- From: poot <cvsmail@w3.org>
- Date: Thu, 18 Feb 2010 16:44:37 +0900 (JST)
- To: public-html-diffs@w3.org
hixie: Define how .cookie works with text/html-sandboxed. (whatwg r4780)
http://dev.w3.org/cvsweb/html5/spec/Overview.html?r1=1.3827&r2=1.3828&f=h
http://html5.org/tools/web-apps-tracker?from=4779&to=4780
===================================================================
RCS file: /sources/public/html5/spec/Overview.html,v
retrieving revision 1.3827
retrieving revision 1.3828
diff -u -d -r1.3827 -r1.3828
--- Overview.html 18 Feb 2010 07:06:11 -0000 1.3827
+++ Overview.html 18 Feb 2010 07:44:27 -0000 1.3828
@@ -6039,10 +6039,10 @@
applied to this resource, the empty string will be returned.</p>
<p>Can be set, to add a new cookie to the element's set of HTTP
cookies.</p>
- <p>If the <code><a href="#document">Document</a></code> has no <a href="#browsing-context">browsing
- context</a> an <code><a href="#invalid_state_err">INVALID_STATE_ERR</a></code> exception will be
- thrown. If the contents are <a href="#sandboxed-origin-browsing-context-flag" title="sandboxed origin browsing
- context flag">sandboxed into a unique origin</a>, a
+ <p>Cookies of <code><a href="#document">Document</a></code>s that weren't obtained by
+ downloading a resource from a Web site will always be blank, even
+ after being set. If the contents are <a href="#sandboxed-origin-browsing-context-flag" title="sandboxed origin
+ browsing context flag">sandboxed into a unique origin</a>, a
<code><a href="#security_err">SECURITY_ERR</a></code> exception will be thrown.</p>
</dd>
@@ -6067,9 +6067,8 @@
<p id="sandboxCookies">On getting, if the document is a
<a href="#cookie-free-document-object">cookie-free <code>Document</code> object</a>, then the user
agent must return the empty string. Otherwise, if the
- <a href="#sandboxed-origin-browsing-context-flag">sandboxed origin browsing context flag</a> was set on the
- <a href="#browsing-context">browsing context</a> of the <code><a href="#document">Document</a></code> when the
- <code><a href="#document">Document</a></code> was created, the user agent must raise a
+ <code><a href="#document">Document</a></code>'s <a href="#origin">origin</a> is not a
+ scheme/host/port tuple, the user agent must raise a
<code><a href="#security_err">SECURITY_ERR</a></code> exception. Otherwise, the user agent must
first <a href="#obtain-the-storage-mutex">obtain the storage mutex</a> and then return the
cookie-string for <a href="#the-document-s-address">the document's address</a> for a
@@ -6077,12 +6076,11 @@
<p>On setting, if the document is a <a href="#cookie-free-document-object">cookie-free
<code>Document</code> object</a>, then the user agent must do
- nothing. Otherwise, if the <a href="#sandboxed-origin-browsing-context-flag">sandboxed origin browsing context
- flag</a> was set on the <a href="#browsing-context">browsing context</a> of the
- <code><a href="#document">Document</a></code> when the <code><a href="#document">Document</a></code> was created,
- the user agent must raise a <code><a href="#security_err">SECURITY_ERR</a></code>
- exception. Otherwise, the user agent must <a href="#obtain-the-storage-mutex">obtain the storage
- mutex</a> and then act as it would when <span title="receives a
+ nothing. Otherwise, if the <code><a href="#document">Document</a></code>'s
+ <a href="#origin">origin</a> is not a scheme/host/port tuple, the user agent
+ must raise a <code><a href="#security_err">SECURITY_ERR</a></code> exception. Otherwise, the
+ user agent must <a href="#obtain-the-storage-mutex">obtain the storage mutex</a> and then act
+ as it would when <span title="receives a
set-cookie-string">receiving a set-cookie-string</span> for
<a href="#the-document-s-address">the document's address</a> via a "non-HTTP" API, consisting
of the new value. <a href="#refsCOOKIES">[COOKIES]</a></p>
Received on Thursday, 18 February 2010 07:45:07 UTC