[html5] r3764 - [] (0) Fix a potential security problem with the use of progress events.

whatwg at whatwg.org whatwg at whatwg.org
Mon Sep 7 03:04:29 PDT 2009


Author: ianh
Date: 2009-09-07 03:04:27 -0700 (Mon, 07 Sep 2009)
New Revision: 3764

Modified:
   index
   source
Log:
[] (0) Fix a potential security problem with the use of progress events.

Modified: index
===================================================================
--- index	2009-09-04 23:41:02 UTC (rev 3763)
+++ index	2009-09-07 10:04:27 UTC (rev 3764)
@@ -71,7 +71,7 @@
   <div class=head>
    <p><a class=logo href=http://www.whatwg.org/ rel=home><img alt=WHATWG src=/images/logo></a></p>
    <h1>HTML5</h1>
-   <h2 class="no-num no-toc" id=draft-standard-—-4-september-2009>Draft Standard — 4 September 2009</h2>
+   <h2 class="no-num no-toc" id=draft-standard-—-7-september-2009>Draft Standard — 7 September 2009</h2>
    <p>You can take part in this work. <a href=http://www.whatwg.org/mailing-list>Join the working group's discussion list.</a></p>
    <p><strong>Web designers!</strong> We have a <a href=http://blog.whatwg.org/faq/>FAQ</a>, a <a href=http://forums.whatwg.org/>forum</a>, and a <a href=http://www.whatwg.org/mailing-list#help>help mailing list</a> for you!</p>
    <!--<p class="impl"><strong>Implementors!</strong> We have a <a href="http://www.whatwg.org/mailing-list#implementors">mailing list</a> for you too!</p>-->
@@ -49007,7 +49007,10 @@
   algorithm</a>, means that an event with the name <var title="">e</var>, with no namespace, which does not bubble (unless
   otherwise stated) and is not cancelable (unless otherwise stated),
   and which uses the <code>ProgressEvent</code> interface, must be
-  dispatched at the given target. If there is a <a href=#fetch title=fetch>fetching algorithm</a>, then the <code title=dom-ProgressEvents-lengthComputable>lengthComputable</code>
+  dispatched at the given target element. If there is a <a href=#fetch title=fetch>fetching algorithm</a>, and the <a href=#url>URL</a>
+  being <a href=#fetch title=fetch>fetched</a> has the <a href=#same-origin>same
+  origin</a> as the <code>Document</code> of the target element,
+  then the <code title=dom-ProgressEvents-lengthComputable>lengthComputable</code>
   attribute must be set to true if the <a href=#fetch title=fetch>fetching
   algorithm</a>'s subject has a known <a href=#concept-fetch-total title=concept-fetch-total>size</a>; the <code title=dom-ProgressEvents-total>total</code> attribute must be set
   to the subject's <a href=#concept-fetch-total title=concept-fetch-total>size</a> if it

Modified: source
===================================================================
--- source	2009-09-04 23:41:02 UTC (rev 3763)
+++ source	2009-09-07 10:04:27 UTC (rev 3764)
@@ -55486,8 +55486,11 @@
   title="">e</var>, with no namespace, which does not bubble (unless
   otherwise stated) and is not cancelable (unless otherwise stated),
   and which uses the <code>ProgressEvent</code> interface, must be
-  dispatched at the given target. If there is a <span
-  title="fetch">fetching algorithm</span>, then the <code
+  dispatched at the given target element. If there is a <span
+  title="fetch">fetching algorithm</span>, and the <span>URL</span>
+  being <span title="fetch">fetched</span> has the <span>same
+  origin</span> as the <code>Document</code> of the target element,
+  then the <code
   title="dom-ProgressEvents-lengthComputable">lengthComputable</code>
   attribute must be set to true if the <span title="fetch">fetching
   algorithm</span>'s subject has a known <span




More information about the Commit-Watchers mailing list