html5/markup/elements iframe.html,1.11,1.12 from Michael Smith via cvs-syncmail on 2010-07-27 (public-html-commits@w3.org from July 2010)

From: Michael Smith via cvs-syncmail <cvsmail@w3.org>
Date: Tue, 27 Jul 2010 06:09:48 +0000
To: public-html-commits@w3.org
Message-Id: <E1OddMK-0002Sp-5F@lionel-hutz.w3.org>
Update of /sources/public/html5/markup/elements
In directory hutz:/tmp/cvs-serv9067/elements

Modified Files:
	iframe.html 
Log Message:
checkpointing some further datatype-documentation changes designed for greater user-friendliness and better alignment with the wording in the HTML5 spec


Index: iframe.html
===================================================================
RCS file: /sources/public/html5/markup/elements/iframe.html,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -d -r1.11 -r1.12
--- iframe.html	12 Jul 2010 14:16:43 -0000	1.11
+++ iframe.html	27 Jul 2010 06:09:46 -0000	1.12
@@ -26,8 +26,64 @@
     </dl>
     <dl>
       <dt id="iframe.attrs.sandbox" class="new">sandbox</dt>
-      <dd>Instructs the UA to enable a set of extra restrictions on any
-        content hosted by the <code><a href="#iframe">iframe</a></code>.</dd>
+      <dd>Instructs the UA to “sandbox” the
+        <a href="#iframe">iframe</a>
+        by disallowing/disabling various features, and then
+        (optionally) re-allowing/re-enabling particular features.</dd>
+      <dd>The presence of this attribute—even if no value is given
+        (that is, the attribute is specified using
+        <a href="#syntax-attr-empty">empty attribute syntax</a>)
+        or even if the value consists only of 
+        <a href="#space">space characters</a>—instructs the UA to
+        enforce all the following default sandbox restrictions:
+        <ul>
+          <li><b>plugins</b>
+            are disallowed/disabled within the
+            <a href="#iframe">iframe</a></li>
+          <li><b>forms</b>
+            are disallowed/disabled within the
+            <a href="#iframe">iframe</a></li>
+          <li><b>scripts</b>
+            are disallowed/disabled within the
+            <a href="#iframe">iframe</a></li>
+          <li><b>links to other
+              <a href="#context">browsing contexts</a></b>
+            are disallowed/disabled within the 
+            <a href="#iframe">iframe</a></li>
+          <li><b>same-origin treatment</b>
+            of the content hosted by the
+            <a  href="#iframe">iframe</a>
+            and the content which hosts the
+            <a href="#iframe">iframe</a>
+            is disallowed/disabled; the
+            <a href="#iframe">iframe</a>
+            is instead treated as being from a
+            unique origin</li>
+        </ul>
+      </dd>
+      <dd>If any
+        <a href="#common.data.sandbox-allow-list">sandbox “allow” keywords</a>
+        are given, they instruct the UA to override particular
+        default sandbox restrictions by re-allowing/re-enabling
+        certain features, as follows:
+        <ul>
+          <li><code>allow-forms</code>: re-enables forms</li>
+          <li><code>allow-scripts</code>: re-enables scripts</li>
+          <li><code>allow-top-navigation</code>: re-enables links
+          within the content of the 
+          <a href="#iframe">iframe</a>
+          to navigate to its
+          <a href="#top-level-context">top-level browsing context</a></li>
+          <li><code>allow-same-origin</code>: re-enables
+          same-origin treatment of the content hosted by the
+          <a href="#iframe">iframe</a>
+          and the content which hosts the
+          <a href="#iframe">iframe</a>
+          (instead of forcing the
+          <a href="#iframe">iframe</a>
+          into a unique origin)</li>
+        </ul>
+      </dd>
     </dl>
     <dl>
       <dt id="iframe.attrs.seamless" class="new">seamless</dt>
Received on Tuesday, 27 July 2010 06:09:49 UTC