hixie: freeze sandbox='' on document creation (whatwg r4580)

hixie: freeze sandbox='' on document creation (whatwg r4580)

http://dev.w3.org/cvsweb/html5/spec/Overview.html?r1=1.3655&r2=1.3656&f=h
http://html5.org/tools/web-apps-tracker?from=4579&to=4580

===================================================================
RCS file: /sources/public/html5/spec/Overview.html,v
retrieving revision 1.3655
retrieving revision 1.3656
diff -u -d -r1.3655 -r1.3656
--- Overview.html 12 Jan 2010 02:56:25 -0000 1.3655
+++ Overview.html 12 Jan 2010 08:16:58 -0000 1.3656
@@ -16947,10 +16947,6 @@
 
     </div>
 
-    <p class="warning">This flag only takes effect when the
-    <a href="#nested-browsing-context">nested browsing context</a> of the <code><a href="#the-iframe-element">iframe</a></code> is
-    <a href="#navigate" title="navigate">navigated</a>.</p>
-
    </dd>
 
 
@@ -16979,18 +16975,22 @@
     <p>This flag <a href="#sandboxScriptBlocked">blocks script
     execution</a>.</p>
 
-    <p class="warning">If the <code title="attr-iframe-sandbox"><a href="#attr-iframe-sandbox">sandbox</a></code> attribute is
-    dynamically added after the <code><a href="#the-iframe-element">iframe</a></code> has loaded a page,
-    scripts already compiled by that page (whether in
-    <code><a href="#script">script</a></code> elements, or in <a href="#event-handlers">event handlers</a>,
-    or elsewhere) will continue to run. Only <em>new</em> scripts will
-    be prevented from executing by this flag.</p>
+    <p class="warning">This flag only takes effect when the
+    <a href="#nested-browsing-context">nested browsing context</a> of the <code><a href="#the-iframe-element">iframe</a></code> is
+    <a href="#navigate" title="navigate">navigated</a>. Removing it has no effect
+    on an already-loaded page.</p>
 
    </dd>
 
   </dl><p>These flags must not be set unless the conditions listed above
   define them as being set.</p>
 
+  <p class="warning">These flags only take effect when the
+  <a href="#nested-browsing-context">nested browsing context</a> of the <code><a href="#the-iframe-element">iframe</a></code> is
+  <a href="#navigate" title="navigate">navigated</a>. Removing then, or removing
+  the entire <code title="attr-iframe-sandbox"><a href="#attr-iframe-sandbox">sandbox</a></code>
+  attribute, has no effect on an already-loaded page.</p>
+
   </div><div class="example">
 
    <p>In this example, some completely-unknown, potentially hostile,
@@ -17031,15 +17031,16 @@
   be part of the containing document (seamlessly included in the
   parent document). <span class="impl">Specifically, when the
   attribute is set on an <code><a href="#the-iframe-element">iframe</a></code> element whose owner
-  <code>Document</code>'s <a href="#browsing-context">browsing context</a> does not have
-  the <a href="#sandboxed-seamless-iframes-flag">sandboxed seamless iframes flag</a> set and while
-  either the <a href="#browsing-context">browsing context</a>'s <a href="#active-document">active
-  document</a> has the <a href="#same-origin">same origin</a> as the
-  <code><a href="#the-iframe-element">iframe</a></code> element's document, or the <a href="#browsing-context">browsing
-  context</a>'s <a href="#active-document">active document</a>'s <em><a href="#the-document-s-address" title="the
-  document's address">address</a></em> has the <a href="#same-origin">same
-  origin</a> as the <code><a href="#the-iframe-element">iframe</a></code> element's document, the
-  following requirements apply:</span><div class="impl">
+  <code>Document</code>'s <a href="#browsing-context">browsing context</a> did not have
+  the <a href="#sandboxed-seamless-iframes-flag">sandboxed seamless iframes flag</a> set when that
+  <code>Document</code> was created, and while either the
+  <a href="#browsing-context">browsing context</a>'s <a href="#active-document">active document</a> has the
+  <a href="#same-origin">same origin</a> as the <code><a href="#the-iframe-element">iframe</a></code> element's
+  document, or the <a href="#browsing-context">browsing context</a>'s <a href="#active-document">active
+  document</a>'s <em><a href="#the-document-s-address" title="the document's
+  address">address</a></em> has the <a href="#same-origin">same origin</a> as the
+  <code><a href="#the-iframe-element">iframe</a></code> element's document, the following requirements
+  apply:</span><div class="impl">
 
