- From: Ian Hickson via cvs-syncmail <cvsmail@w3.org>
- Date: Fri, 14 Aug 2009 22:52:12 +0000
- To: public-html-commits@w3.org
Update of /sources/public/html5/spec In directory hutz:/tmp/cvs-serv28338 Modified Files: Overview.html Log Message: Rework the security model for cross-origin access, so that we can be surer that prototype objects are safe. (whatwg r3622) Index: Overview.html =================================================================== RCS file: /sources/public/html5/spec/Overview.html,v retrieving revision 1.2811 retrieving revision 1.2812 diff -u -d -r1.2811 -r1.2812 --- Overview.html 14 Aug 2009 10:33:32 -0000 1.2811 +++ Overview.html 14 Aug 2009 22:52:09 -0000 1.2812 @@ -41632,7 +41632,31 @@ <li>The <a href="#dynamic-nested-browsing-context-properties">dynamic nested browsing context properties</a> - </ul><p>User agents must not allow scripts to override the <code title="dom-location"><a href="#dom-location">location</a></code> object's setter.</p> + </ul><p>When a script whose <a href="#effective-script-origin">effective script origin</a> is not + the same as the <code><a href="#window">Window</a></code> object's <code>Document</code>'s + <a href="#effective-script-origin">effective script origin</a> attempts to access that + <code><a href="#window">Window</a></code> object's methods or attributes, the user agent + must act as if any changes to the <code><a href="#window">Window</a></code> object's + properties, getters, setters, etc, were not present.</p> + + <p>For members that return objects (including function objects), + each distinct <a href="#effective-script-origin">effective script origin</a> that is not the + same as the <code><a href="#window">Window</a></code> object's <code>Document</code>'s + <a href="#effective-script-origin">effective script origin</a> must be provided with a + separate set of objects. These objects must have the prototype chain + appropriate for the script for which the objects are created (not + those that would be appropriate for scripts whose <a href="#script-s-global-object">script's + global object</a> is the <code><a href="#window">Window</a></code> object in + question).</p> + + <div class="example"> + + <p>For instance, if two frames containing <code>Document</code>s + from different <a href="#origin-0" title="origin">origins</a> access the same + <code><a href="#window">Window</a></code> object's <code title="dom-window-postMessage-2"><a href="#dom-window-postmessage-2">postMessage()</a></code> method, they + will get distinct objects that are not equal.</p> + + </div> </div><h4 id="apis-for-creating-and-navigating-browsing-contexts-by-name"><span class="secno">6.3.2 </span>APIs for creating and navigating browsing contexts by name</h4><dl class="domintro"><dt><var title="">window</var> = <var title="">window</var> . <code title="dom-open"><a href="#dom-open">open</a></code>( [ <var title="">url</var> [, <var title="">target</var> [, <var title="">features</var> [, <var title="">replace</var> ] ] ] ] )</dt> @@ -46843,11 +46867,7 @@ <a href="#allowed-to-navigate">allowed to navigate</a> the browsing context with which the <code><a href="#location">Location</a></code> object is associated - </ul><p>User agents must not allow scripts to override the <code title="dom-location-href"><a href="#dom-location-href">href</a></code> attribute's setter or the - <code title="dom-location-replace"><a href="#dom-location-replace">replace()</a></code> method on the - <code><a href="#location">Location</a></code> object.</p> - - </div><div class="impl"> + </ul></div><div class="impl"> <h4 id="history-notes"><span class="secno">6.10.5 </span>Implementation notes for session history</h4> <!-- don't change the ID without updating multiple internal links -->
Received on Friday, 14 August 2009 22:52:20 UTC