[html5] r7406 - [e] (0) Bit of editorial cleanup for <iframe>. Should have no normative effect. [...]

whatwg at whatwg.org whatwg at whatwg.org
Tue Sep 25 20:27:08 PDT 2012


Author: ianh
Date: 2012-09-25 20:27:07 -0700 (Tue, 25 Sep 2012)
New Revision: 7406

Modified:
   complete.html
   index
   source
Log:
[e] (0) Bit of editorial cleanup for <iframe>. Should have no normative effect.
Affected topics: HTML

Modified: complete.html
===================================================================
--- complete.html	2012-09-26 00:22:32 UTC (rev 7405)
+++ complete.html	2012-09-26 03:27:07 UTC (rev 7406)
@@ -1471,12 +1471,7 @@
    publication policies</a>.</li>
 -->
 
-   <li>The W3C HTML specification omits an example that references the
-   schema.org microdata vocabulary as part of a compromise intended to
-   resolve larger issues of divergence between the specifications.
-   (Many other examples that reference schema.org and microdata are
-   included apparently without issue, however.)</li><!-- "I put a bike
-   bell on his bike." -->
+   <li>The W3C HTML specification omits mentions of microdata.</li>
 
    <li>The W3C HTML specification defines conformance for documents in
    a more traditional (version-orientated) way, because of <a href=http://lists.w3.org/Archives/Public/public-html/2011Mar/0574.html>a
@@ -26582,112 +26577,134 @@
   readonly attribute <a href=#windowproxy>WindowProxy</a>? <a href=#dom-iframe-contentwindow title=dom-iframe-contentWindow>contentWindow</a>;
 };</pre>
    </dd>
-  </dl><!--TOPIC:HTML--><p>The <code><a href=#the-iframe-element>iframe</a></code> element <a href=#represents>represents</a> a
-  <a href=#nested-browsing-context>nested browsing context</a>.</p>
+  </dl><!--TOPIC:HTML--><!-- INTRO --><p>The <code><a href=#the-iframe-element>iframe</a></code> element <a href=#represents>represents</a> a <a href=#nested-browsing-context>nested browsing
+  context</a>.</p>
 
-  <p>The <dfn id=attr-iframe-src title=attr-iframe-src><code>src</code></dfn> attribute
-  gives the address of a page that the <a href=#nested-browsing-context>nested browsing
-  context</a> is to contain. The attribute, if present, must be a
-  <a href=#valid-non-empty-url-potentially-surrounded-by-spaces>valid non-empty URL potentially surrounded by
-  spaces</a>.</p>
 
-<!--MD-->
-  <p>If the <code title=attr-itemprop><a href=#names:-the-itemprop-attribute>itemprop</a></code> is specified
-  on an <code><a href=#the-iframe-element>iframe</a></code> element, then the <code title=attr-iframe-src><a href=#attr-iframe-src>src</a></code> attribute must also be
-  specified.</p>
-<!--MD-->
+  <!-- SRC/SRCDOC -->
 
-  <p>The <dfn id=attr-iframe-srcdoc title=attr-iframe-srcdoc><code>srcdoc</code></dfn>
-  attribute gives the content of the page that the <a href=#nested-browsing-context>nested
-  browsing context</a> is to contain. The value of the attribute is
-  the source of <dfn id=an-iframe-srcdoc-document>an <code>iframe</code> <code title=attr-iframe-srcdoc>srcdoc</code> document</dfn>.</p>
+  <p>The <dfn id=attr-iframe-src title=attr-iframe-src><code>src</code></dfn> attribute gives the address of a page
+  that the <a href=#nested-browsing-context>nested browsing context</a> is to contain. The attribute, if present, must be a
+  <a href=#valid-non-empty-url-potentially-surrounded-by-spaces>valid non-empty URL potentially surrounded by spaces</a>. If the <code title=attr-itemprop><a href=#names:-the-itemprop-attribute>itemprop</a></code> is specified on an <code><a href=#the-iframe-element>iframe</a></code> element, then the
+  <code title=attr-iframe-src><a href=#attr-iframe-src>src</a></code> attribute must also be specified.</p>
 
-  <p>For <code><a href=#the-iframe-element>iframe</a></code> elements in <a href=#html-documents>HTML documents</a>,
-  the attribute, if present, must have a value using <a href=#syntax>the HTML
-  syntax</a> that consists of the following syntactic components,
-  in the given order:</p>
+  <p>The <dfn id=attr-iframe-srcdoc title=attr-iframe-srcdoc><code>srcdoc</code></dfn> attribute gives the content of
+  the page that the <a href=#nested-browsing-context>nested browsing context</a> is to contain. The value of the attribute
+  is the source of <dfn id=an-iframe-srcdoc-document>an <code>iframe</code> <code title=attr-iframe-srcdoc>srcdoc</code>
+  document</dfn>.</p>
 
-  <ol><li>Any number of <a href=#syntax-comments title=syntax-comments>comments</a> and
-   <a href=#space-character title="space character">space characters</a>.</li>
+  <p>For <code><a href=#the-iframe-element>iframe</a></code> elements in <a href=#html-documents>HTML documents</a>, the <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute, if present, must have a value using <a href=#syntax>the
+  HTML syntax</a> that consists of the following syntactic components, in the given order:</p>
 
+  <ol><li>Any number of <a href=#syntax-comments title=syntax-comments>comments</a> and <a href=#space-character title="space
+   character">space characters</a>.</li>
+
    <li>Optionally, a <a href=#syntax-doctype title=syntax-doctype>DOCTYPE</a>.
 
-   <li>Any number of <a href=#syntax-comments title=syntax-comments>comments</a> and
-   <a href=#space-character title="space character">space characters</a>.</li>
+   <li>Any number of <a href=#syntax-comments title=syntax-comments>comments</a> and <a href=#space-character title="space
+   character">space characters</a>.</li>
 
    <li>The root element, in the form of an <code><a href=#the-html-element>html</a></code> <a href=#syntax-elements title=syntax-elements>element</a>.</li>
 
-   <li>Any number of <a href=#syntax-comments title=syntax-comments>comments</a> and
-   <a href=#space-character title="space character">space characters</a>.</li>
+   <li>Any number of <a href=#syntax-comments title=syntax-comments>comments</a> and <a href=#space-character title="space
+   character">space characters</a>.</li>
 
-  </ol><p>For <code><a href=#the-iframe-element>iframe</a></code> elements in <a href=#xml-documents>XML documents</a>,
-  the attribute, if present, must have a value that matches the
-  production labeled <code title="">document</code> in the XML
-  specification. <a href=#refsXML>[XML]</a></p>
+  </ol><p>For <code><a href=#the-iframe-element>iframe</a></code> elements in <a href=#xml-documents>XML documents</a>, the <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute, if present, must have a value that matches the
+  production labeled <code title="">document</code> in the XML specification. <a href=#refsXML>[XML]</a></p>
 
-  <p>If the <code title=attr-iframe-src><a href=#attr-iframe-src>src</a></code> attribute and the
-  <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute are both
-  specified together, the <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code>
-  attribute takes priority. This allows authors to provide a fallback
-  <a href=#url>URL</a> for legacy user agents that do not support the
-  <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute.</p>
+  <div class=example>
 
+   <p>Here a blog uses the <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute in conjunction
+   with the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> and <code title=attr-iframe-seamless><a href=#attr-iframe-seamless>seamless</a></code> attributes described below to provide users of user
+   agents that support this feature with an extra layer of protection from script injection in the
+   blog post comments:</p>
+
+   <pre><article>
+ <h1>I got my own magazine!</h1>
+ <p>After much effort, I've finally found a publisher, and so now I
+ have my own magazine! Isn't that awesome?! The first issue will come
+ out in September, and we have articles about getting food, and about
+ getting in boxes, it's going to be great!</p>
+ <footer>
+  <p>Written by <a href="/users/cap">cap</a>, 1 hour ago.
+ </footer>
+ <article>
+  <footer> Thirteen minutes ago, <a href="/users/ch">ch</a> wrote: </footer>
+  <iframe seamless sandbox srcdoc="<p>did you get a cover picture yet?"></iframe>
+ </article>
+ <article>
+  <footer> Nine minutes ago, <a href="/users/cap">cap</a> wrote: </footer>
+  <iframe seamless sandbox srcdoc="<p>Yeah, you can see it <a href=&quot;/gallery?mode=cover&amp;amp;page=1&quot;>in my gallery</a>."></iframe>
+ </article>
+ <article>
+  <footer> Five minutes ago, <a href="/users/ch">ch</a> wrote: </footer>
+  <iframe seamless sandbox srcdoc="<p>hey that's earl's table.
+<p>you should get earl&amp;amp;me on the next cover."></iframe>
+ </article></pre>
+
+   <p>Notice the way that quotes have to be escaped (otherwise the <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute would end prematurely), and the way raw
+   ampersands (e.g. in URLs or in prose) mentioned in the sandboxed content have to be
+   <em>doubly</em> escaped — once so that the ampersand is preserved when originally parsing
+   the <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute, and once more to prevent the
+   ampersand from being misinterpreted when parsing the sandboxed content.</p>
+
+  </div>
+
+  <p class=note>In <a href=#syntax>the HTML syntax</a>, authors need only remember to use U+0022
+  QUOTATION MARK characters (") to wrap the attribute contents and then to escape all U+0022
+  QUOTATION MARK (") and U+0026 AMPERSAND (&) characters, and to specify the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attribute, to ensure safe embedding of content.</p>
+
+  <p class=note>Due to restrictions of <a href=#the-xhtml-syntax>the XHTML syntax</a>, in XML the U+003C LESS-THAN
+  SIGN character (<) needs to be escaped as well. In order to prevent <a href=http://www.w3.org/TR/REC-xml/#AVNormalize>attribute-value normalization</a>, some of XML's
+  whitespace characters — specifically U+0009 CHARACTER TABULATION (tab), U+000A LINE FEED
+  (LF), and U+000D CARRIAGE RETURN (CR) — also need to be escaped. <a href=#refsXML>[XML]</a></p>
+
+  <p class=note>If the <code title=attr-iframe-src><a href=#attr-iframe-src>src</a></code> attribute and the <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute are both specified together, the <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute takes priority. This allows authors to provide
+  a fallback <a href=#url>URL</a> for legacy user agents that do not support the <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute.</p>
+
+
   <div class=impl>
 
-  <p>When an <code><a href=#the-iframe-element>iframe</a></code> element is <a href=#insert-an-element-into-a-document title="insert an
-  element into a document">inserted into a document</a>, the user
-  agent must create a <a href=#nested-browsing-context>nested browsing context</a>, and then
-  <a href=#process-the-iframe-attributes>process the <code>iframe</code> attributes</a> for the
-  first time.</p>
+  <hr><!-- SRC/SRCDOC PROCESSING MODEL --><p>When an <code><a href=#the-iframe-element>iframe</a></code> element is <a href=#insert-an-element-into-a-document title="insert an element into a document">inserted
+  into a document</a>, the user agent must create a <a href=#nested-browsing-context>nested browsing context</a>, and
+  then <a href=#process-the-iframe-attributes>process the <code>iframe</code> attributes</a> for the first time.</p>
 
-  <p>When an <code><a href=#the-iframe-element>iframe</a></code> element is <a href=#remove-an-element-from-a-document title="remove an
-  element from a document">removed from a document</a>, the user
-  agent must <a href=#a-browsing-context-is-discarded title="a browsing context is
-  discarded">discard</a> the <a href=#nested-browsing-context>nested browsing
-  context</a>.</p>
+  <p>When an <code><a href=#the-iframe-element>iframe</a></code> element is <a href=#remove-an-element-from-a-document title="remove an element from a document">removed
+  from a document</a>, the user agent must <a href=#a-browsing-context-is-discarded title="a browsing context is
+  discarded">discard</a> the <a href=#nested-browsing-context>nested browsing context</a>.</p>
 
-  <p class=note>This happens without any <code title=event-unload>unload</code> events firing (the <a href=#nested-browsing-context>nested
-  browsing context</a> and its <code><a href=#document>Document</a></code> are <em title="a browsing context is discarded">discarded</em>, not <em title="unload a document">unloaded</em>).</p>
+  <p class=note>This happens without any <code title=event-unload>unload</code> events firing
+  (the <a href=#nested-browsing-context>nested browsing context</a> and its <code><a href=#document>Document</a></code> are <em title="a browsing
+  context is discarded">discarded</em>, not <em title="unload a document">unloaded</em>).</p>
 
   <!-- START of section that's very similar to <frame> -->
 
-  <p>Whenever an <code><a href=#the-iframe-element>iframe</a></code> element with a <a href=#nested-browsing-context>nested
-  browsing context</a> has its <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute set, changed, or
-  removed, the user agent must <a href=#process-the-iframe-attributes>process the <code>iframe</code>
-  attributes</a>.</p>
+  <p>Whenever an <code><a href=#the-iframe-element>iframe</a></code> element with a <a href=#nested-browsing-context>nested browsing context</a> has its
+  <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute set, changed, or removed, the user agent
+  must <a href=#process-the-iframe-attributes>process the <code>iframe</code> attributes</a>.</p>
 
-  <p>Similarly, whenever an <code><a href=#the-iframe-element>iframe</a></code> element with a
-  <a href=#nested-browsing-context>nested browsing context</a> but with no <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute specified has its
-  <code title=attr-iframe-src><a href=#attr-iframe-src>src</a></code> attribute set, changed, or
-  removed, the user agent must <a href=#process-the-iframe-attributes>process the <code>iframe</code>
-  attributes</a>.</p> <!-- It doesn't happen when the base URL is
-  changed, though. -->
+  <p>Similarly, whenever an <code><a href=#the-iframe-element>iframe</a></code> element with a <a href=#nested-browsing-context>nested browsing context</a>
+  but with no <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute specified has its <code title=attr-iframe-src><a href=#attr-iframe-src>src</a></code> attribute set, changed, or removed, the user agent must
+  <a href=#process-the-iframe-attributes>process the <code>iframe</code> attributes</a>.</p> <!-- It doesn't happen when the base
+  URL is changed, though. -->
 
-  <p>When the user agent is to <dfn id=process-the-iframe-attributes>process the <code>iframe</code>
-  attributes</dfn>, it must run the first appropriate steps from the
-  following list:</p>
+  <p>When the user agent is to <dfn id=process-the-iframe-attributes>process the <code>iframe</code> attributes</dfn>, it must run
+  the first appropriate steps from the following list:</p>
 
-  <dl class=switch><dt>If the <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute
-   is specified</dt>
+  <dl class=switch><dt>If the <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute is specified</dt>
 
-   <dd><p><a href=#navigate>Navigate</a><!--DONAV iframe--> the element's
-   <a href=#child-browsing-context>child browsing context</a> to a resource whose
-   <a href=#content-type>Content-Type</a> is <code><a href=#text/html>text/html</a></code>, whose
-   <a href=#url>URL</a> is <code><a href=#about:srcdoc>about:srcdoc</a></code>, and whose data
-   consists of the value of the attribute. The resulting
-   <code><a href=#document>Document</a></code> must be considered <a href=#an-iframe-srcdoc-document>an
-   <code>iframe</code> <code title=attr-iframe-srcdoc>srcdoc</code>
-   document</a>.</dd>
+   <dd><p><a href=#navigate>Navigate</a><!--DONAV iframe--> the element's <a href=#child-browsing-context>child browsing context</a>
+   to a resource whose <a href=#content-type>Content-Type</a> is <code><a href=#text/html>text/html</a></code>, whose <a href=#url>URL</a>
+   is <code><a href=#about:srcdoc>about:srcdoc</a></code>, and whose data consists of the value of the attribute. The
+   resulting <code><a href=#document>Document</a></code> must be considered <a href=#an-iframe-srcdoc-document>an <code>iframe</code> <code title=attr-iframe-srcdoc>srcdoc</code> document</a>.</dd>
 
-   <dt>Otherwise, if the element has no <code title=attr-iframe-src><a href=#attr-iframe-src>src</a></code> attribute specified, and the
-   user agent is processing the <code><a href=#the-iframe-element>iframe</a></code>'s attributes for
-   the first time</dt>
+   <dt>Otherwise, if the element has no <code title=attr-iframe-src><a href=#attr-iframe-src>src</a></code> attribute
+   specified, and the user agent is processing the <code><a href=#the-iframe-element>iframe</a></code>'s attributes for the first
+   time</dt>
 
    <dd>
 
-    <p><a href=#queue-a-task>Queue a task</a> to <a href=#fire-a-simple-event>fire a simple event</a>
-    named <code title=event-load>load</code> at the
-    <code><a href=#the-iframe-element>iframe</a></code> element.</p>
+    <p><a href=#queue-a-task>Queue a task</a> to <a href=#fire-a-simple-event>fire a simple event</a> named <code title=event-load>load</code> at the <code><a href=#the-iframe-element>iframe</a></code> element.</p>
 
    </dd>
 
@@ -26697,207 +26714,118 @@
 
     <ol><li>
 
-      <p>If the value of the <code title=attr-iframe-src><a href=#attr-iframe-src>src</a></code>
-      attribute is the empty string, let <var title="">url</var> be
-      the string "<code><a href=#about:blank>about:blank</a></code>".</p>
+      <p>If the value of the <code title=attr-iframe-src><a href=#attr-iframe-src>src</a></code> attribute is the empty string,
+      let <var title="">url</var> be the string "<code><a href=#about:blank>about:blank</a></code>".</p>
 
-      <p>Otherwise, <a href=#resolve-a-url title="resolve a url">resolve</a> the
-      value of the <code title=attr-iframe-src><a href=#attr-iframe-src>src</a></code> attribute,
-      relative to the <code><a href=#the-iframe-element>iframe</a></code> element.</p>
+      <p>Otherwise, <a href=#resolve-a-url title="resolve a url">resolve</a> the value of the <code title=attr-iframe-src><a href=#attr-iframe-src>src</a></code> attribute, relative to the <code><a href=#the-iframe-element>iframe</a></code> element.</p>
 
-      <p>If that is not successful, then let <var title="">url</var>
-      be the string "<code><a href=#about:blank>about:blank</a></code>". Otherwise, let <var title="">url</var> be the resulting <a href=#absolute-url>absolute
-      URL</a>.</p>
+      <p>If that is not successful, then let <var title="">url</var> be the string
+      "<code><a href=#about:blank>about:blank</a></code>". Otherwise, let <var title="">url</var> be the resulting
+      <a href=#absolute-url>absolute URL</a>.</p>
 