   <ul><li><p>The user agent must set the <dfn id="seamless-browsing-context-flag">seamless browsing
    context flag</dfn> to true for that <a href="#browsing-context">browsing
@@ -17252,17 +17253,17 @@
   content</a>, any plugins instantiated for the element must be
   removed, and the <code><a href="#the-embed-element">embed</a></code> element represents nothing.</p>
 
-  <p id="sandboxPluginEmbed">When the <a href="#sandboxed-plugins-browsing-context-flag">sandboxed plugins browsing
-  context flag</a> is set on the <a href="#browsing-context">browsing context</a> for
-  which the <code><a href="#the-embed-element">embed</a></code> element's document is the <a href="#active-document">active
-  document</a>, then the user agent must render the
-  <code><a href="#the-embed-element">embed</a></code> element in a manner that conveys that the
-  <a href="#plugin">plugin</a> was disabled. The user agent may offer the user
-  the option to override the sandbox and instantiate the
-  <a href="#plugin">plugin</a> anyway; if the user invokes such an option, the
-  user agent must act as if the <a href="#sandboxed-plugins-browsing-context-flag">sandboxed plugins browsing
-  context flag</a> was not set for the purposes of this
-  element.</p>
+  <p id="sandboxPluginEmbed">If the <a href="#sandboxed-plugins-browsing-context-flag">sandboxed plugins browsing
+  context flag</a> was set on the <a href="#browsing-context">browsing context</a> for
+  which the <code><a href="#the-embed-element">embed</a></code> element's <code>Document</code> is the
+  <a href="#active-document">active document</a> when that <code>Document</code> was
+  created, then the user agent must render the <code><a href="#the-embed-element">embed</a></code>
+  element in a manner that conveys that the <a href="#plugin">plugin</a> was
+  disabled. The user agent may offer the user the option to override
+  the sandbox and instantiate the <a href="#plugin">plugin</a> anyway; if the
+  user invokes such an option, the user agent must act as if the
+  <a href="#sandboxed-plugins-browsing-context-flag">sandboxed plugins browsing context flag</a> was not set for
+  the purposes of this element.</p>
 
   <p class="warning">Plugins are disabled in sandboxed browsing
   contexts because they might not honor the restrictions imposed by
@@ -17277,7 +17278,7 @@
   <ul class="brief"><li>The element is <a href="#in-a-document" title="in a document">in a <code>Document</code></a>.</li>
    <li>The element's <code>Document</code> is <a href="#fully-active">fully active</a>.</li>
    <li>The element has either a <code title="attr-embed-src"><a href="#attr-embed-src">src</a></code> attribute set or a <code title="attr-embed-type"><a href="#attr-embed-type">type</a></code> attribute set (or both).</li>
-   <li>The element is not in a sandboxed browsing context.</li>
+   <li>The element is not in a <code>Document</code> whose <a href="#browsing-context">browsing context</a> had the <a href="#sandboxed-plugins-browsing-context-flag">sandboxed plugins browsing context flag</a> set when the <code>Document</code> was created.</li>
    <li>The element is not a descendant of a <a href="#media-element">media element</a>.</li>
    <li>The element is not a descendant of an <code><a href="#the-object-element">object</a></code> element that is not showing its <a href="#fallback-content">fallback content</a>.</li>
   </ul><p>Whenever an <code><a href="#the-embed-element">embed</a></code> element that was not <a href="#concept-embed-active" title="concept-embed-active">potentially active</a> becomes <a href="#concept-embed-active" title="concept-embed-active">potentially active</a>, and whenever
@@ -17871,11 +17872,11 @@
   <a href="#browsing-context">browsing context</a>.</p>
 
