sandbox</a></code> attribute.<p class="warning">If the <code title="attr-iframe-sandbox-allow-scripts"><a href="#attr-iframe-sandbox-allow-scripts">allow-scripts</a></code>
+  keyword is set along with <code title="attr-iframe-sandbox-allow-same-origin"><a href="#attr-iframe-sandbox-allow-same-origin">allow-same-origin</a></code>
+  keyword, and the file is from the <a href="#same-origin">same origin</a> as the
+  <code><a href="#the-iframe-element">iframe</a></code>'s <code>Document</code>, then a script in the
+  "sandboxed" iframe could just reach out, remove the <code title="attr-iframe-sandbox"><a href="#attr-iframe-sandbox">sandbox</a></code> attribute, and then
+  reload itself, effectively breaking out of the sandbox
+  altogether.<hr><!-- v2: Might be interesting to have a value on seamless that
   allowed event propagation of some sort, maybe based on the WICD
   work: http://www.w3.org/TR/WICD/ --><p>The <dfn id="attr-iframe-seamless" title="attr-iframe-seamless"><code>seamless</code></dfn>
   attribute is a <a href="#boolean-attribute">boolean attribute</a>. When specified, it
@@ -38663,6 +38673,9 @@
      browsing context flag</a> was set when the
      <code>Document</code> was created</dt>
 
+     <dt>If a <code>Document</code> was generated from a resource
+     labeled as <code><a href="#text-sandboxed-html">text/sandboxed-html</a></code></dt>
+
      <dd>The <a href="#origin">origin</a> is a globally unique identifier
      assigned when the <code>Document</code> is created.</dd>
 
@@ -43951,7 +43964,8 @@
    of the following types, jump to the appropriate entry in the
    following list, and process the resource as described there:</p>
 
-    <dl class="switch"><dt>"<code><a href="#text-html">text/html</a></code>"</dt>
+    <dl class="switch"><!-- an <span>HTML MIME type</span> --><dt>"<code><a href="#text-html">text/html</a></code>"</dt>
+     <dt>"<code><a href="#text-sandboxed-html">text/sandboxed-html</a></code>"</dt>
      <dd>Follow the steps given in the <a href="#read-html" title="navigate-html">HTML document</a> section, and abort
      these steps.</dd>
 
@@ -44385,9 +44399,10 @@
   fragment identifiers for <a href="#xml-mime-type" title="XML MIME type">XML MIME
   types</a> is the responsibility of RFC3023).</p>
 
-  <p>For HTML documents (and the <code><a href="#text-html">text/html</a></code> <a href="#mime-type">MIME type</a>),
-  the following processing model must be followed to determine what
-  <a href="#the-indicated-part-of-the-document">the indicated part of the document</a> is.</p>
+  <p>For HTML documents (and <a href="#html-mime-type" title="HTML MIME type">HTML MIME
+  types</a>), the following processing model must be followed to
+  determine what <a href="#the-indicated-part-of-the-document">the indicated part of the document</a>
+  is.</p>
 
   <ol><li><p><a href="#parse-a-url" title="parse a url">Parse</a> the <a href="#url">URL</a>,
    and let <var title="">fragid</var> be the <a href="#url-fragment" title="url-fragment">&lt;fragment&gt;</a> component of the
@@ -49173,9 +49188,9 @@
 v2 (well, really v0):
  "forecolor", "hilitecolor", "fontname", "fontsize", "justifyleft",
  "justifycenter", "justifyright", "justifyfull", "indent", "outdent"
---><h2 id="syntax"><span class="secno">7 </span><dfn>The HTML syntax</dfn></h2><p class="note">This section only describes the rules for
-  <code><a href="#text-html">text/html</a></code> resources. Rules for XML resources are
-  discussed in the section below entitled "<a href="#the-xhtml-syntax">The XHTML
+--><h2 id="syntax"><span class="secno">7 </span><dfn>The HTML syntax</dfn></h2><p class="note">This section only describes the rules for resources
+  labeled with an <a href="#html-mime-type">HTML MIME type</a>. Rules for XML resources
+  are discussed in the section below entitled "<a href="#the-xhtml-syntax">The XHTML
   syntax</a>".<h3 id="writing"><span class="secno">7.1 </span>Writing HTML documents</h3><p class="XXX annotation"><b>Status: </b><i>Last call for comments</i><div class="impl">
 