      </li>
 
      <li>
 
-      <p><a href=#navigate>Navigate</a><!--DONAV iframe--> the element's
-      <a href=#child-browsing-context>child browsing context</a> to <var title="">url</var>.</p>
+      <p><a href=#navigate>Navigate</a><!--DONAV iframe--> the element's <a href=#child-browsing-context>child browsing context</a>
+      to <var title="">url</var>.</p>
       
      </li>
 
     </ol></dd>
 
-  </dl><p>Any <a href=#navigate title=navigate>navigation</a> required of the user
-  agent in the <a href=#process-the-iframe-attributes>process the <code>iframe</code> attributes</a>
-  algorithm must be completed as an <a href=#explicit-self-navigation-override>explicit self-navigation
-  override</a> and with the <code><a href=#the-iframe-element>iframe</a></code> element's
-  document's <a href=#browsing-context>browsing context</a> as the <a href=#source-browsing-context>source
-  browsing context</a>.</p>
+  </dl><p>Any <a href=#navigate title=navigate>navigation</a> required of the user agent in the <a href=#process-the-iframe-attributes>process
+  the <code>iframe</code> attributes</a> algorithm must be completed as an <a href=#explicit-self-navigation-override>explicit
+  self-navigation override</a> and with the <code><a href=#the-iframe-element>iframe</a></code> element's document's
+  <a href=#browsing-context>browsing context</a> as the <a href=#source-browsing-context>source browsing context</a>.</p>
 
-  <p>Furthermore, if the <a href=#active-document>active document</a> of the element's
-  <a href=#child-browsing-context>child browsing context</a> before such a <a href=#navigate title=navigate>navigation</a> was not <a href=#completely-loaded>completely
-  loaded</a> at the time of the new <a href=#navigate title=navigate>navigation</a>, then the <a href=#navigate title=navigate>navigation</a> must be completed with
-  <a href=#replacement-enabled>replacement enabled</a>.</p>
+  <p>Furthermore, if the <a href=#active-document>active document</a> of the element's <a href=#child-browsing-context>child browsing
+  context</a> before such a <a href=#navigate title=navigate>navigation</a> was not <a href=#completely-loaded>completely
+  loaded</a> at the time of the new <a href=#navigate title=navigate>navigation</a>, then the <a href=#navigate title=navigate>navigation</a> must be completed with <a href=#replacement-enabled>replacement enabled</a>.</p>
 
-  <p>Similarly, if the <a href=#child-browsing-context>child browsing context</a>'s
-  <a href=#session-history>session history</a> contained only one
-  <code><a href=#document>Document</a></code> when the <a href=#process-the-iframe-attributes>process the <code>iframe</code>
-  attributes</a> algorithm was invoked, and that was the
-  <code><a href=#about:blank>about:blank</a></code> <code><a href=#document>Document</a></code> created when the
-  <a href=#child-browsing-context>child browsing context</a> was created, then any <a href=#navigate title=navigate>navigation</a> required of the user agent in
-  that algorithm must be completed with <a href=#replacement-enabled>replacement
-  enabled</a>.</p> <!-- see also the note near similar text for the
+  <p>Similarly, if the <a href=#child-browsing-context>child browsing context</a>'s <a href=#session-history>session history</a> contained
+  only one <code><a href=#document>Document</a></code> when the <a href=#process-the-iframe-attributes>process the <code>iframe</code> attributes</a>
+  algorithm was invoked, and that was the <code><a href=#about:blank>about:blank</a></code> <code><a href=#document>Document</a></code> created
+  when the <a href=#child-browsing-context>child browsing context</a> was created, then any <a href=#navigate title=navigate>navigation</a> required of the user agent in that algorithm must be completed
+  with <a href=#replacement-enabled>replacement enabled</a>.</p> <!-- see also the note near similar text for the
   location.assign() method -->
 
-  </div>
+  <p>When content loads in an <code><a href=#the-iframe-element>iframe</a></code>, after any <code title=event-load>load</code>
+  events are fired within the content itself, <!-- XXX bug 16829 --> the user agent must <a href=#queue-a-task>queue
+  a task</a> to <a href=#fire-a-simple-event>fire a simple event</a> named <code title=event-load>load</code> at
+  the <code><a href=#the-iframe-element>iframe</a></code> element. When content whose <a href=#url>URL</a> has the <a href=#same-origin>same
+  origin</a> as the <code><a href=#the-iframe-element>iframe</a></code> element's <code><a href=#document>Document</a></code> fails to load (e.g. due
+  to a DNS error, network error, or if the server returned a 4xx or 5xx status code <a href=#concept-http-equivalent-codes title=concept-http-equivalent-codes>or equivalent</a>), then the user agent must <a href=#queue-a-task>queue
+  a task</a> to <a href=#fire-a-simple-event>fire a simple event</a> named <code title=event-error>error</code> at
+  the element instead. (This event does not fire for <a href=#parse-error title="parse error">parse errors</a>,
+  script errors, or any errors for cross-origin resources.)</p>
 
-  <!-- END of section that's very similar to <frame> -->
+  <p>The <a href=#task-source>task source</a> for these <a href=#concept-task title=concept-task>tasks</a> is the <a href=#dom-manipulation-task-source>DOM
+  manipulation task source</a>.</p>
 
-  <p class=note>If, when the element is created, the <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute is not set, and
-  the <code title=attr-iframe-src><a href=#attr-iframe-src>src</a></code> attribute is either
-  also not set or set but its value cannot be <a href=#resolve-a-url title="resolve a
-  url">resolved</a>, the browsing context will remain at the
-  initial <code><a href=#about:blank>about:blank</a></code> page.</p>
+  <p class=note>A <code title=event-load>load</code> event is also fired at the
+  <code><a href=#the-iframe-element>iframe</a></code> element when it is created if no other data is loaded in it.</p>
 
-  <p class=note>If the user <a href=#navigate title=navigate>navigates</a>
-  away from this page, the <code><a href=#the-iframe-element>iframe</a></code>'s corresponding
-  <code><a href=#windowproxy>WindowProxy</a></code> object will proxy new <code><a href=#window>Window</a></code>
-  objects for new <code><a href=#document>Document</a></code> objects, but the <code title=attr-iframe-src><a href=#attr-iframe-src>src</a></code> attribute will not change.</p>
+  <p>When the <code><a href=#the-iframe-element>iframe</a></code>'s <a href=#active-document>active document</a> is not <a href=#ready-for-post-load-tasks>ready for post-load
+  tasks</a>, and when anything in the <code><a href=#the-iframe-element>iframe</a></code> is <a href=#delay-the-load-event title="delay the load
+  event">delaying the load event</a> of the <code><a href=#the-iframe-element>iframe</a></code>'s <a href=#browsing-context>browsing context</a>'s
+  <a href=#active-document>active document</a>, the <code><a href=#the-iframe-element>iframe</a></code> must <a href=#delay-the-load-event>delay the load event</a> of
+  its document.</p>
 
-  <div class=example>
+  <p class=note>If, during the handling of the <code title=event-load>load</code> event, the
+  <a href=#browsing-context>browsing context</a> in the <code><a href=#the-iframe-element>iframe</a></code> is again <a href=#navigate title=navigate>navigated</a>, that will further <a href=#delay-the-load-event>delay the load event</a>.</p>
 
-   <p>Here a blog uses the <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute in conjunction
-   with the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> and <code title=attr-iframe-seamless><a href=#attr-iframe-seamless>seamless</a></code> attributes described
-   below to provide users of user agents that support this feature
-   with an extra layer of protection from script injection in the blog
-   post comments:</p>
+  </div>
 
-   <pre><article>
- <h1>I got my own magazine!</h1>
- <p>After much effort, I've finally found a publisher, and so now I
- have my own magazine! Isn't that awesome?! The first issue will come
- out in September, and we have articles about getting food, and about
- getting in boxes, it's going to be great!</p>
- <footer>
-  <p>Written by <a href="/users/cap">cap</a>, 1 hour ago.
- </footer>
- <article>
-  <footer> Thirteen minutes ago, <a href="/users/ch">ch</a> wrote: </footer>
-  <iframe seamless sandbox srcdoc="<p>did you get a cover picture yet?"></iframe>
- </article>
- <article>
-  <footer> Nine minutes ago, <a href="/users/cap">cap</a> wrote: </footer>
-  <iframe seamless sandbox srcdoc="<p>Yeah, you can see it <a href=&quot;/gallery?mode=cover&amp;amp;page=1&quot;>in my gallery</a>."></iframe>
- </article>
- <article>
-  <footer> Five minutes ago, <a href="/users/ch">ch</a> wrote: </footer>
-  <iframe seamless sandbox srcdoc="<p>hey that's earl's table.
-<p>you should get earl&amp;amp;me on the next cover."></iframe>
- </article></pre>
+  <!-- END of section that's very similar to <frame> -->
 
-   <p>Notice the way that quotes have to be escaped (otherwise the
-   <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute would end
-   prematurely), and the way raw ampersands (e.g. in URLs or in prose)
-   mentioned in the sandboxed content have to be <em>doubly</em>
-   escaped — once so that the ampersand is preserved when
-   originally parsing the <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute, and once more
-   to prevent the ampersand from being misinterpreted when parsing the
-   sandboxed content.</p>
+  <p class=note>If, when the element is created, the <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute is not set, and the <code title=attr-iframe-src><a href=#attr-iframe-src>src</a></code> attribute is either also not set or set but its value cannot be
+  <a href=#resolve-a-url title="resolve a url">resolved</a>, the browsing context will remain at the initial
+  <code><a href=#about:blank>about:blank</a></code> page.</p>
 
-  </div>
+  <p class=note>If the user <a href=#navigate title=navigate>navigates</a> away from this page, the
+  <code><a href=#the-iframe-element>iframe</a></code>'s corresponding <code><a href=#windowproxy>WindowProxy</a></code> object will proxy new
+  <code><a href=#window>Window</a></code> objects for new <code><a href=#document>Document</a></code> objects, but the <code title=attr-iframe-src><a href=#attr-iframe-src>src</a></code> attribute will not change.</p>
 
-  <p class=note>In <a href=#syntax>the HTML syntax</a>, authors need only
-  remember to use U+0022 QUOTATION MARK characters (") to wrap the
-  attribute contents and then to escape all U+0022 QUOTATION MARK (")
-  and U+0026 AMPERSAND (&) characters, and to specify the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attribute, to ensure safe
-  embedding of content.</p>
 
-  <p class=note>Due to restrictions of <a href=#the-xhtml-syntax>the XHTML
-  syntax</a>, in XML the U+003C LESS-THAN SIGN character (<)
-  needs to be escaped as well. In order to prevent <a href=http://www.w3.org/TR/REC-xml/#AVNormalize>attribute-value
-  normalization</a>, some of XML's whitespace characters —
-  specifically U+0009 CHARACTER TABULATION (tab), U+000A LINE FEED
-  (LF), and U+000D CARRIAGE RETURN (CR) — also need to be
-  escaped. <a href=#refsXML>[XML]</a></p>
+  <hr><!-- NAME --><p>The <dfn id=attr-iframe-name title=attr-iframe-name><code>name</code></dfn> attribute, if present, must be a
+  <a href=#valid-browsing-context-name>valid browsing context name</a>. The given value is used to name the <a href=#nested-browsing-context>nested
+  browsing context</a>. <span class=impl>When the browsing context is created, if the attribute
+  is present, the <a href=#browsing-context-name>browsing context name</a> must be set to the value of this attribute;
+  otherwise, the <a href=#browsing-context-name>browsing context name</a> must be set to the empty string.</span></p>
 
-  <hr><p>The <dfn id=attr-iframe-name title=attr-iframe-name><code>name</code></dfn>
-  attribute, if present, must be a <a href=#valid-browsing-context-name>valid browsing context
-  name</a>. The given value is used to name the <a href=#nested-browsing-context>nested
-  browsing context</a>. <span class=impl>When the browsing
-  context is created, if the attribute is present, the <a href=#browsing-context-name>browsing
-  context name</a> must be set to the value of this attribute;
-  otherwise, the <a href=#browsing-context-name>browsing context name</a> must be set to the
-  empty string.</span></p>
-
   <div class=impl>
 
-  <p>Whenever the <code title=attr-iframe-name><a href=#attr-iframe-name>name</a></code> attribute
-  is set, the nested <a href=#browsing-context>browsing context</a>'s <a href=#browsing-context-name title="browsing context name">name</a> must be changed to the new
-  value. If the attribute is removed, the <a href=#browsing-context-name>browsing context
-  name</a> must be set to the empty string.</p>
+  <p>Whenever the <code title=attr-iframe-name><a href=#attr-iframe-name>name</a></code> attribute is set, the nested
+  <a href=#browsing-context>browsing context</a>'s <a href=#browsing-context-name title="browsing context name">name</a> must be changed to
+  the new value. If the attribute is removed, the <a href=#browsing-context-name>browsing context name</a> must be set to
+  the empty string.</p>
 
-  <p>When content loads in an <code><a href=#the-iframe-element>iframe</a></code>, after any <code title=event-load>load</code> events are fired within the content
-  itself, the user agent must <a href=#queue-a-task>queue a task</a> to <a href=#fire-a-simple-event>fire
-  a simple event</a> named <code title=event-load>load</code> at
-  the <code><a href=#the-iframe-element>iframe</a></code> element. When content whose <a href=#url>URL</a>
-  has the <a href=#same-origin>same origin</a> as the <code><a href=#the-iframe-element>iframe</a></code>
-  element's <code><a href=#document>Document</a></code> fails to load (e.g. due to a DNS
-  error, network error, or if the server returned a 4xx or 5xx status
-  code <a href=#concept-http-equivalent-codes title=concept-http-equivalent-codes>or
-  equivalent</a>), then the user agent must <a href=#queue-a-task>queue a
-  task</a> to <a href=#fire-a-simple-event>fire a simple event</a> named <code title=event-error>error</code> at the element instead. (This event
-  does not fire for <a href=#parse-error title="parse error">parse errors</a>,
-  script errors, or any errors for cross-origin resources.)</p>
-
-  <p>The <a href=#task-source>task source</a> for these <a href=#concept-task title=concept-task>tasks</a> is the <a href=#dom-manipulation-task-source>DOM manipulation
-  task source</a>.</p>
-
-  <p class=note>A <code title=event-load>load</code> event is also
-  fired at the <code><a href=#the-iframe-element>iframe</a></code> element when it is created if no
-  other data is loaded in it.</p>
-
-  <p>When the <code><a href=#the-iframe-element>iframe</a></code>'s <a href=#active-document>active document</a> is
-  not <a href=#ready-for-post-load-tasks>ready for post-load tasks</a>, and when anything in the
-  <code><a href=#the-iframe-element>iframe</a></code> is <a href=#delay-the-load-event title="delay the load event">delaying
-  the load event</a> of the <code><a href=#the-iframe-element>iframe</a></code>'s <a href=#browsing-context>browsing
-  context</a>'s <a href=#active-document>active document</a>, the
-  <code><a href=#the-iframe-element>iframe</a></code> must <a href=#delay-the-load-event>delay the load event</a> of its
-  document.</p>
-
-  <p class=note>If, during the handling of the <code title=event-load>load</code> event, the <a href=#browsing-context>browsing
-  context</a> in the <code><a href=#the-iframe-element>iframe</a></code> is again <a href=#navigate title=navigate>navigated</a>, that will further <a href=#delay-the-load-event>delay the
-  load event</a>.</p>
-
   </div>
 
-  <hr><p>The <dfn id=attr-iframe-sandbox title=attr-iframe-sandbox><code>sandbox</code></dfn>
-  attribute, when specified, enables a set of extra restrictions on
-  any content hosted by the <code><a href=#the-iframe-element>iframe</a></code>. Its value must be an
-  <a href=#unordered-set-of-unique-space-separated-tokens>unordered set of unique space-separated tokens</a> that are
-  <a href=#ascii-case-insensitive>ASCII case-insensitive</a>. The allowed values are
-  <code title=attr-iframe-sandbox-allow-forms><a href=#attr-iframe-sandbox-allow-forms>allow-forms</a></code>,
-  <code title=attr-iframe-sandbox-allow-popups><a href=#attr-iframe-sandbox-allow-popups>allow-popups</a></code>,
-  <code title=attr-iframe-sandbox-allow-same-origin><a href=#attr-iframe-sandbox-allow-same-origin>allow-same-origin</a></code>,
-  <code title=attr-iframe-sandbox-allow-scripts><a href=#attr-iframe-sandbox-allow-scripts>allow-scripts</a></code>, and
-  <code title=attr-iframe-sandbox-allow-top-navigation><a href=#attr-iframe-sandbox-allow-top-navigation>allow-top-navigation</a></code>.
 
