html5/spec association-of-controls-and-forms.html,1.27,1.28 spec.html,1.1203,1.1204 from Michael Smith via cvs-syncmail on 2010-09-10 (public-html-commits@w3.org from September 2010)

From: Michael Smith via cvs-syncmail <cvsmail@w3.org>
Date: Fri, 10 Sep 2010 09:46:35 +0000
To: public-html-commits@w3.org
Message-Id: <E1Ou0Bn-0008Jb-VO@lionel-hutz.w3.org>
Update of /sources/public/html5/spec
In directory hutz:/tmp/cvs-serv31908

Modified Files:
	association-of-controls-and-forms.html spec.html 
Log Message:
mitigate the risk of autofocus being used in script-less XSS scenarios to transfer focus to hostile forms (whatwg r5465)

[updated by splitter]


Index: association-of-controls-and-forms.html
===================================================================
RCS file: /sources/public/html5/spec/association-of-controls-and-forms.html,v
retrieving revision 1.27
retrieving revision 1.28
diff -u -d -r1.27 -r1.28
--- association-of-controls-and-forms.html	10 Sep 2010 01:47:05 -0000	1.27
+++ association-of-controls-and-forms.html	10 Sep 2010 09:46:33 -0000	1.28
@@ -527,15 +527,31 @@
   <a href="infrastructure.html#insert-an-element-into-a-document" title="insert an element into a document">inserted into a
   document</a>, user agents should run the following steps:</p>
 
-  <ol><li><p>If the <code><a href="infrastructure.html#document">Document</a></code>'s <a href="browsers.html#browsing-context">browsing context</a>
-   had the <a href="the-iframe-element.html#sandboxed-automatic-features-browsing-context-flag">sandboxed automatic features browsing context
-   flag</a> set when the <code><a href="infrastructure.html#document">Document</a></code> was created, abort
-   these steps.</p></li>
+  <ol><li><p>Let <var title="">target</var> be the element's
+   <code><a href="infrastructure.html#document">Document</a></code>.</p></li>
+
+   <li><p>If <var title="">target</var>'s <a href="browsers.html#browsing-context">browsing
+   context</a> had the <a href="the-iframe-element.html#sandboxed-automatic-features-browsing-context-flag">sandboxed automatic features browsing
+   context flag</a> set when <var title="">target</var> was
+   created, abort these steps.</p></li>
+
+   <li><p>If <var title="">target</var>'s <a href="origin-0.html#origin">origin</a> is not
+   the <a href="origin-0.html#same-origin" title="same origin">same</a> as the
+   <a href="origin-0.html#origin">origin</a> of the <code><a href="infrastructure.html#document">Document</a></code> of the currently
+   focused element in <var title="">target</var>'s <a href="browsers.html#top-level-browsing-context">top-level
+   browsing context</a>, abort these steps.</p></li>
+
+   <li><p>If <var title="">target</var>'s <a href="origin-0.html#origin">origin</a> is not
+   the <a href="origin-0.html#same-origin" title="same origin">same</a> as the
+   <a href="origin-0.html#origin">origin</a> of the <a href="browsers.html#active-document">active document</a> of <var title="">target</var>'s <a href="browsers.html#top-level-browsing-context">top-level browsing context</a>,
+   abort these steps.</p></li>
 
    <li><p>If the user agent has already reached the last step of this
    list of steps in response to an element being <a href="infrastructure.html#insert-an-element-into-a-document" title="insert
-   an element into a document">inserted</a> into this
-   <code><a href="infrastructure.html#document">Document</a></code>, abort these steps.</p></li>
+   an element into a document">inserted</a> into a
+   <code><a href="infrastructure.html#document">Document</a></code> whose <a href="browsers.html#top-level-browsing-context">top-level browsing
+   context</a>'s <a href="browsers.html#active-document">active document</a> is the same as <var title="">target</var>'s <a href="browsers.html#top-level-browsing-context">top-level browsing context</a>'s
+   <a href="browsers.html#active-document">active document</a>, abort these steps.</p></li>
 
    <li><p>If the user has indicated (for example, by starting to type
    in a form control) that he does not wish focus to be changed, then

Index: spec.html
===================================================================
RCS file: /sources/public/html5/spec/spec.html,v
retrieving revision 1.1203
retrieving revision 1.1204
diff -u -d -r1.1203 -r1.1204
--- spec.html	10 Sep 2010 09:16:38 -0000	1.1203
+++ spec.html	10 Sep 2010 09:46:33 -0000	1.1204
@@ -336,7 +336,7 @@
     <a href="Overview.html">single page HTML</a>,
     <a href="spec.html">multipage HTML</a>,
     <a href="author/">web developer edition</a>.
-This is revision 1.4357.
+This is revision 1.4358.
    </p> 
      <p class="copyright"><a href="http://www.w3.org/Consortium/Legal/ipr-notice#Copyright">Copyright</a>
    &#169; 2010 <a href="http://www.w3.org/"><abbr title="World Wide
Received on Friday, 10 September 2010 09:46:37 UTC