   <p><i>This section only applies to documents, authoring tools, and
@@ -63683,7 +63698,71 @@
    <dt>Change controller:</dt>
    <dd>W3C and WHATWG</dd>
   </dl><p>Fragment identifiers used with <code><a href="#text-html">text/html</a></code> resources
-  refer to <a href="#the-indicated-part-of-the-document">the indicated part of the document</a>.<h3 id="application-xhtml-xml"><span class="secno">11.2 </span><dfn><code>application/xhtml+xml</code></dfn></h3><p>This registration is for community review and will be submitted
+  refer to <a href="#the-indicated-part-of-the-document">the indicated part of the document</a>.<h3 id="text-sandboxed-html"><span class="secno">11.2 </span><dfn><code>text/sandboxed-html</code></dfn></h3><p>This registration is for community review and will be submitted
+  to the IESG for review, approval, and registration with IANA.</p><!--
+   To: ietf-types@iana.org
+   Subject: Registration of media type text/sandboxed-html
+  --><dl><dt>Type name:</dt>
+   <dd>text</dd>
+   <dt>Subtype name:</dt>
+   <dd>sandboxed-html</dd>
+   <dt>Required parameters:</dt>
+   <dd>No required parameters</dd>
+   <dt>Optional parameters:</dt>
+   <dd>Same as for <code><a href="#text-html">text/html</a></code></dd>
+   <dt>Encoding considerations:</dt>
+   <dd>Same as for <code><a href="#text-html">text/html</a></code></dd>
+   <dt>Security considerations:</dt>
+   <dd>
+    <p>The purpose of the <code><a href="#text-sandboxed-html">text/sandboxed-html</a></code> MIME type
+    is to provide a way for content providers to indicate that they
+    want the file to be interpreted in a manner that does not give the
+    file's contents access to the rest of the site. This is achieved
+    by assigning the <code>Document</code> objects generated from
+    resources labeled as <code><a href="#text-sandboxed-html">text/sandboxed-html</a></code> unique
+    origins.</p>
+    <p>To avoid having legacy user agents treating resources labeled
+    as <code><a href="#text-sandboxed-html">text/sandboxed-html</a></code> as regular
+    <code><a href="#text-html">text/html</a></code> files, authors should avoid using the <code title="">.html</code> or <code title="">.htm</code> extensions for
+    resources labeled as <code><a href="#text-sandboxed-html">text/sandboxed-html</a></code>.</p>
+    <p>Beyond this, the type is identical to <code><a href="#text-html">text/html</a></code>,
+    and the same considerations apply.</p>
+   </dd>
+   <dt>Interoperability considerations:</dt>
+   <dd>Same as for <code><a href="#text-html">text/html</a></code></dd>
+   <dt>Published specification:</dt>
+   <dd>
+    This document is the relevant specification. Labeling a resource
+    with the <code><a href="#text-sandboxed-html">text/sandboxed-html</a></code> type asserts that the
+    resource is an <a href="#html-documents" title="HTML documents">HTML document</a>
+    using <a href="#syntax">the HTML syntax</a>.
+   </dd>
+   <dt>Applications that use this media type:</dt>
+   <dd>Same as for <code><a href="#text-html">text/html</a></code></dd>
+   <dt>Additional information:</dt>
+   <dd>
+    <dl><dt>Magic number(s):</dt>
+     <dd>Documents labeled as <code><a href="#text-sandboxed-html">text/sandboxed-html</a></code> are
+     heuristically indistinguishable from those labeled as
+     <code><a href="#text-html">text/html</a></code>.</dd>
+     <dt>File extension(s):</dt>
+     <dd>"<code title="">sandboxed</code>"</dd>
+     <dt>Macintosh file type code(s):</dt>
+     <dd><code title="">TEXT</code></dd>
+    </dl></dd>
+   <dt>Person &amp; email address to contact for further information:</dt>
+   <dd>Ian Hickson &lt;ian@hixie.ch&gt;</dd>
+   <dt>Intended usage:</dt>
+   <dd>Common</dd>
+   <dt>Restrictions on usage:</dt>
+   <dd>No restrictions apply.</dd>
+   <dt>Author:</dt>
+   <dd>Ian Hickson &lt;ian@hixie.ch&gt;</dd>
+   <dt>Change controller:</dt>
+   <dd>W3C and WHATWG</dd>