-  When the attribute is set, the content is treated as being from a
-  unique <a href=#origin>origin</a>, forms and scripts are disabled, links
-  are prevented from targeting other <a href=#browsing-context title="browsing
-  context">browsing contexts</a>, and plugins are secured. The
-  <code title=attr-iframe-sandbox-allow-same-origin><a href=#attr-iframe-sandbox-allow-same-origin>allow-same-origin</a></code>
-  keyword allows the content to be treated as being from the same
-  origin instead of forcing it into a unique origin, the <code title=attr-iframe-sandbox-allow-top-navigation><a href=#attr-iframe-sandbox-allow-top-navigation>allow-top-navigation</a></code>
-  keyword allows the content to <a href=#navigate>navigate</a> its
-  <a href=#top-level-browsing-context>top-level browsing context</a>, and the <code title=attr-iframe-sandbox-allow-forms><a href=#attr-iframe-sandbox-allow-forms>allow-forms</a></code>, <code title=attr-iframe-sandbox-allow-popups><a href=#attr-iframe-sandbox-allow-popups>allow-popups</a></code> and <code title=attr-iframe-sandbox-allow-scripts><a href=#attr-iframe-sandbox-allow-scripts>allow-scripts</a></code>
-  keywords re-enable forms, popups, and scripts respectively.</p>
+  <hr><!-- SANDBOX --><p>The <dfn id=attr-iframe-sandbox title=attr-iframe-sandbox><code>sandbox</code></dfn> attribute, when specified,
+  enables a set of extra restrictions on any content hosted by the <code><a href=#the-iframe-element>iframe</a></code>. Its value
+  must be an <a href=#unordered-set-of-unique-space-separated-tokens>unordered set of unique space-separated tokens</a> that are <a href=#ascii-case-insensitive>ASCII
+  case-insensitive</a>. The allowed values are <code title=attr-iframe-sandbox-allow-forms><a href=#attr-iframe-sandbox-allow-forms>allow-forms</a></code>, <code title=attr-iframe-sandbox-allow-popups><a href=#attr-iframe-sandbox-allow-popups>allow-popups</a></code>, <code title=attr-iframe-sandbox-allow-same-origin><a href=#attr-iframe-sandbox-allow-same-origin>allow-same-origin</a></code>, <code title=attr-iframe-sandbox-allow-scripts><a href=#attr-iframe-sandbox-allow-scripts>allow-scripts</a></code>, and <code title=attr-iframe-sandbox-allow-top-navigation><a href=#attr-iframe-sandbox-allow-top-navigation>allow-top-navigation</a></code>.</p>
 
-  <p class=warning>Setting both the
-  <code title=attr-iframe-sandbox-allow-scripts><a href=#attr-iframe-sandbox-allow-scripts>allow-scripts</a></code> and
-  <code title=attr-iframe-sandbox-allow-same-origin><a href=#attr-iframe-sandbox-allow-same-origin>allow-same-origin</a></code>
-  keywords together when the embedded page has the <a href=#same-origin>same
-  origin</a> as the page containing the <code><a href=#the-iframe-element>iframe</a></code> allows
-  the embedded page to simply remove the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attribute.</p>
+  <p>When the attribute is set, the content is treated as being from a unique <a href=#origin>origin</a>,
+  forms and scripts are disabled, links are prevented from targeting other <a href=#browsing-context title="browsing
+  context">browsing contexts</a>, and plugins are secured. The <code title=attr-iframe-sandbox-allow-same-origin><a href=#attr-iframe-sandbox-allow-same-origin>allow-same-origin</a></code> keyword allows the content
+  to be treated as being from the same origin instead of forcing it into a unique origin, the <code title=attr-iframe-sandbox-allow-top-navigation><a href=#attr-iframe-sandbox-allow-top-navigation>allow-top-navigation</a></code> keyword allows the
+  content to <a href=#navigate>navigate</a> its <a href=#top-level-browsing-context>top-level browsing context</a>, and the <code title=attr-iframe-sandbox-allow-forms><a href=#attr-iframe-sandbox-allow-forms>allow-forms</a></code>, <code title=attr-iframe-sandbox-allow-popups><a href=#attr-iframe-sandbox-allow-popups>allow-popups</a></code> and <code title=attr-iframe-sandbox-allow-scripts><a href=#attr-iframe-sandbox-allow-scripts>allow-scripts</a></code> keywords re-enable forms, popups,
+  and scripts respectively.</p>
 
-  <p class=warning>Sandboxing hostile content is of minimal help if
-  an attacker can convince the user to just visit the hostile content
-  directly, rather than in the <code><a href=#the-iframe-element>iframe</a></code>. To limit the
-  damage that can be caused by hostile HTML content, it should be
-  served from a separate dedicated domain.</p>
+  <p class=warning>Setting both the <code title=attr-iframe-sandbox-allow-scripts><a href=#attr-iframe-sandbox-allow-scripts>allow-scripts</a></code> and <code title=attr-iframe-sandbox-allow-same-origin><a href=#attr-iframe-sandbox-allow-same-origin>allow-same-origin</a></code> keywords together when the
+  embedded page has the <a href=#same-origin>same origin</a> as the page containing the <code><a href=#the-iframe-element>iframe</a></code>
+  allows the embedded page to simply remove the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code>
+  attribute.</p>
 
+  <p class=warning>Sandboxing hostile content is of minimal help if an attacker can convince the
+  user to just visit the hostile content directly, rather than in the <code><a href=#the-iframe-element>iframe</a></code>. To limit
+  the damage that can be caused by hostile HTML content, it should be served from a separate
+  dedicated domain.</p>
+
   <div class=impl>
 
   <!-- v2: Add a new attribute that enables new restrictions, e.g.:
@@ -26907,50 +26835,42 @@
        - block access to 'parent.frames' from sandbox
   -->
 
-  <p>While the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code>
-  attribute is set or changed, the user agent must <a href=#parse-a-sandboxing-directive title="parse
-  a sandboxing directive">parse the sandboxing directive</a> using
-  the attribute's value as the <var title="">input</var> and the
-  <code><a href=#the-iframe-element>iframe</a></code> element's <a href=#nested-browsing-context>nested browsing context</a>'s
-  <a href=#iframe-sandboxing-flag-set><code>iframe</code> sandboxing flag set</a> as the
+  <p>While the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attribute is set or changed, the
+  user agent must <a href=#parse-a-sandboxing-directive title="parse a sandboxing directive">parse the sandboxing directive</a>
+  using the attribute's value as the <var title="">input</var> and the <code><a href=#the-iframe-element>iframe</a></code> element's
+  <a href=#nested-browsing-context>nested browsing context</a>'s <a href=#iframe-sandboxing-flag-set><code>iframe</code> sandboxing flag set</a> as the
   output.</p>
 
-  <p class=warning>These flags only take effect when the
-  <a href=#nested-browsing-context>nested browsing context</a> of the <code><a href=#the-iframe-element>iframe</a></code> is
-  <a href=#navigate title=navigate>navigated</a>. Removing them, or removing
-  the entire <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code>
-  attribute, has no effect on an already-loaded page.</p>
+  <p class=warning>These flags only take effect when the <a href=#nested-browsing-context>nested browsing context</a> of
+  the <code><a href=#the-iframe-element>iframe</a></code> is <a href=#navigate title=navigate>navigated</a>. Removing them, or removing the
+  entire <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attribute, has no effect on an
+  already-loaded page.</p>
 
   </div>
 
   <div class=example>
 
-   <p>In this example, some completely-unknown, potentially hostile,
-   user-provided HTML content is embedded in a page. Because it is
-   served from a separate domain, it is affected by all the normal
-   cross-site restrictions. In addition, the embedded page has
-   scripting disabled, plugins disabled, forms disabled, and it cannot
-   navigate any frames or windows other than itself (or any frames or
+   <p>In this example, some completely-unknown, potentially hostile, user-provided HTML content is
+   embedded in a page. Because it is served from a separate domain, it is affected by all the normal
+   cross-site restrictions. In addition, the embedded page has scripting disabled, plugins disabled,
+   forms disabled, and it cannot navigate any frames or windows other than itself (or any frames or
    windows it itself embeds).</p>
 
    <pre><p>We're not scared of you! Here is your content, unedited:</p>
 <iframe sandbox src="http://usercontent.example.net/getusercontent.cgi?id=12193"></iframe></pre>
 
-   <p class=warning>It is important to use a separate domain so that
-   if the attacker convinces the user to visit that page directly, the
-   page doesn't run in the context of the site's origin, which would
-   make the user vulnerable to any attack found in the page.</p>
+   <p class=warning>It is important to use a separate domain so that if the attacker convinces the
+   user to visit that page directly, the page doesn't run in the context of the site's origin, which
+   would make the user vulnerable to any attack found in the page.</p>
 
   </div>
 
   <div class=example>
 
-   <p>In this example, a gadget from another site is embedded. The
-   gadget has scripting and forms enabled, and the origin sandbox
-   restrictions are lifted, allowing the gadget to communicate with
-   its originating server. The sandbox is still useful, however, as it
-   disables plugins and popups, thus reducing the risk of the user
-   being exposed to malware and other annoyances.</p>
+   <p>In this example, a gadget from another site is embedded. The gadget has scripting and forms
+   enabled, and the origin sandbox restrictions are lifted, allowing the gadget to communicate with
+   its originating server. The sandbox is still useful, however, as it disables plugins and popups,
+   thus reducing the risk of the user being exposed to malware and other annoyances.</p>
 
    <pre><iframe sandbox="allow-same-origin allow-forms allow-scripts"
         src="http://maps.example.com/embedded.html"></iframe></pre>
@@ -26971,270 +26891,218 @@
 
    <pre><a href=D>Link</a></pre>
 
-   <p>For this example, suppose all the files were served as
-   <code><a href=#text/html>text/html</a></code>.</p>
+   <p>For this example, suppose all the files were served as <code><a href=#text/html>text/html</a></code>.</p>
 
-   <p>Page C in this scenario has all the sandboxing flags
-   set. Scripts are disabled, because the <code><a href=#the-iframe-element>iframe</a></code> in A has
-   scripts disabled, and this overrides the <code title=attr-iframe-sandbox-allow-scripts><a href=#attr-iframe-sandbox-allow-scripts>allow-scripts</a></code>
-   keyword set on the <code><a href=#the-iframe-element>iframe</a></code> in B. Forms are also
-   disabled, because the inner <code><a href=#the-iframe-element>iframe</a></code> (in B) does not
-   have the <code title=attr-iframe-sandbox-allow-forms><a href=#attr-iframe-sandbox-allow-forms>allow-forms</a></code> keyword
+   <p>Page C in this scenario has all the sandboxing flags set. Scripts are disabled, because the
+   <code><a href=#the-iframe-element>iframe</a></code> in A has scripts disabled, and this overrides the <code title=attr-iframe-sandbox-allow-scripts><a href=#attr-iframe-sandbox-allow-scripts>allow-scripts</a></code> keyword set on the
+   <code><a href=#the-iframe-element>iframe</a></code> in B. Forms are also disabled, because the inner <code><a href=#the-iframe-element>iframe</a></code> (in B)
+   does not have the <code title=attr-iframe-sandbox-allow-forms><a href=#attr-iframe-sandbox-allow-forms>allow-forms</a></code> keyword
    set.</p>
 
-   <p>Suppose now that a script in A removes all the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attributes in A
-   <!--grammar-check-override--> and B. This would change nothing
-   immediately. If the user clicked the link in C, loading page D into
-   the <code><a href=#the-iframe-element>iframe</a></code> in B, page D would now act as if the
-   <code><a href=#the-iframe-element>iframe</a></code> in B had the <code title=attr-iframe-sandbox-allow-same-origin><a href=#attr-iframe-sandbox-allow-same-origin>allow-same-origin</a></code>
-   and <code title=attr-iframe-sandbox-allow-forms><a href=#attr-iframe-sandbox-allow-forms>allow-forms</a></code> keywords
-   set, because that was the state of the <a href=#nested-browsing-context>nested browsing
-   context</a> in the <code><a href=#the-iframe-element>iframe</a></code> in A when page B was
+   <p>Suppose now that a script in A removes all the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attributes in A <!--grammar-check-override--> and B.
+   This would change nothing immediately. If the user clicked the link in C, loading page D into the
+   <code><a href=#the-iframe-element>iframe</a></code> in B, page D would now act as if the <code><a href=#the-iframe-element>iframe</a></code> in B had the <code title=attr-iframe-sandbox-allow-same-origin><a href=#attr-iframe-sandbox-allow-same-origin>allow-same-origin</a></code> and <code title=attr-iframe-sandbox-allow-forms><a href=#attr-iframe-sandbox-allow-forms>allow-forms</a></code> keywords set, because that was the
+   state of the <a href=#nested-browsing-context>nested browsing context</a> in the <code><a href=#the-iframe-element>iframe</a></code> in A when page B was
    loaded.</p>
 
-   <p>Generally speaking, dynamically removing or changing the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attribute is
-   ill-advised, because it can make it quite hard to reason about what
-   will be allowed and what will not.</p>
+   <p>Generally speaking, dynamically removing or changing the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attribute is ill-advised, because it can make it quite
+   hard to reason about what will be allowed and what will not.</p>
 
   </div>
 
-  <p class=note>Potentially hostile files should not be served from
-  the same server as the file containing the <code><a href=#the-iframe-element>iframe</a></code>
-  element. Using a different domain ensures that scripts in the files
-  are unable to attack the site, even if the user is tricked into
-  visiting those pages directly, without the protection of the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attribute.</p>
+  <p class=note>Potentially hostile files should not be served from the same server as the file
+  containing the <code><a href=#the-iframe-element>iframe</a></code> element. Using a different domain ensures that scripts in the
+  files are unable to attack the site, even if the user is tricked into visiting those pages
+  directly, without the protection of the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code>
+  attribute.</p>
 
   <p class=warning>If the <code title=attr-iframe-sandbox-allow-scripts><a href=#attr-iframe-sandbox-allow-scripts>allow-scripts</a></code>
-  keyword is set along with <code title=attr-iframe-sandbox-allow-same-origin><a href=#attr-iframe-sandbox-allow-same-origin>allow-same-origin</a></code>
-  keyword, and the file is from the <a href=#same-origin>same origin</a> as the
-  <code><a href=#the-iframe-element>iframe</a></code>'s <code><a href=#document>Document</a></code>, then a script in the
-  "sandboxed" iframe could just reach out, remove the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attribute, and then
-  reload itself, effectively breaking out of the sandbox
-  altogether.</p>
+  keyword is set along with <code title=attr-iframe-sandbox-allow-same-origin><a href=#attr-iframe-sandbox-allow-same-origin>allow-same-origin</a></code> keyword, and the file is
+  from the <a href=#same-origin>same origin</a> as the <code><a href=#the-iframe-element>iframe</a></code>'s <code><a href=#document>Document</a></code>, then a
+  script in the "sandboxed" iframe could just reach out, remove the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attribute, and then reload itself, effectively breaking
+  out of the sandbox altogether.</p>
 
 
-  <hr><!-- v2: Might be interesting to have a value on seamless that
-  allowed event propagation of some sort, maybe based on the WICD
-  work: http://www.w3.org/TR/WICD/ --><p>The <dfn id=attr-iframe-seamless title=attr-iframe-seamless><code>seamless</code></dfn>
-  attribute is a <a href=#boolean-attribute>boolean attribute</a>. When specified, it
-  indicates that the <code><a href=#the-iframe-element>iframe</a></code> element's <a href=#browsing-context>browsing
-  context</a> is to be rendered in a manner that makes it appear to
-  be part of the containing document (seamlessly included in the
-  parent document).</p>
+  <hr><!-- SEAMLESS --><!-- v2: Might be interesting to have a value on seamless that allowed event propagation of some
+  sort, maybe based on the WICD work: http://www.w3.org/TR/WICD/ --><p>The <dfn id=attr-iframe-seamless title=attr-iframe-seamless><code>seamless</code></dfn> attribute is a <a href=#boolean-attribute>boolean
+  attribute</a>. When specified, it indicates that the <code><a href=#the-iframe-element>iframe</a></code> element's
+  <a href=#browsing-context>browsing context</a> is to be rendered in a manner that makes it appear to be part of the
+  containing document (seamlessly included in the parent document).</p>
 
   <div class=impl>
 
-  <p>An <code><a href=#the-iframe-element>iframe</a></code> element is said to be <dfn id=in-seamless-mode>in seamless
-  mode</dfn> when all of the following conditions are met:</p>
+  <p>An <code><a href=#the-iframe-element>iframe</a></code> element is said to be <dfn id=in-seamless-mode>in seamless mode</dfn> when all of the
+  following conditions are met:</p>
 
-  <ul><li>The <code title=attr-iframe-seamless><a href=#attr-iframe-seamless>seamless</a></code>
-   attribute is set on the <code><a href=#the-iframe-element>iframe</a></code> element, and
+  <ul><li>The <code title=attr-iframe-seamless><a href=#attr-iframe-seamless>seamless</a></code> attribute is set on the
+   <code><a href=#the-iframe-element>iframe</a></code> element, and
 
-   <li>The <code><a href=#the-iframe-element>iframe</a></code> element's owner <code><a href=#document>Document</a></code>'s
-   <a href=#active-sandboxing-flag-set>active sandboxing flag set</a> does not have the
-   <a href=#sandboxed-seamless-iframes-flag>sandboxed seamless iframes flag</a> set, and
+   <li>The <code><a href=#the-iframe-element>iframe</a></code> element's owner <code><a href=#document>Document</a></code>'s <a href=#active-sandboxing-flag-set>active sandboxing flag
+   set</a> does not have the <a href=#sandboxed-seamless-iframes-flag>sandboxed seamless iframes flag</a> set, and
 
    <li>Either:
 
-    <ul><li>The <a href=#browsing-context>browsing context</a>'s <a href=#active-document>active
-     document</a> has the <a href=#same-origin>same origin</a> as the
+    <ul><li>The <a href=#browsing-context>browsing context</a>'s <a href=#active-document>active document</a> has the <a href=#same-origin>same
+     origin</a> as the <code><a href=#the-iframe-element>iframe</a></code> element's <code><a href=#document>Document</a></code>, or
+
+     <li>The <a href=#browsing-context>browsing context</a>'s <a href=#active-document>active document</a>'s <em><a href="#the-document's-address" title="the
+     document's address">address</a></em> has the <a href=#same-origin>same origin</a> as the
      <code><a href=#the-iframe-element>iframe</a></code> element's <code><a href=#document>Document</a></code>, or
 
-     <li>The <a href=#browsing-context>browsing context</a>'s <a href=#active-document>active
-     document</a>'s <em><a href="#the-document's-address" title="the document's
-     address">address</a></em> has the <a href=#same-origin>same origin</a> as
-     the <code><a href=#the-iframe-element>iframe</a></code> element's <code><a href=#document>Document</a></code>, or
+     <li>The <a href=#browsing-context>browsing context</a>'s <a href=#active-document>active document</a> is <a href=#an-iframe-srcdoc-document>an
+     <code>iframe</code> <code title=attr-iframe-srcdoc>srcdoc</code> document</a>.
 
