- From: poot <cvsmail@w3.org>
- Date: Sat, 15 Aug 2009 07:52:34 +0900 (JST)
- To: public-html-diffs@w3.org
hixie: Rework the security model for cross-origin access, so that we can
be surer that prototype objects are safe. (whatwg r3622)
http://dev.w3.org/cvsweb/html5/spec/Overview.html?r1=1.2811&r2=1.2812&f=h
http://html5.org/tools/web-apps-tracker?from=3621&to=3622
===================================================================
RCS file: /sources/public/html5/spec/Overview.html,v
retrieving revision 1.2811
retrieving revision 1.2812
diff -u -d -r1.2811 -r1.2812
--- Overview.html 14 Aug 2009 10:33:32 -0000 1.2811
+++ Overview.html 14 Aug 2009 22:52:09 -0000 1.2812
@@ -41632,7 +41632,31 @@
<li>The <a href="#dynamic-nested-browsing-context-properties">dynamic nested browsing context properties</a>
- </ul><p>User agents must not allow scripts to override the <code title="dom-location"><a href="#dom-location">location</a></code> object's setter.</p>
+ </ul><p>When a script whose <a href="#effective-script-origin">effective script origin</a> is not
+ the same as the <code><a href="#window">Window</a></code> object's <code>Document</code>'s
+ <a href="#effective-script-origin">effective script origin</a> attempts to access that
+ <code><a href="#window">Window</a></code> object's methods or attributes, the user agent
+ must act as if any changes to the <code><a href="#window">Window</a></code> object's
+ properties, getters, setters, etc, were not present.</p>
+
+ <p>For members that return objects (including function objects),
+ each distinct <a href="#effective-script-origin">effective script origin</a> that is not the
+ same as the <code><a href="#window">Window</a></code> object's <code>Document</code>'s
+ <a href="#effective-script-origin">effective script origin</a> must be provided with a
+ separate set of objects. These objects must have the prototype chain
+ appropriate for the script for which the objects are created (not
+ those that would be appropriate for scripts whose <a href="#script-s-global-object">script's
+ global object</a> is the <code><a href="#window">Window</a></code> object in
+ question).</p>
+
+ <div class="example">
+
+ <p>For instance, if two frames containing <code>Document</code>s
+ from different <a href="#origin-0" title="origin">origins</a> access the same
+ <code><a href="#window">Window</a></code> object's <code title="dom-window-postMessage-2"><a href="#dom-window-postmessage-2">postMessage()</a></code> method, they
+ will get distinct objects that are not equal.</p>
+
+ </div>
</div><h4 id="apis-for-creating-and-navigating-browsing-contexts-by-name"><span class="secno">6.3.2 </span>APIs for creating and navigating browsing contexts by name</h4><dl class="domintro"><dt><var title="">window</var> = <var title="">window</var> . <code title="dom-open"><a href="#dom-open">open</a></code>( [ <var title="">url</var> [, <var title="">target</var> [, <var title="">features</var> [, <var title="">replace</var> ] ] ] ] )</dt>
@@ -46843,11 +46867,7 @@
<a href="#allowed-to-navigate">allowed to navigate</a> the browsing context with which
the <code><a href="#location">Location</a></code> object is associated
- </ul><p>User agents must not allow scripts to override the <code title="dom-location-href"><a href="#dom-location-href">href</a></code> attribute's setter or the
- <code title="dom-location-replace"><a href="#dom-location-replace">replace()</a></code> method on the
- <code><a href="#location">Location</a></code> object.</p>
-
- </div><div class="impl">
+ </ul></div><div class="impl">
<h4 id="history-notes"><span class="secno">6.10.5 </span>Implementation notes for session history</h4>
<!-- don't change the ID without updating multiple internal links -->
Received on Friday, 14 August 2009 22:53:11 UTC