+  </dl><p>Fragment identifiers used with <code><a href="#text-sandboxed-html">text/sandboxed-html</a></code>
+  resources refer to <a href="#the-indicated-part-of-the-document">the indicated part of the
+  document</a>.<h3 id="application-xhtml-xml"><span class="secno">11.3 </span><dfn><code>application/xhtml+xml</code></dfn></h3><p>This registration is for community review and will be submitted
   to the IESG for review, approval, and registration with IANA.</p><!--
    To: ietf-types@iana.org
    Subject: Registration of media type application/xhtml+xml
@@ -63737,7 +63816,7 @@
    <dd>W3C and WHATWG</dd>
   </dl><p>Fragment identifiers used with <code><a href="#application-xhtml-xml">application/xhtml+xml</a></code>
   resources have the same semantics as with any <a href="#xml-mime-type">XML MIME
-  type</a>. <a href="#refsRFC3023">[RFC3023]</a><h3 id="text-cache-manifest"><span class="secno">11.3 </span><dfn><code>text/cache-manifest</code></dfn></h3><p>This registration is for community review and will be submitted
+  type</a>. <a href="#refsRFC3023">[RFC3023]</a><h3 id="text-cache-manifest"><span class="secno">11.4 </span><dfn><code>text/cache-manifest</code></dfn></h3><p>This registration is for community review and will be submitted
   to the IESG for review, approval, and registration with IANA.</p><!--
    To: ietf-types@iana.org
    Subject: Registration of media type text/cache-manifest
@@ -63798,7 +63877,7 @@
    <dt>Change controller:</dt>
    <dd>W3C and WHATWG</dd>
   </dl><p>Fragment identifiers have no meaning with
-  <code><a href="#text-cache-manifest">text/cache-manifest</a></code> resources.<h3 id="text-ping"><span class="secno">11.4 </span><dfn><code>text/ping</code></dfn></h3><p>This registration is for community review and will be submitted
+  <code><a href="#text-cache-manifest">text/cache-manifest</a></code> resources.<h3 id="text-ping"><span class="secno">11.5 </span><dfn><code>text/ping</code></dfn></h3><p>This registration is for community review and will be submitted
   to the IESG for review, approval, and registration with IANA.</p><!--
    To: ietf-types@iana.org
    Subject: Registration of media type text/ping
@@ -63852,7 +63931,7 @@
    <dt>Change controller:</dt>
    <dd>W3C and WHATWG</dd>
   </dl><p>Fragment identifiers have no meaning with
-  <code><a href="#text-ping">text/ping</a></code> resources.<h3 id="ping-from"><span class="secno">11.5 </span><dfn title="http-ping-from"><code>Ping-From</code></dfn></h3><p class="XXX annotation"><b>Status: </b><i>Last call for comments</i><p>This section describes a header field for registration in the
+  <code><a href="#text-ping">text/ping</a></code> resources.<h3 id="ping-from"><span class="secno">11.6 </span><dfn title="http-ping-from"><code>Ping-From</code></dfn></h3><p class="XXX annotation"><b>Status: </b><i>Last call for comments</i><p>This section describes a header field for registration in the
   Permanent Message Header Field Registry.  <a href="#refsRFC3864">[RFC3864]</a><dl><dt>Header field name</dt>
    <dd>Ping-From</dd>
    <dt>Applicable protocol</dt>
@@ -63867,7 +63946,7 @@
    </dd>
    <dt>Related information</dt>
    <dd>None.</dd>   
-  </dl><h3 id="ping-to"><span class="secno">11.6 </span><dfn title="http-ping-to"><code>Ping-To</code></dfn></h3><p class="XXX annotation"><b>Status: </b><i>Last call for comments</i><p>This section describes a header field for registration in the
+  </dl><h3 id="ping-to"><span class="secno">11.7 </span><dfn title="http-ping-to"><code>Ping-To</code></dfn></h3><p class="XXX annotation"><b>Status: </b><i>Last call for comments</i><p>This section describes a header field for registration in the
   Permanent Message Header Field Registry.  <a href="#refsRFC3864">[RFC3864]</a><dl><dt>Header field name</dt>
    <dd>Ping-To</dd>
    <dt>Applicable protocol</dt>
Received on Tuesday, 12 January 2010 11:45:56 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 12 January 2010 11:45:58 GMT