-     <li>The <a href=#browsing-context>browsing context</a>'s <a href=#active-document>active
-     document</a> is <a href=#an-iframe-srcdoc-document>an <code>iframe</code> <code title=attr-iframe-srcdoc>srcdoc</code> document</a>.
-
     </ul></li>
 
-  </ul><p>When an <code><a href=#the-iframe-element>iframe</a></code> element is <a href=#in-seamless-mode>in seamless
-  mode</a>, the following requirements apply:</p>
+  </ul><p>When an <code><a href=#the-iframe-element>iframe</a></code> element is <a href=#in-seamless-mode>in seamless mode</a>, the following
+  requirements apply:</p>
 
-  <ul><li><p>The user agent must set the <dfn id=seamless-browsing-context-flag>seamless browsing context
-   flag</dfn> to true for that <a href=#browsing-context>browsing context</a>. This
-   will <a href=#seamlessLinks>cause links to open in the parent
-   browsing context</a> unless an <a href=#explicit-self-navigation-override>explicit self-navigation
-   override</a> is used (<code title="">target="_self"</code>).</li>
+  <ul><li><p>The user agent must set the <dfn id=seamless-browsing-context-flag>seamless browsing context flag</dfn> to true for that
+   <a href=#browsing-context>browsing context</a>. This will <a href=#seamlessLinks>cause links to open in the
+   parent browsing context</a> unless an <a href=#explicit-self-navigation-override>explicit self-navigation override</a> is used
+   (<code title="">target="_self"</code>).</li>
 
-   <li><p>Media queries in the context of the <code><a href=#the-iframe-element>iframe</a></code>'s
-   <a href=#browsing-context>browsing context</a> (e.g. on <code title=attr-style-media><a href=#attr-style-media>media</a></code> attributes of
-   <code><a href=#the-style-element>style</a></code> elements in <code><a href=#document>Document</a></code>s in that
-   <code><a href=#the-iframe-element>iframe</a></code>) must be evaluated with respect to the nearest
-   <a href=#ancestor-browsing-context>ancestor browsing context</a> that is not itself being
-   <a href=#browsing-context-nested-through title="browsing context nested through">nested through</a>
-   an <code><a href=#the-iframe-element>iframe</a></code> that is <a href=#in-seamless-mode>in seamless
+   <li><p>Media queries in the context of the <code><a href=#the-iframe-element>iframe</a></code>'s <a href=#browsing-context>browsing context</a>
+   (e.g. on <code title=attr-style-media><a href=#attr-style-media>media</a></code> attributes of <code><a href=#the-style-element>style</a></code> elements in
+   <code><a href=#document>Document</a></code>s in that <code><a href=#the-iframe-element>iframe</a></code>) must be evaluated with respect to the nearest
+   <a href=#ancestor-browsing-context>ancestor browsing context</a> that is not itself being <a href=#browsing-context-nested-through title="browsing context
+   nested through">nested through</a> an <code><a href=#the-iframe-element>iframe</a></code> that is <a href=#in-seamless-mode>in seamless
    mode</a>. <a href=#refsMQ>[MQ]</a></li>
 
-   <li><p>In a CSS-supporting user agent: the user agent must add all
-   the style sheets that apply to the <code><a href=#the-iframe-element>iframe</a></code> element to
-   the cascade of the <a href=#active-document>active document</a> of the
-   <code><a href=#the-iframe-element>iframe</a></code> element's <a href=#nested-browsing-context>nested browsing context</a>,
-   at the appropriate cascade levels, before any style sheets
-   specified by the document itself.</li>
+   <li><p>In a CSS-supporting user agent: the user agent must add all the style sheets that apply to
+   the <code><a href=#the-iframe-element>iframe</a></code> element to the cascade of the <a href=#active-document>active document</a> of the
+   <code><a href=#the-iframe-element>iframe</a></code> element's <a href=#nested-browsing-context>nested browsing context</a>, at the appropriate cascade
+   levels, before any style sheets specified by the document itself.</li>
 
-   <li><p>In a CSS-supporting user agent: the user agent must, for the
-   purpose of CSS property inheritance only, treat the root element of
-   the <a href=#active-document>active document</a> of the <code><a href=#the-iframe-element>iframe</a></code>
-   element's <a href=#nested-browsing-context>nested browsing context</a> as being a child of
-   the <code><a href=#the-iframe-element>iframe</a></code> element. (Thus inherited properties on the
-   root element of the document in the <code><a href=#the-iframe-element>iframe</a></code> will
-   inherit the computed values of those properties on the
-   <code><a href=#the-iframe-element>iframe</a></code> element instead of taking their initial
-   values.)</li>
+   <li><p>In a CSS-supporting user agent: the user agent must, for the purpose of CSS property
+   inheritance only, treat the root element of the <a href=#active-document>active document</a> of the
+   <code><a href=#the-iframe-element>iframe</a></code> element's <a href=#nested-browsing-context>nested browsing context</a> as being a child of the
+   <code><a href=#the-iframe-element>iframe</a></code> element. (Thus inherited properties on the root element of the document in
+   the <code><a href=#the-iframe-element>iframe</a></code> will inherit the computed values of those properties on the
+   <code><a href=#the-iframe-element>iframe</a></code> element instead of taking their initial values.)</li>
 
-   <li><p>In visual media, in a CSS-supporting user agent: the user
-   agent should set the intrinsic width of the <code><a href=#the-iframe-element>iframe</a></code> to
-   the width that the element would have if it was a non-replaced
-   block-level element with 'width: auto', unless that width would be
-   zero (e.g. if the element is floating or absolutely positioned), in
-   which case the user agent should set the intrinsic width of the
-   <code><a href=#the-iframe-element>iframe</a></code> to the shrink-to-fit width of the root element
-   (if any) of the content rendered in the
-   <code><a href=#the-iframe-element>iframe</a></code>.</li>
+   <li><p>In visual media, in a CSS-supporting user agent: the user agent should set the intrinsic
+   width of the <code><a href=#the-iframe-element>iframe</a></code> to the width that the element would have if it was a
+   non-replaced block-level element with 'width: auto', unless that width would be zero (e.g. if the
+   element is floating or absolutely positioned), in which case the user agent should set the
+   intrinsic width of the <code><a href=#the-iframe-element>iframe</a></code> to the shrink-to-fit width of the root element (if
+   any) of the content rendered in the <code><a href=#the-iframe-element>iframe</a></code>.</li>
 
-   <li><p>In visual media, in a CSS-supporting user agent: the user
-   agent should set the intrinsic height of the <code><a href=#the-iframe-element>iframe</a></code> to
-   the shortest height that would make the content rendered in the
-   <code><a href=#the-iframe-element>iframe</a></code> at its current width (as given in the previous
-   bullet point) have no scrollable overflow at its bottom edge<!--,
-   if the scrolling position was such that the top of the viewport for
-   the content rendered in the <code>iframe</code> was aligned with
-   the origin of that content's canvas-->. Scrollable overflow is any
-   overflow that would increase the range to which a scrollbar or
-   other scrolling mechanism can scroll.</li>
+   <li><p>In visual media, in a CSS-supporting user agent: the user agent should set the intrinsic
+   height of the <code><a href=#the-iframe-element>iframe</a></code> to the shortest height that would make the content rendered in
+   the <code><a href=#the-iframe-element>iframe</a></code> at its current width (as given in the previous bullet point) have no
+   scrollable overflow at its bottom edge<!--, if the scrolling position was such that the top of
+   the viewport for the content rendered in the <code>iframe</code> was aligned with the origin of
+   that content's canvas-->. Scrollable overflow is any overflow that would increase the range to
+   which a scrollbar or other scrolling mechanism can scroll.</li>
 
    <li>
 
-    <p>In visual media, in a CSS-supporting user agent: the user agent
-    must force the height of the initial containing block of the
-    <a href=#active-document>active document</a> of the <a href=#nested-browsing-context>nested browsing
+    <p>In visual media, in a CSS-supporting user agent: the user agent must force the height of the
+    initial containing block of the <a href=#active-document>active document</a> of the <a href=#nested-browsing-context>nested browsing
     context</a> of the <code><a href=#the-iframe-element>iframe</a></code> to zero.</p>
 
-    <p class=note>This is intended to get around the otherwise
-    circular dependency of percentage dimensions that depend on the
-    height of the containing block, thus affecting the height of the
-    document's bounding box, thus affecting the height of the
-    viewport, thus affecting the size of the initial containing
-    block.</p>
+    <p class=note>This is intended to get around the otherwise circular dependency of percentage
+    dimensions that depend on the height of the containing block, thus affecting the height of the
+    document's bounding box, thus affecting the height of the viewport, thus affecting the size of
+    the initial containing block.</p>
 
    </li>
 
-   <li><p>In speech media, the user agent should render the <a href=#nested-browsing-context>nested
-   browsing context</a> without announcing that it is a separate
-   document.</li>
+   <li><p>In speech media, the user agent should render the <a href=#nested-browsing-context>nested browsing context</a>
+   without announcing that it is a separate document.</li>
 
    <li>
 
-    <p>User agents should, in general, act as if the <a href=#active-document>active
-    document</a> of the <code><a href=#the-iframe-element>iframe</a></code>'s <a href=#nested-browsing-context>nested browsing
-    context</a> was part of the document that the
+    <p>User agents should, in general, act as if the <a href=#active-document>active document</a> of the
+    <code><a href=#the-iframe-element>iframe</a></code>'s <a href=#nested-browsing-context>nested browsing context</a> was part of the document that the
     <code><a href=#the-iframe-element>iframe</a></code> is in, if any.</p>
 
-    <p class=example>For example if the user agent supports listing
-    all the links in a document, links in "seamlessly" nested
-    documents would be included in that list without being
+    <p class=example>For example if the user agent supports listing all the links in a document,
+    links in "seamlessly" nested documents would be included in that list without being
     significantly distinguished from links in the document itself.</p>
 
    </li>
 
-  </ul><p>If the attribute is not specified, or if the <a href=#origin>origin</a>
-  conditions listed above are not met, then the user agent should
-  render the <a href=#nested-browsing-context>nested browsing context</a> in a manner that is
-  clearly distinguishable as a separate <a href=#browsing-context>browsing context</a>,
-  and the <a href=#seamless-browsing-context-flag>seamless browsing context flag</a> must be set to
-  false for that <a href=#browsing-context>browsing context</a>.</p>
+  </ul><p>If the attribute is not specified, or if the <a href=#origin>origin</a> conditions listed above are
+  not met, then the user agent should render the <a href=#nested-browsing-context>nested browsing context</a> in a manner
+  that is clearly distinguishable as a separate <a href=#browsing-context>browsing context</a>, and the
+  <a href=#seamless-browsing-context-flag>seamless browsing context flag</a> must be set to false for that <a href=#browsing-context>browsing
+  context</a>.</p>
 
-  <p class=warning>It is important that user agents recheck the
-  above conditions whenever the <a href=#active-document>active document</a> of the
-  <a href=#nested-browsing-context>nested browsing context</a> of the <code><a href=#the-iframe-element>iframe</a></code>
-  changes, such that the <a href=#seamless-browsing-context-flag>seamless browsing context flag</a>
-  gets unset if the <a href=#nested-browsing-context>nested browsing context</a> is <a href=#navigate title=navigate>navigated</a> to another origin.</p>
+  <p class=warning>It is important that user agents recheck the above conditions whenever the
+  <a href=#active-document>active document</a> of the <a href=#nested-browsing-context>nested browsing context</a> of the
+  <code><a href=#the-iframe-element>iframe</a></code> changes, such that the <a href=#seamless-browsing-context-flag>seamless browsing context flag</a> gets unset
+  if the <a href=#nested-browsing-context>nested browsing context</a> is <a href=#navigate title=navigate>navigated</a> to another
+  origin.</p>
 
   </div>
 
-  <p class=note>The attribute can be set or removed dynamically,
-  with the rendering updating in tandem.</p>
+  <p class=note>The attribute can be set or removed dynamically, with the rendering updating in
+  tandem.</p>
 
   <div class=example>
 
-   <p>In this example, the site's navigation is embedded using a
-   client-side include using an <code><a href=#the-iframe-element>iframe</a></code>. Any links in the
-   <code><a href=#the-iframe-element>iframe</a></code> will, in new user agents, be automatically
-   opened in the <code><a href=#the-iframe-element>iframe</a></code>'s parent browsing context; for
-   legacy user agents, the site could also include a <code><a href=#the-base-element>base</a></code>
-   element with a <code title=attr-base-target><a href=#attr-base-target>target</a></code>
-   attribute with the value <code title="">_parent</code>. Similarly,
-   in new user agents the styles of the parent page will be
-   automatically applied to the contents of the frame, but to support
-   legacy user agents authors might wish to include the styles
+   <p>In this example, the site's navigation is embedded using a client-side include using an
+   <code><a href=#the-iframe-element>iframe</a></code>. Any links in the <code><a href=#the-iframe-element>iframe</a></code> will, in new user agents, be
+   automatically opened in the <code><a href=#the-iframe-element>iframe</a></code>'s parent browsing context; for legacy user
+   agents, the site could also include a <code><a href=#the-base-element>base</a></code> element with a <code title=attr-base-target><a href=#attr-base-target>target</a></code> attribute with the value <code title="">_parent</code>.
+   Similarly, in new user agents the styles of the parent page will be automatically applied to the
+   contents of the frame, but to support legacy user agents authors might wish to include the styles
    explicitly.</p>
 
    <pre><nav><iframe seamless src="nav.include.html"></iframe></nav></pre>
 
   </div>
 
-  <p class=note>The <code title=attr-contenteditable><a href=#attr-contenteditable>contenteditable</a></code> attribute does
-  not propagate into <code title=attr-iframe-seamless><a href=#attr-iframe-seamless>seamless</a></code>
-  <code><a href=#the-iframe-element>iframe</a></code>s.</p>
+  <p class=note>The <code title=attr-contenteditable><a href=#attr-contenteditable>contenteditable</a></code> attribute does not
+  propagate into <code title=attr-iframe-seamless><a href=#attr-iframe-seamless>seamless</a></code> <code><a href=#the-iframe-element>iframe</a></code>s.</p>
 
-  <hr><p>The <code><a href=#the-iframe-element>iframe</a></code> element supports <a href=#dimension-attributes>dimension
-  attributes</a> for cases where the embedded content has specific
-  dimensions (e.g. ad units have well-defined dimensions).</p>
 
-  <p>An <code><a href=#the-iframe-element>iframe</a></code> element never has <a href=#fallback-content>fallback
-  content</a>, as it will always create a nested <a href=#browsing-context>browsing
-  context</a>, regardless of whether the specified initial contents
-  are successfully used.</p>
+  <hr><!-- DIM ATTRIBUTES --><p>The <code><a href=#the-iframe-element>iframe</a></code> element supports <a href=#dimension-attributes>dimension attributes</a> for cases where the
+  embedded content has specific dimensions (e.g. ad units have well-defined dimensions).</p>
 
-  <p>Descendants of <code><a href=#the-iframe-element>iframe</a></code> elements represent
-  nothing. (In legacy user agents that do not support
-  <code><a href=#the-iframe-element>iframe</a></code> elements, the contents would be parsed as markup
-  that could act as fallback content.)</p>
+  <p>An <code><a href=#the-iframe-element>iframe</a></code> element never has <a href=#fallback-content>fallback content</a>, as it will always
+  create a nested <a href=#browsing-context>browsing context</a>, regardless of whether the specified initial
+  contents are successfully used.</p>
 
-  <p id=iframe-content-model>When used in <a href=#html-documents>HTML
-  documents</a>, the allowed content model of <code><a href=#the-iframe-element>iframe</a></code>
-  elements is text, except that invoking the <a href=#html-fragment-parsing-algorithm>HTML fragment
-  parsing algorithm</a> with the <code><a href=#the-iframe-element>iframe</a></code> element as the
-  <var title=concept-frag-parse-context><a href=#concept-frag-parse-context>context</a></var> element and
-  the text contents as the <var title="">input</var> must result in a
-  list of nodes that are all <a href=#phrasing-content>phrasing content</a>, with no
-  <a href=#parse-error title="parse error">parse errors</a> having occurred, with
-  no <code><a href=#the-script-element>script</a></code> elements being anywhere in the list or as
-  descendants of elements in the list, and with all the elements in
-  the list (including their descendants) being themselves
-  conforming.</p>
 
-  <p>The <code><a href=#the-iframe-element>iframe</a></code> element must be empty in <a href=#xml-documents>XML
-  documents</a>.</p>
+  <hr><!-- FALLBACK --><p>Descendants of <code><a href=#the-iframe-element>iframe</a></code> elements represent nothing. (In legacy user agents that do
+  not support <code><a href=#the-iframe-element>iframe</a></code> elements, the contents would be parsed as markup that could act as
+  fallback content.)</p>
 
-  <p class=note>The <a href=#html-parser>HTML parser</a> treats markup inside
-  <code><a href=#the-iframe-element>iframe</a></code> elements as text.</p>
+  <p id=iframe-content-model>When used in <a href=#html-documents>HTML documents</a>, the allowed content model
+  of <code><a href=#the-iframe-element>iframe</a></code> elements is text, except that invoking the <a href=#html-fragment-parsing-algorithm>HTML fragment parsing
+  algorithm</a> with the <code><a href=#the-iframe-element>iframe</a></code> element as the <var title=concept-frag-parse-context><a href=#concept-frag-parse-context>context</a></var> element and the text contents as the <var title="">input</var> must result in a list of nodes that are all <a href=#phrasing-content>phrasing content</a>,
+  with no <a href=#parse-error title="parse error">parse errors</a> having occurred, with no <code><a href=#the-script-element>script</a></code>
+  elements being anywhere in the list or as descendants of elements in the list, and with all the
+  elements in the list (including their descendants) being themselves conforming.</p>
 
+  <p>The <code><a href=#the-iframe-element>iframe</a></code> element must be empty in <a href=#xml-documents>XML documents</a>.</p>
+
+  <p class=note>The <a href=#html-parser>HTML parser</a> treats markup inside <code><a href=#the-iframe-element>iframe</a></code> elements as
+  text.</p>
+
+
   <div class=impl>
 
-  <p>The IDL attributes <dfn id=dom-iframe-src title=dom-iframe-src><code>src</code></dfn>, <dfn id=dom-iframe-srcdoc title=dom-iframe-srcdoc><code>srcdoc</code></dfn>, <dfn id=dom-iframe-name title=dom-iframe-name><code>name</code></dfn>, <dfn id=dom-iframe-sandbox title=dom-iframe-sandbox><code>sandbox</code></dfn>, and <dfn id=dom-iframe-seamless title=dom-iframe-seamless><code>seamless</code></dfn> must
-  <a href=#reflect>reflect</a> the respective content attributes of the same
-  name.</p>
+  <hr><!-- DOM --><p>The IDL attributes <dfn id=dom-iframe-src title=dom-iframe-src><code>src</code></dfn>, <dfn id=dom-iframe-srcdoc title=dom-iframe-srcdoc><code>srcdoc</code></dfn>, <dfn id=dom-iframe-name title=dom-iframe-name><code>name</code></dfn>, <dfn id=dom-iframe-sandbox title=dom-iframe-sandbox><code>sandbox</code></dfn>, and <dfn id=dom-iframe-seamless title=dom-iframe-seamless><code>seamless</code></dfn> must <a href=#reflect>reflect</a> the respective
+  content attributes of the same name.</p>
 
