W3C home > Mailing lists > Public > public-html-diffs@w3.org > April 2010

postmsg; hixie: stablise ids for security sections (whatwg r4900)

From: poot <cvsmail@w3.org>
Date: Thu, 1 Apr 2010 14:35:36 +0900 (JST)
To: public-html-diffs@w3.org
Message-Id: <20100401053536.A29882BC93@toro.w3.mag.keio.ac.jp>
postmsg; hixie: stablise ids for security sections (whatwg r4900)

http://dev.w3.org/cvsweb/html5/postmsg/Overview.html?r1=1.27&r2=1.28&f=h
http://html5.org/tools/web-apps-tracker?from=4899&to=4900

===================================================================
RCS file: /sources/public/html5/postmsg/Overview.html,v
retrieving revision 1.27
retrieving revision 1.28
diff -u -d -r1.27 -r1.28
--- Overview.html	29 Mar 2010 06:08:16 -0000	1.27
+++ Overview.html	30 Mar 2010 01:39:34 -0000	1.28
@@ -283,7 +283,7 @@
    <h1>HTML5 Web Messaging</h1>
    <h2 class="no-num no-toc" id="generatedID"></h2>
 
-   <h2 class="no-num no-toc" id="editor-s-draft-29-march-2010">Editor's Draft 29 March 2010</h2>
+   <h2 class="no-num no-toc" id="editor-s-draft-30-march-2010">Editor's Draft 30 March 2010</h2>
    <dl><dt>Latest Published Version:</dt>
     <dd><a href="http://www.w3.org/TR/postmsg/">http://www.w3.org/TR/postmsg/</a></dd>
     <dt>Latest Editor's Draft:</dt>
@@ -377,7 +377,7 @@
   specification's progress along the W3C Recommendation
   track.
 
-  This specification is the 29 March 2010 Editor's Draft.
+  This specification is the 30 March 2010 Editor's Draft.
   </p><!-- UNDER NO CIRCUMSTANCES IS THE PRECEDING PARAGRAPH TO BE REMOVED OR EDITED WITHOUT TALKING TO IAN FIRST --><!-- relationship to other work (required) --><p>The contents of this specification are also part of <a href="http://www.whatwg.org/specs/web-apps/current-work/multipage/">a
   specification</a> published by the <a href="http://www.whatwg.org/">WHATWG</a>, which is available under a
   license that permits reuse of the specification text.</p><!-- UNDER NO CIRCUMSTANCES IS THE FOLLOWING PARAGRAPH TO BE REMOVED OR EDITED WITHOUT TALKING TO IAN FIRST --><!-- UNDER NO CIRCUMSTANCES IS THE PRECEDING PARAGRAPH TO BE REMOVED OR EDITED WITHOUT TALKING TO IAN FIRST --><!-- context and rationale (required) --><!-- (this text is from the RDFa+HTML spec --><p>This specification is an extension to the HTML5 language. All
@@ -398,7 +398,7 @@
  <li><a href="#crossDocumentMessages"><span class="secno">3 </span>Cross-document messaging</a>
   <ol>
    <li><a href="#introduction"><span class="secno">3.1 </span>Introduction</a></li>
-   <li><a href="#security"><span class="secno">3.2 </span>Security</a>
+   <li><a href="#security-postmsg"><span class="secno">3.2 </span>Security</a>
     <ol>
      <li><a href="#authors"><span class="secno">3.2.1 </span>Authors</a></li>
      <li><a href="#user-agents"><span class="secno">3.2.2 </span>User agents</a></ol></li>
@@ -559,13 +559,13 @@
    responds to by sending a message back to the document which sent
    the message in the first place.</p>
 
-  </div><h3 id="security"><span class="secno">3.2 </span>Security</h3><div class="impl">
+  </div><h3 id="security-postmsg"><span class="secno">3.2 </span>Security</h3><div class="impl">
 
   <h4 id="authors"><span class="secno">3.2.1 </span>Authors</h4>
 
-  </div><p class="warning">Use of this API requires extra care to protect
-  users from hostile entities abusing a site for their own
-  purposes.<p>Authors should check the <code title="dom-MessageEvent-origin"><a href="#dom-messageevent-origin">origin</a></code> attribute to ensure
+  </div><p class="warning" id="security-4">Use of this API requires extra
+  care to protect users from hostile entities abusing a site for their
+  own purposes.<p>Authors should check the <code title="dom-MessageEvent-origin"><a href="#dom-messageevent-origin">origin</a></code> attribute to ensure
   that messages are only accepted from domains that they expect to
   receive messages from. Otherwise, bugs in the author's message
   handling code could be exploited by hostile sites.<p>Furthermore, even after checking the <code title="dom-MessageEvent-origin"><a href="#dom-messageevent-origin">origin</a></code> attribute, authors
Received on Thursday, 1 April 2010 05:36:11 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Saturday, 18 December 2010 06:14:18 GMT