   <p id="sandboxPluginObject">If the <a href="#sandboxed-plugins-browsing-context-flag">sandboxed plugins browsing
-  context flag</a> is set on the <a href="#browsing-context">browsing context</a> for
-  which the <code><a href="#the-object-element">object</a></code> element's document is the <a href="#active-document">active
-  document</a>, then the steps above must always act as if they had
-  failed to find a <a href="#plugin">plugin</a>, even if one would otherwise have been
-  used.</p>
+  context flag</a> was set on the <code><a href="#the-object-element">object</a></code> element's
+  <code>Document</code>'s <a href="#browsing-context">browsing context</a> when the
+  <code>Document</code> was created, then the steps above must always
+  act as if they had failed to find a <a href="#plugin">plugin</a>, even if one
+  would otherwise have been used.</p>
 
   <p class="note">The above algorithm is independent of CSS properties
   (including 'display', 'overflow', and 'visibility'). For example, it
@@ -31966,9 +31967,10 @@
 
   <ol><li id="sandboxSubmitBlocked"><p>If <var title="">form</var> is in
    a <code>Document</code> that has no associated <a href="#browsing-context">browsing
-   context</a> or whose <a href="#browsing-context">browsing context</a> has its
-   <a href="#sandboxed-forms-browsing-context-flag">sandboxed forms browsing context flag</a> set, then abort
-   these steps without doing anything.</li>
+   context</a> or whose <a href="#browsing-context">browsing context</a> had its
+   <a href="#sandboxed-forms-browsing-context-flag">sandboxed forms browsing context flag</a> set when the
+   <code>Document</code> was created, then abort these steps without
+   doing anything.</li>
 
    <li><p>If <var title="">form</var> is already being submitted
    (i.e. the form was <a href="#concept-form-submit" title="concept-form-submit">submitted</a> again while processing
@@ -37797,9 +37799,9 @@
     happens depends on the user agent's configuration and/or
     abilities:</p>
 
-    <dl><dt id="sandboxWindowOpen">If the current browsing context has
-     the <a href="#sandboxed-navigation-browsing-context-flag">sandboxed navigation browsing context flag</a>
-     set.</dt>
+    <dl><dt id="sandboxWindowOpen">If the current browsing context had
+     the <a href="#sandboxed-navigation-browsing-context-flag">sandboxed navigation browsing context flag</a> set
+     when its <a href="#active-document">active document</a> was created.</dt>
 
      <dd><p>The user agent may offer to create a new <a href="#top-level-browsing-context">top-level
      browsing context</a> or reuse an existing <a href="#top-level-browsing-context">top-level
@@ -38992,9 +38994,10 @@
    the option to disable scripting globally, or in a finer-grained
    manner, e.g. on a per-origin basis.)</li>
 
-   <li id="sandboxScriptBlocked">The <a href="#browsing-context">browsing context</a>
-   does not have the <a href="#sandboxed-scripts-browsing-context-flag">sandboxed scripts browsing context
-   flag</a> set.</li>
+   <li id="sandboxScriptBlocked">The <a href="#browsing-context">browsing context</a> did
+   not have the <a href="#sandboxed-scripts-browsing-context-flag">sandboxed scripts browsing context flag</a>
+   set when the <a href="#browsing-context">browsing context</a>'s <a href="#active-document">active
+   document</a> was created.</li>
 