-  <p>The <dfn id=dom-iframe-contentdocument title=dom-iframe-contentDocument><code>contentDocument</code></dfn>
-  IDL attribute must return the <code><a href=#document>Document</a></code> object of the
-  <a href=#active-document>active document</a> of the <code><a href=#the-iframe-element>iframe</a></code> element's
-  <a href=#nested-browsing-context>nested browsing context</a>, if any, or null otherwise.</p>
+  <p>The <dfn id=dom-iframe-contentdocument title=dom-iframe-contentDocument><code>contentDocument</code></dfn> IDL attribute
+  must return the <code><a href=#document>Document</a></code> object of the <a href=#active-document>active document</a> of the
+  <code><a href=#the-iframe-element>iframe</a></code> element's <a href=#nested-browsing-context>nested browsing context</a>, if any, or null otherwise.</p>
 
-  <p>The <dfn id=dom-iframe-contentwindow title=dom-iframe-contentWindow><code>contentWindow</code></dfn>
-  IDL attribute must return the <code><a href=#windowproxy>WindowProxy</a></code> object of the
-  <code><a href=#the-iframe-element>iframe</a></code> element's <a href=#nested-browsing-context>nested browsing
-  context</a>, if any, or null otherwise.</p>
+  <p>The <dfn id=dom-iframe-contentwindow title=dom-iframe-contentWindow><code>contentWindow</code></dfn> IDL attribute must
+  return the <code><a href=#windowproxy>WindowProxy</a></code> object of the <code><a href=#the-iframe-element>iframe</a></code> element's <a href=#nested-browsing-context>nested
+  browsing context</a>, if any, or null otherwise.</p>
 
   </div>
 
   <div class=example>
 
-   <p>Here is an example of a page using an <code><a href=#the-iframe-element>iframe</a></code> to
-   include advertising from an advertising broker:</p>
+   <p>Here is an example of a page using an <code><a href=#the-iframe-element>iframe</a></code> to include advertising from an
+   advertising broker:</p>
 
    <pre><iframe src="http://ads.example.com/?customerid=923513721&amp;format=banner"
         width="468" height="60"></iframe></pre>

Modified: index
===================================================================
--- index	2012-09-26 00:22:32 UTC (rev 7405)
+++ index	2012-09-26 03:27:07 UTC (rev 7406)
@@ -1471,12 +1471,7 @@
    publication policies</a>.</li>
 -->
 
-   <li>The W3C HTML specification omits an example that references the
-   schema.org microdata vocabulary as part of a compromise intended to
-   resolve larger issues of divergence between the specifications.
-   (Many other examples that reference schema.org and microdata are
-   included apparently without issue, however.)</li><!-- "I put a bike
-   bell on his bike." -->
+   <li>The W3C HTML specification omits mentions of microdata.</li>
 
    <li>The W3C HTML specification defines conformance for documents in
    a more traditional (version-orientated) way, because of <a href=http://lists.w3.org/Archives/Public/public-html/2011Mar/0574.html>a
@@ -26582,112 +26577,134 @@
   readonly attribute <a href=#windowproxy>WindowProxy</a>? <a href=#dom-iframe-contentwindow title=dom-iframe-contentWindow>contentWindow</a>;
 };</pre>
    </dd>
-  </dl><!--TOPIC:HTML--><p>The <code><a href=#the-iframe-element>iframe</a></code> element <a href=#represents>represents</a> a
-  <a href=#nested-browsing-context>nested browsing context</a>.</p>
+  </dl><!--TOPIC:HTML--><!-- INTRO --><p>The <code><a href=#the-iframe-element>iframe</a></code> element <a href=#represents>represents</a> a <a href=#nested-browsing-context>nested browsing
+  context</a>.</p>
 
-  <p>The <dfn id=attr-iframe-src title=attr-iframe-src><code>src</code></dfn> attribute
-  gives the address of a page that the <a href=#nested-browsing-context>nested browsing
-  context</a> is to contain. The attribute, if present, must be a
-  <a href=#valid-non-empty-url-potentially-surrounded-by-spaces>valid non-empty URL potentially surrounded by
-  spaces</a>.</p>
 
-<!--MD-->
-  <p>If the <code title=attr-itemprop><a href=#names:-the-itemprop-attribute>itemprop</a></code> is specified
-  on an <code><a href=#the-iframe-element>iframe</a></code> element, then the <code title=attr-iframe-src><a href=#attr-iframe-src>src</a></code> attribute must also be
-  specified.</p>
-<!--MD-->
+  <!-- SRC/SRCDOC -->
 
-  <p>The <dfn id=attr-iframe-srcdoc title=attr-iframe-srcdoc><code>srcdoc</code></dfn>
-  attribute gives the content of the page that the <a href=#nested-browsing-context>nested
-  browsing context</a> is to contain. The value of the attribute is
-  the source of <dfn id=an-iframe-srcdoc-document>an <code>iframe</code> <code title=attr-iframe-srcdoc>srcdoc</code> document</dfn>.</p>
+  <p>The <dfn id=attr-iframe-src title=attr-iframe-src><code>src</code></dfn> attribute gives the address of a page
+  that the <a href=#nested-browsing-context>nested browsing context</a> is to contain. The attribute, if present, must be a
+  <a href=#valid-non-empty-url-potentially-surrounded-by-spaces>valid non-empty URL potentially surrounded by spaces</a>. If the <code title=attr-itemprop><a href=#names:-the-itemprop-attribute>itemprop</a></code> is specified on an <code><a href=#the-iframe-element>iframe</a></code> element, then the
+  <code title=attr-iframe-src><a href=#attr-iframe-src>src</a></code> attribute must also be specified.</p>
 
-  <p>For <code><a href=#the-iframe-element>iframe</a></code> elements in <a href=#html-documents>HTML documents</a>,
-  the attribute, if present, must have a value using <a href=#syntax>the HTML
-  syntax</a> that consists of the following syntactic components,
-  in the given order:</p>
+  <p>The <dfn id=attr-iframe-srcdoc title=attr-iframe-srcdoc><code>srcdoc</code></dfn> attribute gives the content of
+  the page that the <a href=#nested-browsing-context>nested browsing context</a> is to contain. The value of the attribute
+  is the source of <dfn id=an-iframe-srcdoc-document>an <code>iframe</code> <code title=attr-iframe-srcdoc>srcdoc</code>
+  document</dfn>.</p>
 
-  <ol><li>Any number of <a href=#syntax-comments title=syntax-comments>comments</a> and
-   <a href=#space-character title="space character">space characters</a>.</li>
+  <p>For <code><a href=#the-iframe-element>iframe</a></code> elements in <a href=#html-documents>HTML documents</a>, the <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute, if present, must have a value using <a href=#syntax>the
+  HTML syntax</a> that consists of the following syntactic components, in the given order:</p>
 
+  <ol><li>Any number of <a href=#syntax-comments title=syntax-comments>comments</a> and <a href=#space-character title="space
+   character">space characters</a>.</li>
+
    <li>Optionally, a <a href=#syntax-doctype title=syntax-doctype>DOCTYPE</a>.
 
-   <li>Any number of <a href=#syntax-comments title=syntax-comments>comments</a> and
-   <a href=#space-character title="space character">space characters</a>.</li>
+   <li>Any number of <a href=#syntax-comments title=syntax-comments>comments</a> and <a href=#space-character title="space
+   character">space characters</a>.</li>
 
    <li>The root element, in the form of an <code><a href=#the-html-element>html</a></code> <a href=#syntax-elements title=syntax-elements>element</a>.</li>
 
-   <li>Any number of <a href=#syntax-comments title=syntax-comments>comments</a> and
-   <a href=#space-character title="space character">space characters</a>.</li>
+   <li>Any number of <a href=#syntax-comments title=syntax-comments>comments</a> and <a href=#space-character title="space
+   character">space characters</a>.</li>
 
-  </ol><p>For <code><a href=#the-iframe-element>iframe</a></code> elements in <a href=#xml-documents>XML documents</a>,
-  the attribute, if present, must have a value that matches the
-  production labeled <code title="">document</code> in the XML
-  specification. <a href=#refsXML>[XML]</a></p>
+  </ol><p>For <code><a href=#the-iframe-element>iframe</a></code> elements in <a href=#xml-documents>XML documents</a>, the <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute, if present, must have a value that matches the
+  production labeled <code title="">document</code> in the XML specification. <a href=#refsXML>[XML]</a></p>
 
-  <p>If the <code title=attr-iframe-src><a href=#attr-iframe-src>src</a></code> attribute and the
-  <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute are both
-  specified together, the <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code>
-  attribute takes priority. This allows authors to provide a fallback
-  <a href=#url>URL</a> for legacy user agents that do not support the
-  <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute.</p>
+  <div class=example>
 
+   <p>Here a blog uses the <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute in conjunction
+   with the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> and <code title=attr-iframe-seamless><a href=#attr-iframe-seamless>seamless</a></code> attributes described below to provide users of user
+   agents that support this feature with an extra layer of protection from script injection in the
+   blog post comments:</p>
+
+   <pre><article>
+ <h1>I got my own magazine!</h1>
+ <p>After much effort, I've finally found a publisher, and so now I
+ have my own magazine! Isn't that awesome?! The first issue will come
+ out in September, and we have articles about getting food, and about
+ getting in boxes, it's going to be great!</p>
+ <footer>
+  <p>Written by <a href="/users/cap">cap</a>, 1 hour ago.
+ </footer>
+ <article>
+  <footer> Thirteen minutes ago, <a href="/users/ch">ch</a> wrote: </footer>
+  <iframe seamless sandbox srcdoc="<p>did you get a cover picture yet?"></iframe>
+ </article>
+ <article>
+  <footer> Nine minutes ago, <a href="/users/cap">cap</a> wrote: </footer>
+  <iframe seamless sandbox srcdoc="<p>Yeah, you can see it <a href=&quot;/gallery?mode=cover&amp;amp;page=1&quot;>in my gallery</a>."></iframe>
+ </article>
+ <article>
+  <footer> Five minutes ago, <a href="/users/ch">ch</a> wrote: </footer>
+  <iframe seamless sandbox srcdoc="<p>hey that's earl's table.
+<p>you should get earl&amp;amp;me on the next cover."></iframe>
+ </article></pre>
+
+   <p>Notice the way that quotes have to be escaped (otherwise the <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute would end prematurely), and the way raw
+   ampersands (e.g. in URLs or in prose) mentioned in the sandboxed content have to be
+   <em>doubly</em> escaped — once so that the ampersand is preserved when originally parsing
+   the <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute, and once more to prevent the
+   ampersand from being misinterpreted when parsing the sandboxed content.</p>
+
+  </div>
+
+  <p class=note>In <a href=#syntax>the HTML syntax</a>, authors need only remember to use U+0022
+  QUOTATION MARK characters (") to wrap the attribute contents and then to escape all U+0022
+  QUOTATION MARK (") and U+0026 AMPERSAND (&) characters, and to specify the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attribute, to ensure safe embedding of content.</p>
+
+  <p class=note>Due to restrictions of <a href=#the-xhtml-syntax>the XHTML syntax</a>, in XML the U+003C LESS-THAN
+  SIGN character (<) needs to be escaped as well. In order to prevent <a href=http://www.w3.org/TR/REC-xml/#AVNormalize>attribute-value normalization</a>, some of XML's
+  whitespace characters — specifically U+0009 CHARACTER TABULATION (tab), U+000A LINE FEED
+  (LF), and U+000D CARRIAGE RETURN (CR) — also need to be escaped. <a href=#refsXML>[XML]</a></p>
+
+  <p class=note>If the <code title=attr-iframe-src><a href=#attr-iframe-src>src</a></code> attribute and the <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute are both specified together, the <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute takes priority. This allows authors to provide
+  a fallback <a href=#url>URL</a> for legacy user agents that do not support the <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute.</p>
+
+
   <div class=impl>
 
-  <p>When an <code><a href=#the-iframe-element>iframe</a></code> element is <a href=#insert-an-element-into-a-document title="insert an
-  element into a document">inserted into a document</a>, the user
-  agent must create a <a href=#nested-browsing-context>nested browsing context</a>, and then
-  <a href=#process-the-iframe-attributes>process the <code>iframe</code> attributes</a> for the
-  first time.</p>
+  <hr><!-- SRC/SRCDOC PROCESSING MODEL --><p>When an <code><a href=#the-iframe-element>iframe</a></code> element is <a href=#insert-an-element-into-a-document title="insert an element into a document">inserted
+  into a document</a>, the user agent must create a <a href=#nested-browsing-context>nested browsing context</a>, and
+  then <a href=#process-the-iframe-attributes>process the <code>iframe</code> attributes</a> for the first time.</p>
 
-  <p>When an <code><a href=#the-iframe-element>iframe</a></code> element is <a href=#remove-an-element-from-a-document title="remove an
-  element from a document">removed from a document</a>, the user
-  agent must <a href=#a-browsing-context-is-discarded title="a browsing context is
-  discarded">discard</a> the <a href=#nested-browsing-context>nested browsing
-  context</a>.</p>
+  <p>When an <code><a href=#the-iframe-element>iframe</a></code> element is <a href=#remove-an-element-from-a-document title="remove an element from a document">removed
+  from a document</a>, the user agent must <a href=#a-browsing-context-is-discarded title="a browsing context is
+  discarded">discard</a> the <a href=#nested-browsing-context>nested browsing context</a>.</p>
 
-  <p class=note>This happens without any <code title=event-unload>unload</code> events firing (the <a href=#nested-browsing-context>nested
-  browsing context</a> and its <code><a href=#document>Document</a></code> are <em title="a browsing context is discarded">discarded</em>, not <em title="unload a document">unloaded</em>).</p>
+  <p class=note>This happens without any <code title=event-unload>unload</code> events firing
+  (the <a href=#nested-browsing-context>nested browsing context</a> and its <code><a href=#document>Document</a></code> are <em title="a browsing
+  context is discarded">discarded</em>, not <em title="unload a document">unloaded</em>).</p>
 
   <!-- START of section that's very similar to <frame> -->
 
-  <p>Whenever an <code><a href=#the-iframe-element>iframe</a></code> element with a <a href=#nested-browsing-context>nested
-  browsing context</a> has its <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute set, changed, or
-  removed, the user agent must <a href=#process-the-iframe-attributes>process the <code>iframe</code>
-  attributes</a>.</p>
+  <p>Whenever an <code><a href=#the-iframe-element>iframe</a></code> element with a <a href=#nested-browsing-context>nested browsing context</a> has its
+  <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute set, changed, or removed, the user agent
+  must <a href=#process-the-iframe-attributes>process the <code>iframe</code> attributes</a>.</p>
 
-  <p>Similarly, whenever an <code><a href=#the-iframe-element>iframe</a></code> element with a
-  <a href=#nested-browsing-context>nested browsing context</a> but with no <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute specified has its
-  <code title=attr-iframe-src><a href=#attr-iframe-src>src</a></code> attribute set, changed, or
-  removed, the user agent must <a href=#process-the-iframe-attributes>process the <code>iframe</code>
-  attributes</a>.</p> <!-- It doesn't happen when the base URL is
-  changed, though. -->
+  <p>Similarly, whenever an <code><a href=#the-iframe-element>iframe</a></code> element with a <a href=#nested-browsing-context>nested browsing context</a>
+  but with no <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute specified has its <code title=attr-iframe-src><a href=#attr-iframe-src>src</a></code> attribute set, changed, or removed, the user agent must
+  <a href=#process-the-iframe-attributes>process the <code>iframe</code> attributes</a>.</p> <!-- It doesn't happen when the base
+  URL is changed, though. -->
 
-  <p>When the user agent is to <dfn id=process-the-iframe-attributes>process the <code>iframe</code>
-  attributes</dfn>, it must run the first appropriate steps from the
-  following list:</p>
+  <p>When the user agent is to <dfn id=process-the-iframe-attributes>process the <code>iframe</code> attributes</dfn>, it must run
+  the first appropriate steps from the following list:</p>
 
-  <dl class=switch><dt>If the <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute
-   is specified</dt>
+  <dl class=switch><dt>If the <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute is specified</dt>
 
-   <dd><p><a href=#navigate>Navigate</a><!--DONAV iframe--> the element's
-   <a href=#child-browsing-context>child browsing context</a> to a resource whose
-   <a href=#content-type>Content-Type</a> is <code><a href=#text/html>text/html</a></code>, whose
-   <a href=#url>URL</a> is <code><a href=#about:srcdoc>about:srcdoc</a></code>, and whose data
-   consists of the value of the attribute. The resulting
-   <code><a href=#document>Document</a></code> must be considered <a href=#an-iframe-srcdoc-document>an
-   <code>iframe</code> <code title=attr-iframe-srcdoc>srcdoc</code>
-   document</a>.</dd>
+   <dd><p><a href=#navigate>Navigate</a><!--DONAV iframe--> the element's <a href=#child-browsing-context>child browsing context</a>
+   to a resource whose <a href=#content-type>Content-Type</a> is <code><a href=#text/html>text/html</a></code>, whose <a href=#url>URL</a>
+   is <code><a href=#about:srcdoc>about:srcdoc</a></code>, and whose data consists of the value of the attribute. The
+   resulting <code><a href=#document>Document</a></code> must be considered <a href=#an-iframe-srcdoc-document>an <code>iframe</code> <code title=attr-iframe-srcdoc>srcdoc</code> document</a>.</dd>
 
-   <dt>Otherwise, if the element has no <code title=attr-iframe-src><a href=#attr-iframe-src>src</a></code> attribute specified, and the
-   user agent is processing the <code><a href=#the-iframe-element>iframe</a></code>'s attributes for
-   the first time</dt>
+   <dt>Otherwise, if the element has no <code title=attr-iframe-src><a href=#attr-iframe-src>src</a></code> attribute
+   specified, and the user agent is processing the <code><a href=#the-iframe-element>iframe</a></code>'s attributes for the first
+   time</dt>
 
    <dd>
 
-    <p><a href=#queue-a-task>Queue a task</a> to <a href=#fire-a-simple-event>fire a simple event</a>
-    named <code title=event-load>load</code> at the
-    <code><a href=#the-iframe-element>iframe</a></code> element.</p>
+    <p><a href=#queue-a-task>Queue a task</a> to <a href=#fire-a-simple-event>fire a simple event</a> named <code title=event-load>load</code> at the <code><a href=#the-iframe-element>iframe</a></code> element.</p>
 
