[whatwg] document.open() and security context

The current description of document.open(), at
<http://www.whatwg.org/specs/web-apps/current-work/#open> doesn't
mention the method's effect on the document's security context.

The document.open() method replaces the document's security context
with the security context of the currently executing script.  In
particular, the following properties are replaced:

1) document.URL becomes the URL of the document of the currently
executing script.

2) document.baseURI becomes the URL of the document of the currently
executing script (not it's baseURI).

3) The document's origin and effective script origin become the origin
and the effective script origin of the currently executing script.
(Note: actually, the origins are aliased, as in the about:blank case,
so that changes to one of the document's document.domain property
affects the other.)

4) The document's cookie context becomes the cookie context of the
document of the currently executing script.

There may be other things that get clobbered as well, but those were
the ones I found.

This is available in code form, along with numerous tests, at
<http://trac.webkit.org/changeset/34506>.

Adam

Received on Friday, 13 June 2008 23:48:46 UTC