   </ul><p><dfn id="concept-bc-noscript" title="concept-bc-noscript">Scripting is disabled</dfn> in a
   <a href="#browsing-context">browsing context</a> when any of the above conditions are
@@ -43711,15 +43714,16 @@
    being navigated, and the <a href="#source-browsing-context">source browsing context</a> is
    not one of the <a href="#ancestor-browsing-context" title="ancestor browsing context">ancestor
    browsing contexts</a> of the <a href="#browsing-context">browsing context</a> being
-   navigated, and the <a href="#source-browsing-context">source browsing context</a> has its
-   <a href="#sandboxed-navigation-browsing-context-flag">sandboxed navigation browsing context flag</a> set, then
-   abort these steps. The user agent may offer to open the new
-   resource in a new <a href="#top-level-browsing-context">top-level browsing context</a> or in the
-   <a href="#top-level-browsing-context">top-level browsing context</a> of the <a href="#source-browsing-context">source
-   browsing context</a>, at the user's option, in which case the
-   user agent must <a href="#navigate">navigate</a> that designated
-   <a href="#top-level-browsing-context">top-level browsing context</a> to the new resource as if
-   the user had requested it independently.</li>
+   navigated, and the <a href="#source-browsing-context">source browsing context</a> had its
+   <a href="#sandboxed-navigation-browsing-context-flag">sandboxed navigation browsing context flag</a> set when
+   its <a href="#active-document">active document</a> was created, then abort these
+   steps. The user agent may offer to open the new resource in a new
+   <a href="#top-level-browsing-context">top-level browsing context</a> or in the <a href="#top-level-browsing-context">top-level
+   browsing context</a> of the <a href="#source-browsing-context">source browsing
+   context</a>, at the user's option, in which case the user agent
+   must <a href="#navigate">navigate</a> that designated <a href="#top-level-browsing-context">top-level browsing
+   context</a> to the new resource as if the user had requested it
+   independently.</li>
 
    <li id="seamlessLinks"><p>If the <a href="#source-browsing-context">source browsing
    context</a> is the same as the <a href="#browsing-context">browsing context</a>
@@ -44307,8 +44311,9 @@
   the document a <code><a href="#the-title-element-0">title</a></code>.</p>
 
   <p class="note" id="sandboxPluginNavigate">If the <a href="#sandboxed-plugins-browsing-context-flag">sandboxed
-  plugins browsing context flag</a> is set on the <a href="#browsing-context">browsing
-  context</a>, the synthesized <code><a href="#the-embed-element">embed</a></code> element will <a href="#sandboxPluginEmbed">fail to render the content</a>.</p>
+  plugins browsing context flag</a> was set on the <a href="#browsing-context">browsing
+  context</a> when the <code>Document</code> was created, the
+  synthesized <code><a href="#the-embed-element">embed</a></code> element will <a href="#sandboxPluginEmbed">fail to render the content</a>.</p>
 
 
   <h4 id="read-ua-inline"><span class="secno">5.11.7 </span><dfn title="navigate-ua-inline">Page load processing model for inline content that doesn't have a DOM</dfn></h4><p class="XXX annotation"><b>Status: </b><i>Last call for comments</i></p>
@@ -62436,10 +62441,10 @@
 
   <p id="sandboxPluginApplet">When the element is not <a href="#in-a-document">in a
   <code>Document</code></a>, and when the element's document is not
-  <a href="#fully-active">fully active</a>, and when the <a href="#sandboxed-plugins-browsing-context-flag">sandboxed plugins
-  browsing context flag</a> is set on the <a href="#browsing-context">browsing
-  context</a> for which the <code><a href="#the-applet-element">applet</a></code> element's document
-  is the <a href="#active-document">active document</a>, and when the element has an
+  <a href="#fully-active">fully active</a>, and when the element's
+  <code>Document</code>'s <a href="#browsing-context">browsing context</a> had its
+  <a href="#sandboxed-plugins-browsing-context-flag">sandboxed plugins browsing context flag</a> when that
+  <code>Document</code> was created, and when the element has an
   ancestor <a href="#media-element">media element</a>, and when the element has an
   ancestor <code><a href="#the-object-element">object</a></code> element that is <em>not</em> showing
   its <a href="#fallback-content">fallback content</a>, and when no Java Language runtime

Received on Tuesday, 12 January 2010 08:17:44 UTC