    </dd>
 
@@ -26697,207 +26714,118 @@
 
     <ol><li>
 
-      <p>If the value of the <code title=attr-iframe-src><a href=#attr-iframe-src>src</a></code>
-      attribute is the empty string, let <var title="">url</var> be
-      the string "<code><a href=#about:blank>about:blank</a></code>".</p>
+      <p>If the value of the <code title=attr-iframe-src><a href=#attr-iframe-src>src</a></code> attribute is the empty string,
+      let <var title="">url</var> be the string "<code><a href=#about:blank>about:blank</a></code>".</p>
 
-      <p>Otherwise, <a href=#resolve-a-url title="resolve a url">resolve</a> the
-      value of the <code title=attr-iframe-src><a href=#attr-iframe-src>src</a></code> attribute,
-      relative to the <code><a href=#the-iframe-element>iframe</a></code> element.</p>
+      <p>Otherwise, <a href=#resolve-a-url title="resolve a url">resolve</a> the value of the <code title=attr-iframe-src><a href=#attr-iframe-src>src</a></code> attribute, relative to the <code><a href=#the-iframe-element>iframe</a></code> element.</p>
 
-      <p>If that is not successful, then let <var title="">url</var>
-      be the string "<code><a href=#about:blank>about:blank</a></code>". Otherwise, let <var title="">url</var> be the resulting <a href=#absolute-url>absolute
-      URL</a>.</p>
+      <p>If that is not successful, then let <var title="">url</var> be the string
+      "<code><a href=#about:blank>about:blank</a></code>". Otherwise, let <var title="">url</var> be the resulting
+      <a href=#absolute-url>absolute URL</a>.</p>
 
      </li>
 
      <li>
 
-      <p><a href=#navigate>Navigate</a><!--DONAV iframe--> the element's
-      <a href=#child-browsing-context>child browsing context</a> to <var title="">url</var>.</p>
+      <p><a href=#navigate>Navigate</a><!--DONAV iframe--> the element's <a href=#child-browsing-context>child browsing context</a>
+      to <var title="">url</var>.</p>
       
      </li>
 
     </ol></dd>
 
-  </dl><p>Any <a href=#navigate title=navigate>navigation</a> required of the user
-  agent in the <a href=#process-the-iframe-attributes>process the <code>iframe</code> attributes</a>
-  algorithm must be completed as an <a href=#explicit-self-navigation-override>explicit self-navigation
-  override</a> and with the <code><a href=#the-iframe-element>iframe</a></code> element's
-  document's <a href=#browsing-context>browsing context</a> as the <a href=#source-browsing-context>source
-  browsing context</a>.</p>
+  </dl><p>Any <a href=#navigate title=navigate>navigation</a> required of the user agent in the <a href=#process-the-iframe-attributes>process
+  the <code>iframe</code> attributes</a> algorithm must be completed as an <a href=#explicit-self-navigation-override>explicit
+  self-navigation override</a> and with the <code><a href=#the-iframe-element>iframe</a></code> element's document's
+  <a href=#browsing-context>browsing context</a> as the <a href=#source-browsing-context>source browsing context</a>.</p>
 
-  <p>Furthermore, if the <a href=#active-document>active document</a> of the element's
-  <a href=#child-browsing-context>child browsing context</a> before such a <a href=#navigate title=navigate>navigation</a> was not <a href=#completely-loaded>completely
-  loaded</a> at the time of the new <a href=#navigate title=navigate>navigation</a>, then the <a href=#navigate title=navigate>navigation</a> must be completed with
-  <a href=#replacement-enabled>replacement enabled</a>.</p>
+  <p>Furthermore, if the <a href=#active-document>active document</a> of the element's <a href=#child-browsing-context>child browsing
+  context</a> before such a <a href=#navigate title=navigate>navigation</a> was not <a href=#completely-loaded>completely
+  loaded</a> at the time of the new <a href=#navigate title=navigate>navigation</a>, then the <a href=#navigate title=navigate>navigation</a> must be completed with <a href=#replacement-enabled>replacement enabled</a>.</p>
 
-  <p>Similarly, if the <a href=#child-browsing-context>child browsing context</a>'s
-  <a href=#session-history>session history</a> contained only one
-  <code><a href=#document>Document</a></code> when the <a href=#process-the-iframe-attributes>process the <code>iframe</code>
-  attributes</a> algorithm was invoked, and that was the
-  <code><a href=#about:blank>about:blank</a></code> <code><a href=#document>Document</a></code> created when the
-  <a href=#child-browsing-context>child browsing context</a> was created, then any <a href=#navigate title=navigate>navigation</a> required of the user agent in
-  that algorithm must be completed with <a href=#replacement-enabled>replacement
-  enabled</a>.</p> <!-- see also the note near similar text for the
+  <p>Similarly, if the <a href=#child-browsing-context>child browsing context</a>'s <a href=#session-history>session history</a> contained
+  only one <code><a href=#document>Document</a></code> when the <a href=#process-the-iframe-attributes>process the <code>iframe</code> attributes</a>
+  algorithm was invoked, and that was the <code><a href=#about:blank>about:blank</a></code> <code><a href=#document>Document</a></code> created
+  when the <a href=#child-browsing-context>child browsing context</a> was created, then any <a href=#navigate title=navigate>navigation</a> required of the user agent in that algorithm must be completed
+  with <a href=#replacement-enabled>replacement enabled</a>.</p> <!-- see also the note near similar text for the
   location.assign() method -->
 
-  </div>
+  <p>When content loads in an <code><a href=#the-iframe-element>iframe</a></code>, after any <code title=event-load>load</code>
+  events are fired within the content itself, <!-- XXX bug 16829 --> the user agent must <a href=#queue-a-task>queue
+  a task</a> to <a href=#fire-a-simple-event>fire a simple event</a> named <code title=event-load>load</code> at
+  the <code><a href=#the-iframe-element>iframe</a></code> element. When content whose <a href=#url>URL</a> has the <a href=#same-origin>same
+  origin</a> as the <code><a href=#the-iframe-element>iframe</a></code> element's <code><a href=#document>Document</a></code> fails to load (e.g. due
+  to a DNS error, network error, or if the server returned a 4xx or 5xx status code <a href=#concept-http-equivalent-codes title=concept-http-equivalent-codes>or equivalent</a>), then the user agent must <a href=#queue-a-task>queue
+  a task</a> to <a href=#fire-a-simple-event>fire a simple event</a> named <code title=event-error>error</code> at
+  the element instead. (This event does not fire for <a href=#parse-error title="parse error">parse errors</a>,
+  script errors, or any errors for cross-origin resources.)</p>
 
-  <!-- END of section that's very similar to <frame> -->
+  <p>The <a href=#task-source>task source</a> for these <a href=#concept-task title=concept-task>tasks</a> is the <a href=#dom-manipulation-task-source>DOM
+  manipulation task source</a>.</p>
 
-  <p class=note>If, when the element is created, the <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute is not set, and
-  the <code title=attr-iframe-src><a href=#attr-iframe-src>src</a></code> attribute is either
-  also not set or set but its value cannot be <a href=#resolve-a-url title="resolve a
-  url">resolved</a>, the browsing context will remain at the
-  initial <code><a href=#about:blank>about:blank</a></code> page.</p>
+  <p class=note>A <code title=event-load>load</code> event is also fired at the
+  <code><a href=#the-iframe-element>iframe</a></code> element when it is created if no other data is loaded in it.</p>
 
-  <p class=note>If the user <a href=#navigate title=navigate>navigates</a>
-  away from this page, the <code><a href=#the-iframe-element>iframe</a></code>'s corresponding
-  <code><a href=#windowproxy>WindowProxy</a></code> object will proxy new <code><a href=#window>Window</a></code>
-  objects for new <code><a href=#document>Document</a></code> objects, but the <code title=attr-iframe-src><a href=#attr-iframe-src>src</a></code> attribute will not change.</p>
+  <p>When the <code><a href=#the-iframe-element>iframe</a></code>'s <a href=#active-document>active document</a> is not <a href=#ready-for-post-load-tasks>ready for post-load
+  tasks</a>, and when anything in the <code><a href=#the-iframe-element>iframe</a></code> is <a href=#delay-the-load-event title="delay the load
+  event">delaying the load event</a> of the <code><a href=#the-iframe-element>iframe</a></code>'s <a href=#browsing-context>browsing context</a>'s
+  <a href=#active-document>active document</a>, the <code><a href=#the-iframe-element>iframe</a></code> must <a href=#delay-the-load-event>delay the load event</a> of
+  its document.</p>
 
-  <div class=example>
+  <p class=note>If, during the handling of the <code title=event-load>load</code> event, the
+  <a href=#browsing-context>browsing context</a> in the <code><a href=#the-iframe-element>iframe</a></code> is again <a href=#navigate title=navigate>navigated</a>, that will further <a href=#delay-the-load-event>delay the load event</a>.</p>
 
-   <p>Here a blog uses the <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute in conjunction
-   with the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> and <code title=attr-iframe-seamless><a href=#attr-iframe-seamless>seamless</a></code> attributes described
-   below to provide users of user agents that support this feature
-   with an extra layer of protection from script injection in the blog
-   post comments:</p>
+  </div>
 
-   <pre><article>
- <h1>I got my own magazine!</h1>
- <p>After much effort, I've finally found a publisher, and so now I
- have my own magazine! Isn't that awesome?! The first issue will come
- out in September, and we have articles about getting food, and about
- getting in boxes, it's going to be great!</p>
- <footer>
-  <p>Written by <a href="/users/cap">cap</a>, 1 hour ago.
- </footer>
- <article>
-  <footer> Thirteen minutes ago, <a href="/users/ch">ch</a> wrote: </footer>
-  <iframe seamless sandbox srcdoc="<p>did you get a cover picture yet?"></iframe>
- </article>
- <article>
-  <footer> Nine minutes ago, <a href="/users/cap">cap</a> wrote: </footer>
-  <iframe seamless sandbox srcdoc="<p>Yeah, you can see it <a href=&quot;/gallery?mode=cover&amp;amp;page=1&quot;>in my gallery</a>."></iframe>
- </article>
- <article>
-  <footer> Five minutes ago, <a href="/users/ch">ch</a> wrote: </footer>
-  <iframe seamless sandbox srcdoc="<p>hey that's earl's table.
-<p>you should get earl&amp;amp;me on the next cover."></iframe>
- </article></pre>
+  <!-- END of section that's very similar to <frame> -->
 
-   <p>Notice the way that quotes have to be escaped (otherwise the
-   <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute would end
-   prematurely), and the way raw ampersands (e.g. in URLs or in prose)
-   mentioned in the sandboxed content have to be <em>doubly</em>
-   escaped — once so that the ampersand is preserved when
-   originally parsing the <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute, and once more
-   to prevent the ampersand from being misinterpreted when parsing the
-   sandboxed content.</p>
+  <p class=note>If, when the element is created, the <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute is not set, and the <code title=attr-iframe-src><a href=#attr-iframe-src>src</a></code> attribute is either also not set or set but its value cannot be
+  <a href=#resolve-a-url title="resolve a url">resolved</a>, the browsing context will remain at the initial
+  <code><a href=#about:blank>about:blank</a></code> page.</p>
 
-  </div>
+  <p class=note>If the user <a href=#navigate title=navigate>navigates</a> away from this page, the
+  <code><a href=#the-iframe-element>iframe</a></code>'s corresponding <code><a href=#windowproxy>WindowProxy</a></code> object will proxy new
+  <code><a href=#window>Window</a></code> objects for new <code><a href=#document>Document</a></code> objects, but the <code title=attr-iframe-src><a href=#attr-iframe-src>src</a></code> attribute will not change.</p>
 
-  <p class=note>In <a href=#syntax>the HTML syntax</a>, authors need only
-  remember to use U+0022 QUOTATION MARK characters (") to wrap the
-  attribute contents and then to escape all U+0022 QUOTATION MARK (")
-  and U+0026 AMPERSAND (&) characters, and to specify the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attribute, to ensure safe
-  embedding of content.</p>
 
-  <p class=note>Due to restrictions of <a href=#the-xhtml-syntax>the XHTML
-  syntax</a>, in XML the U+003C LESS-THAN SIGN character (<)
-  needs to be escaped as well. In order to prevent <a href=http://www.w3.org/TR/REC-xml/#AVNormalize>attribute-value
-  normalization</a>, some of XML's whitespace characters —
-  specifically U+0009 CHARACTER TABULATION (tab), U+000A LINE FEED
-  (LF), and U+000D CARRIAGE RETURN (CR) — also need to be
-  escaped. <a href=#refsXML>[XML]</a></p>
+  <hr><!-- NAME --><p>The <dfn id=attr-iframe-name title=attr-iframe-name><code>name</code></dfn> attribute, if present, must be a
+  <a href=#valid-browsing-context-name>valid browsing context name</a>. The given value is used to name the <a href=#nested-browsing-context>nested
+  browsing context</a>. <span class=impl>When the browsing context is created, if the attribute
+  is present, the <a href=#browsing-context-name>browsing context name</a> must be set to the value of this attribute;
+  otherwise, the <a href=#browsing-context-name>browsing context name</a> must be set to the empty string.</span></p>
 
-  <hr><p>The <dfn id=attr-iframe-name title=attr-iframe-name><code>name</code></dfn>
-  attribute, if present, must be a <a href=#valid-browsing-context-name>valid browsing context
-  name</a>. The given value is used to name the <a href=#nested-browsing-context>nested
-  browsing context</a>. <span class=impl>When the browsing
-  context is created, if the attribute is present, the <a href=#browsing-context-name>browsing
-  context name</a> must be set to the value of this attribute;
-  otherwise, the <a href=#browsing-context-name>browsing context name</a> must be set to the
-  empty string.</span></p>
-
   <div class=impl>
 
-  <p>Whenever the <code title=attr-iframe-name><a href=#attr-iframe-name>name</a></code> attribute
-  is set, the nested <a href=#browsing-context>browsing context</a>'s <a href=#browsing-context-name title="browsing context name">name</a> must be changed to the new
-  value. If the attribute is removed, the <a href=#browsing-context-name>browsing context
-  name</a> must be set to the empty string.</p>
+  <p>Whenever the <code title=attr-iframe-name><a href=#attr-iframe-name>name</a></code> attribute is set, the nested
+  <a href=#browsing-context>browsing context</a>'s <a href=#browsing-context-name title="browsing context name">name</a> must be changed to
+  the new value. If the attribute is removed, the <a href=#browsing-context-name>browsing context name</a> must be set to
+  the empty string.</p>
 
-  <p>When content loads in an <code><a href=#the-iframe-element>iframe</a></code>, after any <code title=event-load>load</code> events are fired within the content
-  itself, the user agent must <a href=#queue-a-task>queue a task</a> to <a href=#fire-a-simple-event>fire
-  a simple event</a> named <code title=event-load>load</code> at
-  the <code><a href=#the-iframe-element>iframe</a></code> element. When content whose <a href=#url>URL</a>
-  has the <a href=#same-origin>same origin</a> as the <code><a href=#the-iframe-element>iframe</a></code>
-  element's <code><a href=#document>Document</a></code> fails to load (e.g. due to a DNS
-  error, network error, or if the server returned a 4xx or 5xx status
-  code <a href=#concept-http-equivalent-codes title=concept-http-equivalent-codes>or
-  equivalent</a>), then the user agent must <a href=#queue-a-task>queue a
-  task</a> to <a href=#fire-a-simple-event>fire a simple event</a> named <code title=event-error>error</code> at the element instead. (This event
-  does not fire for <a href=#parse-error title="parse error">parse errors</a>,
-  script errors, or any errors for cross-origin resources.)</p>
-
-  <p>The <a href=#task-source>task source</a> for these <a href=#concept-task title=concept-task>tasks</a> is the <a href=#dom-manipulation-task-source>DOM manipulation
-  task source</a>.</p>
-
-  <p class=note>A <code title=event-load>load</code> event is also
-  fired at the <code><a href=#the-iframe-element>iframe</a></code> element when it is created if no
-  other data is loaded in it.</p>
-
-  <p>When the <code><a href=#the-iframe-element>iframe</a></code>'s <a href=#active-document>active document</a> is
-  not <a href=#ready-for-post-load-tasks>ready for post-load tasks</a>, and when anything in the
-  <code><a href=#the-iframe-element>iframe</a></code> is <a href=#delay-the-load-event title="delay the load event">delaying
-  the load event</a> of the <code><a href=#the-iframe-element>iframe</a></code>'s <a href=#browsing-context>browsing
-  context</a>'s <a href=#active-document>active document</a>, the
-  <code><a href=#the-iframe-element>iframe</a></code> must <a href=#delay-the-load-event>delay the load event</a> of its
-  document.</p>
-
-  <p class=note>If, during the handling of the <code title=event-load>load</code> event, the <a href=#browsing-context>browsing
-  context</a> in the <code><a href=#the-iframe-element>iframe</a></code> is again <a href=#navigate title=navigate>navigated</a>, that will further <a href=#delay-the-load-event>delay the
-  load event</a>.</p>
-
   </div>
 
-  <hr><p>The <dfn id=attr-iframe-sandbox title=attr-iframe-sandbox><code>sandbox</code></dfn>
-  attribute, when specified, enables a set of extra restrictions on
-  any content hosted by the <code><a href=#the-iframe-element>iframe</a></code>. Its value must be an
-  <a href=#unordered-set-of-unique-space-separated-tokens>unordered set of unique space-separated tokens</a> that are
-  <a href=#ascii-case-insensitive>ASCII case-insensitive</a>. The allowed values are
-  <code title=attr-iframe-sandbox-allow-forms><a href=#attr-iframe-sandbox-allow-forms>allow-forms</a></code>,
-  <code title=attr-iframe-sandbox-allow-popups><a href=#attr-iframe-sandbox-allow-popups>allow-popups</a></code>,
-  <code title=attr-iframe-sandbox-allow-same-origin><a href=#attr-iframe-sandbox-allow-same-origin>allow-same-origin</a></code>,
-  <code title=attr-iframe-sandbox-allow-scripts><a href=#attr-iframe-sandbox-allow-scripts>allow-scripts</a></code>, and
-  <code title=attr-iframe-sandbox-allow-top-navigation><a href=#attr-iframe-sandbox-allow-top-navigation>allow-top-navigation</a></code>.
 
-  When the attribute is set, the content is treated as being from a
-  unique <a href=#origin>origin</a>, forms and scripts are disabled, links
-  are prevented from targeting other <a href=#browsing-context title="browsing
-  context">browsing contexts</a>, and plugins are secured. The
-  <code title=attr-iframe-sandbox-allow-same-origin><a href=#attr-iframe-sandbox-allow-same-origin>allow-same-origin</a></code>
-  keyword allows the content to be treated as being from the same
-  origin instead of forcing it into a unique origin, the <code title=attr-iframe-sandbox-allow-top-navigation><a href=#attr-iframe-sandbox-allow-top-navigation>allow-top-navigation</a></code>
-  keyword allows the content to <a href=#navigate>navigate</a> its
-  <a href=#top-level-browsing-context>top-level browsing context</a>, and the <code title=attr-iframe-sandbox-allow-forms><a href=#attr-iframe-sandbox-allow-forms>allow-forms</a></code>, <code title=attr-iframe-sandbox-allow-popups><a href=#attr-iframe-sandbox-allow-popups>allow-popups</a></code> and <code title=attr-iframe-sandbox-allow-scripts><a href=#attr-iframe-sandbox-allow-scripts>allow-scripts</a></code>
-  keywords re-enable forms, popups, and scripts respectively.</p>
+  <hr><!-- SANDBOX --><p>The <dfn id=attr-iframe-sandbox title=attr-iframe-sandbox><code>sandbox</code></dfn> attribute, when specified,
+  enables a set of extra restrictions on any content hosted by the <code><a href=#the-iframe-element>iframe</a></code>. Its value
+  must be an <a href=#unordered-set-of-unique-space-separated-tokens>unordered set of unique space-separated tokens</a> that are <a href=#ascii-case-insensitive>ASCII
+  case-insensitive</a>. The allowed values are <code title=attr-iframe-sandbox-allow-forms><a href=#attr-iframe-sandbox-allow-forms>allow-forms</a></code>, <code title=attr-iframe-sandbox-allow-popups><a href=#attr-iframe-sandbox-allow-popups>allow-popups</a></code>, <code title=attr-iframe-sandbox-allow-same-origin><a href=#attr-iframe-sandbox-allow-same-origin>allow-same-origin</a></code>, <code title=attr-iframe-sandbox-allow-scripts><a href=#attr-iframe-sandbox-allow-scripts>allow-scripts</a></code>, and <code title=attr-iframe-sandbox-allow-top-navigation><a href=#attr-iframe-sandbox-allow-top-navigation>allow-top-navigation</a></code>.</p>
 
-  <p class=warning>Setting both the
-  <code title=attr-iframe-sandbox-allow-scripts><a href=#attr-iframe-sandbox-allow-scripts>allow-scripts</a></code> and
-  <code title=attr-iframe-sandbox-allow-same-origin><a href=#attr-iframe-sandbox-allow-same-origin>allow-same-origin</a></code>
-  keywords together when the embedded page has the <a href=#same-origin>same
-  origin</a> as the page containing the <code><a href=#the-iframe-element>iframe</a></code> allows
-  the embedded page to simply remove the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attribute.</p>
+  <p>When the attribute is set, the content is treated as being from a unique <a href=#origin>origin</a>,
+  forms and scripts are disabled, links are prevented from targeting other <a href=#browsing-context title="browsing
+  context">browsing contexts</a>, and plugins are secured. The <code title=attr-iframe-sandbox-allow-same-origin><a href=#attr-iframe-sandbox-allow-same-origin>allow-same-origin</a></code> keyword allows the content
+  to be treated as being from the same origin instead of forcing it into a unique origin, the <code title=attr-iframe-sandbox-allow-top-navigation><a href=#attr-iframe-sandbox-allow-top-navigation>allow-top-navigation</a></code> keyword allows the
+  content to <a href=#navigate>navigate</a> its <a href=#top-level-browsing-context>top-level browsing context</a>, and the <code title=attr-iframe-sandbox-allow-forms><a href=#attr-iframe-sandbox-allow-forms>allow-forms</a></code>, <code title=attr-iframe-sandbox-allow-popups><a href=#attr-iframe-sandbox-allow-popups>allow-popups</a></code> and <code title=attr-iframe-sandbox-allow-scripts><a href=#attr-iframe-sandbox-allow-scripts>allow-scripts</a></code> keywords re-enable forms, popups,
+  and scripts respectively.</p>
 
-  <p class=warning>Sandboxing hostile content is of minimal help if
-  an attacker can convince the user to just visit the hostile content
-  directly, rather than in the <code><a href=#the-iframe-element>iframe</a></code>. To limit the
-  damage that can be caused by hostile HTML content, it should be
-  served from a separate dedicated domain.</p>
+  <p class=warning>Setting both the <code title=attr-iframe-sandbox-allow-scripts><a href=#attr-iframe-sandbox-allow-scripts>allow-scripts</a></code> and <code title=attr-iframe-sandbox-allow-same-origin><a href=#attr-iframe-sandbox-allow-same-origin>allow-same-origin</a></code> keywords together when the
+  embedded page has the <a href=#same-origin>same origin</a> as the page containing the <code><a href=#the-iframe-element>iframe</a></code>
+  allows the embedded page to simply remove the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code>
+  attribute.</p>
 
+  <p class=warning>Sandboxing hostile content is of minimal help if an attacker can convince the
+  user to just visit the hostile content directly, rather than in the <code><a href=#the-iframe-element>iframe</a></code>. To limit
+  the damage that can be caused by hostile HTML content, it should be served from a separate
+  dedicated domain.</p>
+
   <div class=impl>
 
   <!-- v2: Add a new attribute that enables new restrictions, e.g.:
@@ -26907,50 +26835,42 @@
        - block access to 'parent.frames' from sandbox
   -->
 
-  <p>While the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code>
-  attribute is set or changed, the user agent must <a href=#parse-a-sandboxing-directive title="parse
-  a sandboxing directive">parse the sandboxing directive</a> using
-  the attribute's value as the <var title="">input</var> and the
-  <code><a href=#the-iframe-element>iframe</a></code> element's <a href=#nested-browsing-context>nested browsing context</a>'s
-  <a href=#iframe-sandboxing-flag-set><code>iframe</code> sandboxing flag set</a> as the
+  <p>While the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attribute is set or changed, the
+  user agent must <a href=#parse-a-sandboxing-directive title="parse a sandboxing directive">parse the sandboxing directive</a>
+  using the attribute's value as the <var title="">input</var> and the <code><a href=#the-iframe-element>iframe</a></code> element's
+  <a href=#nested-browsing-context>nested browsing context</a>'s <a href=#iframe-sandboxing-flag-set><code>iframe</code> sandboxing flag set</a> as the
   output.</p>
 
-  <p class=warning>These flags only take effect when the
-  <a href=#nested-browsing-context>nested browsing context</a> of the <code><a href=#the-iframe-element>iframe</a></code> is
-  <a href=#navigate title=navigate>navigated</a>. Removing them, or removing
-  the entire <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code>
-  attribute, has no effect on an already-loaded page.</p>
+  <p class=warning>These flags only take effect when the <a href=#nested-browsing-context>nested browsing context</a> of
+  the <code><a href=#the-iframe-element>iframe</a></code> is <a href=#navigate title=navigate>navigated</a>. Removing them, or removing the
+  entire <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attribute, has no effect on an
+  already-loaded page.</p>
 
   </div>
 
   <div class=example>
 
-   <p>In this example, some completely-unknown, potentially hostile,
-   user-provided HTML content is embedded in a page. Because it is
-   served from a separate domain, it is affected by all the normal
-   cross-site restrictions. In addition, the embedded page has
-   scripting disabled, plugins disabled, forms disabled, and it cannot
-   navigate any frames or windows other than itself (or any frames or
+   <p>In this example, some completely-unknown, potentially hostile, user-provided HTML content is
+   embedded in a page. Because it is served from a separate domain, it is affected by all the normal
+   cross-site restrictions. In addition, the embedded page has scripting disabled, plugins disabled,
+   forms disabled, and it cannot navigate any frames or windows other than itself (or any frames or
    windows it itself embeds).</p>
 
    <pre><p>We're not scared of you! Here is your content, unedited:</p>
 <iframe sandbox src="http://usercontent.example.net/getusercontent.cgi?id=12193"></iframe></pre>
 
-   <p class=warning>It is important to use a separate domain so that
-   if the attacker convinces the user to visit that page directly, the
-   page doesn't run in the context of the site's origin, which would
-   make the user vulnerable to any attack found in the page.</p>
+   <p class=warning>It is important to use a separate domain so that if the attacker convinces the
+   user to visit that page directly, the page doesn't run in the context of the site's origin, which
+   would make the user vulnerable to any attack found in the page.</p>
 
   </div>
 
   <div class=example>
 
-   <p>In this example, a gadget from another site is embedded. The
-   gadget has scripting and forms enabled, and the origin sandbox
-   restrictions are lifted, allowing the gadget to communicate with
-   its originating server. The sandbox is still useful, however, as it
-   disables plugins and popups, thus reducing the risk of the user
-   being exposed to malware and other annoyances.</p>
+   <p>In this example, a gadget from another site is embedded. The gadget has scripting and forms
+   enabled, and the origin sandbox restrictions are lifted, allowing the gadget to communicate with
+   its originating server. The sandbox is still useful, however, as it disables plugins and popups,
+   thus reducing the risk of the user being exposed to malware and other annoyances.</p>
 
    <pre><iframe sandbox="allow-same-origin allow-forms allow-scripts"
         src="http://maps.example.com/embedded.html"></iframe></pre>
@@ -26971,270 +26891,218 @@
 
    <pre><a href=D>Link</a></pre>
 
-   <p>For this example, suppose all the files were served as
-   <code><a href=#text/html>text/html</a></code>.</p>
+   <p>For this example, suppose all the files were served as <code><a href=#text/html>text/html</a></code>.</p>
 
-   <p>Page C in this scenario has all the sandboxing flags
-   set. Scripts are disabled, because the <code><a href=#the-iframe-element>iframe</a></code> in A has
-   scripts disabled, and this overrides the <code title=attr-iframe-sandbox-allow-scripts><a href=#attr-iframe-sandbox-allow-scripts>allow-scripts</a></code>
-   keyword set on the <code><a href=#the-iframe-element>iframe</a></code> in B. Forms are also
-   disabled, because the inner <code><a href=#the-iframe-element>iframe</a></code> (in B) does not
-   have the <code title=attr-iframe-sandbox-allow-forms><a href=#attr-iframe-sandbox-allow-forms>allow-forms</a></code> keyword
+   <p>Page C in this scenario has all the sandboxing flags set. Scripts are disabled, because the
+   <code><a href=#the-iframe-element>iframe</a></code> in A has scripts disabled, and this overrides the <code title=attr-iframe-sandbox-allow-scripts><a href=#attr-iframe-sandbox-allow-scripts>allow-scripts</a></code> keyword set on the
+   <code><a href=#the-iframe-element>iframe</a></code> in B. Forms are also disabled, because the inner <code><a href=#the-iframe-element>iframe</a></code> (in B)
+   does not have the <code title=attr-iframe-sandbox-allow-forms><a href=#attr-iframe-sandbox-allow-forms>allow-forms</a></code> keyword
    set.</p>
 
-   <p>Suppose now that a script in A removes all the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attributes in A
-   <!--grammar-check-override--> and B. This would change nothing
-   immediately. If the user clicked the link in C, loading page D into
-   the <code><a href=#the-iframe-element>iframe</a></code> in B, page D would now act as if the
-   <code><a href=#the-iframe-element>iframe</a></code> in B had the <code title=attr-iframe-sandbox-allow-same-origin><a href=#attr-iframe-sandbox-allow-same-origin>allow-same-origin</a></code>
-   and <code title=attr-iframe-sandbox-allow-forms><a href=#attr-iframe-sandbox-allow-forms>allow-forms</a></code> keywords
-   set, because that was the state of the <a href=#nested-browsing-context>nested browsing
-   context</a> in the <code><a href=#the-iframe-element>iframe</a></code> in A when page B was
+   <p>Suppose now that a script in A removes all the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attributes in A <!--grammar-check-override--> and B.
+   This would change nothing immediately. If the user clicked the link in C, loading page D into the
+   <code><a href=#the-iframe-element>iframe</a></code> in B, page D would now act as if the <code><a href=#the-iframe-element>iframe</a></code> in B had the <code title=attr-iframe-sandbox-allow-same-origin><a href=#attr-iframe-sandbox-allow-same-origin>allow-same-origin</a></code> and <code title=attr-iframe-sandbox-allow-forms><a href=#attr-iframe-sandbox-allow-forms>allow-forms</a></code> keywords set, because that was the
+   state of the <a href=#nested-browsing-context>nested browsing context</a> in the <code><a href=#the-iframe-element>iframe</a></code> in A when page B was
    loaded.</p>
 
-   <p>Generally speaking, dynamically removing or changing the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attribute is
-   ill-advised, because it can make it quite hard to reason about what
-   will be allowed and what will not.</p>
+   <p>Generally speaking, dynamically removing or changing the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attribute is ill-advised, because it can make it quite
+   hard to reason about what will be allowed and what will not.</p>
 
   </div>
 
-  <p class=note>Potentially hostile files should not be served from
-  the same server as the file containing the <code><a href=#the-iframe-element>iframe</a></code>
-  element. Using a different domain ensures that scripts in the files
-  are unable to attack the site, even if the user is tricked into
-  visiting those pages directly, without the protection of the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attribute.</p>
+  <p class=note>Potentially hostile files should not be served from the same server as the file
+  containing the <code><a href=#the-iframe-element>iframe</a></code> element. Using a different domain ensures that scripts in the
+  files are unable to attack the site, even if the user is tricked into visiting those pages
+  directly, without the protection of the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code>
+  attribute.</p>
 
   <p class=warning>If the <code title=attr-iframe-sandbox-allow-scripts><a href=#attr-iframe-sandbox-allow-scripts>allow-scripts</a></code>
-  keyword is set along with <code title=attr-iframe-sandbox-allow-same-origin><a href=#attr-iframe-sandbox-allow-same-origin>allow-same-origin</a></code>
-  keyword, and the file is from the <a href=#same-origin>same origin</a> as the
-  <code><a href=#the-iframe-element>iframe</a></code>'s <code><a href=#document>Document</a></code>, then a script in the
-  "sandboxed" iframe could just reach out, remove the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attribute, and then
-  reload itself, effectively breaking out of the sandbox
-  altogether.</p>
+  keyword is set along with <code title=attr-iframe-sandbox-allow-same-origin><a href=#attr-iframe-sandbox-allow-same-origin>allow-same-origin</a></code> keyword, and the file is
+  from the <a href=#same-origin>same origin</a> as the <code><a href=#the-iframe-element>iframe</a></code>'s <code><a href=#document>Document</a></code>, then a
+  script in the "sandboxed" iframe could just reach out, remove the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attribute, and then reload itself, effectively breaking
+  out of the sandbox altogether.</p>
 
 
-  <hr><!-- v2: Might be interesting to have a value on seamless that
-  allowed event propagation of some sort, maybe based on the WICD
-  work: http://www.w3.org/TR/WICD/ --><p>The <dfn id=attr-iframe-seamless title=attr-iframe-seamless><code>seamless</code></dfn>
-  attribute is a <a href=#boolean-attribute>boolean attribute</a>. When specified, it
-  indicates that the <code><a href=#the-iframe-element>iframe</a></code> element's <a href=#browsing-context>browsing
-  context</a> is to be rendered in a manner that makes it appear to
-  be part of the containing document (seamlessly included in the
-  parent document).</p>
+  <hr><!-- SEAMLESS --><!-- v2: Might be interesting to have a value on seamless that allowed event propagation of some
+  sort, maybe based on the WICD work: http://www.w3.org/TR/WICD/ --><p>The <dfn id=attr-iframe-seamless title=attr-iframe-seamless><code>seamless</code></dfn> attribute is a <a href=#boolean-attribute>boolean
+  attribute</a>. When specified, it indicates that the <code><a href=#the-iframe-element>iframe</a></code> element's
+  <a href=#browsing-context>browsing context</a> is to be rendered in a manner that makes it appear to be part of the
+  containing document (seamlessly included in the parent document).</p>
 
   <div class=impl>
 
-  <p>An <code><a href=#the-iframe-element>iframe</a></code> element is said to be <dfn id=in-seamless-mode>in seamless
-  mode</dfn> when all of the following conditions are met:</p>
+  <p>An <code><a href=#the-iframe-element>iframe</a></code> element is said to be <dfn id=in-seamless-mode>in seamless mode</dfn> when all of the
+  following conditions are met:</p>
 
-  <ul><li>The <code title=attr-iframe-seamless><a href=#attr-iframe-seamless>seamless</a></code>
-   attribute is set on the <code><a href=#the-iframe-element>iframe</a></code> element, and
+  <ul><li>The <code title=attr-iframe-seamless><a href=#attr-iframe-seamless>seamless</a></code> attribute is set on the
+   <code><a href=#the-iframe-element>iframe</a></code> element, and
 
-   <li>The <code><a href=#the-iframe-element>iframe</a></code> element's owner <code><a href=#document>Document</a></code>'s
-   <a href=#active-sandboxing-flag-set>active sandboxing flag set</a> does not have the
-   <a href=#sandboxed-seamless-iframes-flag>sandboxed seamless iframes flag</a> set, and
+   <li>The <code><a href=#the-iframe-element>iframe</a></code> element's owner <code><a href=#document>Document</a></code>'s <a href=#active-sandboxing-flag-set>active sandboxing flag
+   set</a> does not have the <a href=#sandboxed-seamless-iframes-flag>sandboxed seamless iframes flag</a> set, and
 
    <li>Either:
 
-    <ul><li>The <a href=#browsing-context>browsing context</a>'s <a href=#active-document>active
-     document</a> has the <a href=#same-origin>same origin</a> as the
+    <ul><li>The <a href=#browsing-context>browsing context</a>'s <a href=#active-document>active document</a> has the <a href=#same-origin>same
+     origin</a> as the <code><a href=#the-iframe-element>iframe</a></code> element's <code><a href=#document>Document</a></code>, or
+
+     <li>The <a href=#browsing-context>browsing context</a>'s <a href=#active-document>active document</a>'s <em><a href="#the-document's-address" title="the
+     document's address">address</a></em> has the <a href=#same-origin>same origin</a> as the
      <code><a href=#the-iframe-element>iframe</a></code> element's <code><a href=#document>Document</a></code>, or
 
-     <li>The <a href=#browsing-context>browsing context</a>'s <a href=#active-document>active
-     document</a>'s <em><a href="#the-document's-address" title="the document's
-     address">address</a></em> has the <a href=#same-origin>same origin</a> as
-     the <code><a href=#the-iframe-element>iframe</a></code> element's <code><a href=#document>Document</a></code>, or
+     <li>The <a href=#browsing-context>browsing context</a>'s <a href=#active-document>active document</a> is <a href=#an-iframe-srcdoc-document>an
+     <code>iframe</code> <code title=attr-iframe-srcdoc>srcdoc</code> document</a>.
 
-     <li>The <a href=#browsing-context>browsing context</a>'s <a href=#active-document>active
-     document</a> is <a href=#an-iframe-srcdoc-document>an <code>iframe</code> <code title=attr-iframe-srcdoc>srcdoc</code> document</a>.
-
     </ul></li>
 
-  </ul><p>When an <code><a href=#the-iframe-element>iframe</a></code> element is <a href=#in-seamless-mode>in seamless
-  mode</a>, the following requirements apply:</p>
+  </ul><p>When an <code><a href=#the-iframe-element>iframe</a></code> element is <a href=#in-seamless-mode>in seamless mode</a>, the following
+  requirements apply:</p>
 
-  <ul><li><p>The user agent must set the <dfn id=seamless-browsing-context-flag>seamless browsing context
-   flag</dfn> to true for that <a href=#browsing-context>browsing context</a>. This
-   will <a href=#seamlessLinks>cause links to open in the parent
-   browsing context</a> unless an <a href=#explicit-self-navigation-override>explicit self-navigation
-   override</a> is used (<code title="">target="_self"</code>).</li>
+  <ul><li><p>The user agent must set the <dfn id=seamless-browsing-context-flag>seamless browsing context flag</dfn> to true for that
+   <a href=#browsing-context>browsing context</a>. This will <a href=#seamlessLinks>cause links to open in the
+   parent browsing context</a> unless an <a href=#explicit-self-navigation-override>explicit self-navigation override</a> is used
+   (<code title="">target="_self"</code>).</li>
 
-   <li><p>Media queries in the context of the <code><a href=#the-iframe-element>iframe</a></code>'s
-   <a href=#browsing-context>browsing context</a> (e.g. on <code title=attr-style-media><a href=#attr-style-media>media</a></code> attributes of
-   <code><a href=#the-style-element>style</a></code> elements in <code><a href=#document>Document</a></code>s in that
-   <code><a href=#the-iframe-element>iframe</a></code>) must be evaluated with respect to the nearest
-   <a href=#ancestor-browsing-context>ancestor browsing context</a> that is not itself being
-   <a href=#browsing-context-nested-through title="browsing context nested through">nested through</a>
-   an <code><a href=#the-iframe-element>iframe</a></code> that is <a href=#in-seamless-mode>in seamless
+   <li><p>Media queries in the context of the <code><a href=#the-iframe-element>iframe</a></code>'s <a href=#browsing-context>browsing context</a>
+   (e.g. on <code title=attr-style-media><a href=#attr-style-media>media</a></code> attributes of <code><a href=#the-style-element>style</a></code> elements in
+   <code><a href=#document>Document</a></code>s in that <code><a href=#the-iframe-element>iframe</a></code>) must be evaluated with respect to the nearest
+   <a href=#ancestor-browsing-context>ancestor browsing context</a> that is not itself being <a href=#browsing-context-nested-through title="browsing context
+   nested through">nested through</a> an <code><a href=#the-iframe-element>iframe</a></code> that is <a href=#in-seamless-mode>in seamless
    mode</a>. <a href=#refsMQ>[MQ]</a></li>
 
-   <li><p>In a CSS-supporting user agent: the user agent must add all
-   the style sheets that apply to the <code><a href=#the-iframe-element>iframe</a></code> element to
-   the cascade of the <a href=#active-document>active document</a> of the
-   <code><a href=#the-iframe-element>iframe</a></code> element's <a href=#nested-browsing-context>nested browsing context</a>,
-   at the appropriate cascade levels, before any style sheets
-   specified by the document itself.</li>
+   <li><p>In a CSS-supporting user agent: the user agent must add all the style sheets that apply to
+   the <code><a href=#the-iframe-element>iframe</a></code> element to the cascade of the <a href=#active-document>active document</a> of the
+   <code><a href=#the-iframe-element>iframe</a></code> element's <a href=#nested-browsing-context>nested browsing context</a>, at the appropriate cascade
+   levels, before any style sheets specified by the document itself.</li>
 
-   <li><p>In a CSS-supporting user agent: the user agent must, for the
-   purpose of CSS property inheritance only, treat the root element of
-   the <a href=#active-document>active document</a> of the <code><a href=#the-iframe-element>iframe</a></code>
-   element's <a href=#nested-browsing-context>nested browsing context</a> as being a child of
-   the <code><a href=#the-iframe-element>iframe</a></code> element. (Thus inherited properties on the
-   root element of the document in the <code><a href=#the-iframe-element>iframe</a></code> will
-   inherit the computed values of those properties on the
-   <code><a href=#the-iframe-element>iframe</a></code> element instead of taking their initial
-   values.)</li>
+   <li><p>In a CSS-supporting user agent: the user agent must, for the purpose of CSS property
+   inheritance only, treat the root element of the <a href=#active-document>active document</a> of the
+   <code><a href=#the-iframe-element>iframe</a></code> element's <a href=#nested-browsing-context>nested browsing context</a> as being a child of the
+   <code><a href=#the-iframe-element>iframe</a></code> element. (Thus inherited properties on the root element of the document in
+   the <code><a href=#the-iframe-element>iframe</a></code> will inherit the computed values of those properties on the
+   <code><a href=#the-iframe-element>iframe</a></code> element instead of taking their initial values.)</li>
 
-   <li><p>In visual media, in a CSS-supporting user agent: the user
-   agent should set the intrinsic width of the <code><a href=#the-iframe-element>iframe</a></code> to
-   the width that the element would have if it was a non-replaced
-   block-level element with 'width: auto', unless that width would be
-   zero (e.g. if the element is floating or absolutely positioned), in
-   which case the user agent should set the intrinsic width of the
-   <code><a href=#the-iframe-element>iframe</a></code> to the shrink-to-fit width of the root element
-   (if any) of the content rendered in the
-   <code><a href=#the-iframe-element>iframe</a></code>.</li>
+   <li><p>In visual media, in a CSS-supporting user agent: the user agent should set the intrinsic
+   width of the <code><a href=#the-iframe-element>iframe</a></code> to the width that the element would have if it was a
+   non-replaced block-level element with 'width: auto', unless that width would be zero (e.g. if the
+   element is floating or absolutely positioned), in which case the user agent should set the
+   intrinsic width of the <code><a href=#the-iframe-element>iframe</a></code> to the shrink-to-fit width of the root element (if
+   any) of the content rendered in the <code><a href=#the-iframe-element>iframe</a></code>.</li>
 
-   <li><p>In visual media, in a CSS-supporting user agent: the user
-   agent should set the intrinsic height of the <code><a href=#the-iframe-element>iframe</a></code> to
-   the shortest height that would make the content rendered in the
-   <code><a href=#the-iframe-element>iframe</a></code> at its current width (as given in the previous
-   bullet point) have no scrollable overflow at its bottom edge<!--,
-   if the scrolling position was such that the top of the viewport for
-   the content rendered in the <code>iframe</code> was aligned with
-   the origin of that content's canvas-->. Scrollable overflow is any
-   overflow that would increase the range to which a scrollbar or
-   other scrolling mechanism can scroll.</li>
+   <li><p>In visual media, in a CSS-supporting user agent: the user agent should set the intrinsic
+   height of the <code><a href=#the-iframe-element>iframe</a></code> to the shortest height that would make the content rendered in
+   the <code><a href=#the-iframe-element>iframe</a></code> at its current width (as given in the previous bullet point) have no
+   scrollable overflow at its bottom edge<!--, if the scrolling position was such that the top of
+   the viewport for the content rendered in the <code>iframe</code> was aligned with the origin of
+   that content's canvas-->. Scrollable overflow is any overflow that would increase the range to
+   which a scrollbar or other scrolling mechanism can scroll.</li>
 
    <li>
 
-    <p>In visual media, in a CSS-supporting user agent: the user agent
-    must force the height of the initial containing block of the
-    <a href=#active-document>active document</a> of the <a href=#nested-browsing-context>nested browsing
+    <p>In visual media, in a CSS-supporting user agent: the user agent must force the height of the
+    initial containing block of the <a href=#active-document>active document</a> of the <a href=#nested-browsing-context>nested browsing
     context</a> of the <code><a href=#the-iframe-element>iframe</a></code> to zero.</p>
 
-    <p class=note>This is intended to get around the otherwise
-    circular dependency of percentage dimensions that depend on the
-    height of the containing block, thus affecting the height of the
-    document's bounding box, thus affecting the height of the
-    viewport, thus affecting the size of the initial containing
-    block.</p>
+    <p class=note>This is intended to get around the otherwise circular dependency of percentage
+    dimensions that depend on the height of the containing block, thus affecting the height of the
+    document's bounding box, thus affecting the height of the viewport, thus affecting the size of
+    the initial containing block.</p>
 
    </li>
 
-   <li><p>In speech media, the user agent should render the <a href=#nested-browsing-context>nested
-   browsing context</a> without announcing that it is a separate
-   document.</li>
+   <li><p>In speech media, the user agent should render the <a href=#nested-browsing-context>nested browsing context</a>
+   without announcing that it is a separate document.</li>
 
    <li>
 
-    <p>User agents should, in general, act as if the <a href=#active-document>active
-    document</a> of the <code><a href=#the-iframe-element>iframe</a></code>'s <a href=#nested-browsing-context>nested browsing
-    context</a> was part of the document that the
+    <p>User agents should, in general, act as if the <a href=#active-document>active document</a> of the
+    <code><a href=#the-iframe-element>iframe</a></code>'s <a href=#nested-browsing-context>nested browsing context</a> was part of the document that the
     <code><a href=#the-iframe-element>iframe</a></code> is in, if any.</p>
 
-    <p class=example>For example if the user agent supports listing
-    all the links in a document, links in "seamlessly" nested
-    documents would be included in that list without being
+    <p class=example>For example if the user agent supports listing all the links in a document,
+    links in "seamlessly" nested documents would be included in that list without being
     significantly distinguished from links in the document itself.</p>
 
    </li>
 
-  </ul><p>If the attribute is not specified, or if the <a href=#origin>origin</a>
-  conditions listed above are not met, then the user agent should
-  render the <a href=#nested-browsing-context>nested browsing context</a> in a manner that is
-  clearly distinguishable as a separate <a href=#browsing-context>browsing context</a>,
-  and the <a href=#seamless-browsing-context-flag>seamless browsing context flag</a> must be set to
-  false for that <a href=#browsing-context>browsing context</a>.</p>
+  </ul><p>If the attribute is not specified, or if the <a href=#origin>origin</a> conditions listed above are
+  not met, then the user agent should render the <a href=#nested-browsing-context>nested browsing context</a> in a manner
+  that is clearly distinguishable as a separate <a href=#browsing-context>browsing context</a>, and the
+  <a href=#seamless-browsing-context-flag>seamless browsing context flag</a> must be set to false for that <a href=#browsing-context>browsing
+  context</a>.</p>
 
-  <p class=warning>It is important that user agents recheck the
-  above conditions whenever the <a href=#active-document>active document</a> of the
-  <a href=#nested-browsing-context>nested browsing context</a> of the <code><a href=#the-iframe-element>iframe</a></code>
-  changes, such that the <a href=#seamless-browsing-context-flag>seamless browsing context flag</a>
-  gets unset if the <a href=#nested-browsing-context>nested browsing context</a> is <a href=#navigate title=navigate>navigated</a> to another origin.</p>
+  <p class=warning>It is important that user agents recheck the above conditions whenever the
+  <a href=#active-document>active document</a> of the <a href=#nested-browsing-context>nested browsing context</a> of the
+  <code><a href=#the-iframe-element>iframe</a></code> changes, such that the <a href=#seamless-browsing-context-flag>seamless browsing context flag</a> gets unset
+  if the <a href=#nested-browsing-context>nested browsing context</a> is <a href=#navigate title=navigate>navigated</a> to another
+  origin.</p>
 
   </div>
 
-  <p class=note>The attribute can be set or removed dynamically,
-  with the rendering updating in tandem.</p>
+  <p class=note>The attribute can be set or removed dynamically, with the rendering updating in
+  tandem.</p>
 
   <div class=example>
 
-   <p>In this example, the site's navigation is embedded using a
-   client-side include using an <code><a href=#the-iframe-element>iframe</a></code>. Any links in the
-   <code><a href=#the-iframe-element>iframe</a></code> will, in new user agents, be automatically
-   opened in the <code><a href=#the-iframe-element>iframe</a></code>'s parent browsing context; for
-   legacy user agents, the site could also include a <code><a href=#the-base-element>base</a></code>
-   element with a <code title=attr-base-target><a href=#attr-base-target>target</a></code>
-   attribute with the value <code title="">_parent</code>. Similarly,
-   in new user agents the styles of the parent page will be
-   automatically applied to the contents of the frame, but to support
-   legacy user agents authors might wish to include the styles
+   <p>In this example, the site's navigation is embedded using a client-side include using an
+   <code><a href=#the-iframe-element>iframe</a></code>. Any links in the <code><a href=#the-iframe-element>iframe</a></code> will, in new user agents, be
+   automatically opened in the <code><a href=#the-iframe-element>iframe</a></code>'s parent browsing context; for legacy user
+   agents, the site could also include a <code><a href=#the-base-element>base</a></code> element with a <code title=attr-base-target><a href=#attr-base-target>target</a></code> attribute with the value <code title="">_parent</code>.
+   Similarly, in new user agents the styles of the parent page will be automatically applied to the
+   contents of the frame, but to support legacy user agents authors might wish to include the styles
    explicitly.</p>
 
    <pre><nav><iframe seamless src="nav.include.html"></iframe></nav></pre>
 
   </div>
 
-  <p class=note>The <code title=attr-contenteditable><a href=#attr-contenteditable>contenteditable</a></code> attribute does
-  not propagate into <code title=attr-iframe-seamless><a href=#attr-iframe-seamless>seamless</a></code>
-  <code><a href=#the-iframe-element>iframe</a></code>s.</p>
+  <p class=note>The <code title=attr-contenteditable><a href=#attr-contenteditable>contenteditable</a></code> attribute does not
+  propagate into <code title=attr-iframe-seamless><a href=#attr-iframe-seamless>seamless</a></code> <code><a href=#the-iframe-element>iframe</a></code>s.</p>
 
-  <hr><p>The <code><a href=#the-iframe-element>iframe</a></code> element supports <a href=#dimension-attributes>dimension
-  attributes</a> for cases where the embedded content has specific
-  dimensions (e.g. ad units have well-defined dimensions).</p>
 
-  <p>An <code><a href=#the-iframe-element>iframe</a></code> element never has <a href=#fallback-content>fallback
-  content</a>, as it will always create a nested <a href=#browsing-context>browsing
-  context</a>, regardless of whether the specified initial contents
-  are successfully used.</p>
+  <hr><!-- DIM ATTRIBUTES --><p>The <code><a href=#the-iframe-element>iframe</a></code> element supports <a href=#dimension-attributes>dimension attributes</a> for cases where the
+  embedded content has specific dimensions (e.g. ad units have well-defined dimensions).</p>
 
-  <p>Descendants of <code><a href=#the-iframe-element>iframe</a></code> elements represent
-  nothing. (In legacy user agents that do not support
-  <code><a href=#the-iframe-element>iframe</a></code> elements, the contents would be parsed as markup
-  that could act as fallback content.)</p>
+  <p>An <code><a href=#the-iframe-element>iframe</a></code> element never has <a href=#fallback-content>fallback content</a>, as it will always
+  create a nested <a href=#browsing-context>browsing context</a>, regardless of whether the specified initial
+  contents are successfully used.</p>
 
-  <p id=iframe-content-model>When used in <a href=#html-documents>HTML
-  documents</a>, the allowed content model of <code><a href=#the-iframe-element>iframe</a></code>
-  elements is text, except that invoking the <a href=#html-fragment-parsing-algorithm>HTML fragment
-  parsing algorithm</a> with the <code><a href=#the-iframe-element>iframe</a></code> element as the
-  <var title=concept-frag-parse-context><a href=#concept-frag-parse-context>context</a></var> element and
-  the text contents as the <var title="">input</var> must result in a
-  list of nodes that are all <a href=#phrasing-content>phrasing content</a>, with no
-  <a href=#parse-error title="parse error">parse errors</a> having occurred, with
-  no <code><a href=#the-script-element>script</a></code> elements being anywhere in the list or as
-  descendants of elements in the list, and with all the elements in
-  the list (including their descendants) being themselves
-  conforming.</p>
 
-  <p>The <code><a href=#the-iframe-element>iframe</a></code> element must be empty in <a href=#xml-documents>XML
-  documents</a>.</p>
+  <hr><!-- FALLBACK --><p>Descendants of <code><a href=#the-iframe-element>iframe</a></code> elements represent nothing. (In legacy user agents that do
+  not support <code><a href=#the-iframe-element>iframe</a></code> elements, the contents would be parsed as markup that could act as
+  fallback content.)</p>
 
-  <p class=note>The <a href=#html-parser>HTML parser</a> treats markup inside
-  <code><a href=#the-iframe-element>iframe</a></code> elements as text.</p>
+  <p id=iframe-content-model>When used in <a href=#html-documents>HTML documents</a>, the allowed content model
+  of <code><a href=#the-iframe-element>iframe</a></code> elements is text, except that invoking the <a href=#html-fragment-parsing-algorithm>HTML fragment parsing
+  algorithm</a> with the <code><a href=#the-iframe-element>iframe</a></code> element as the <var title=concept-frag-parse-context><a href=#concept-frag-parse-context>context</a></var> element and the text contents as the <var title="">input</var> must result in a list of nodes that are all <a href=#phrasing-content>phrasing content</a>,
+  with no <a href=#parse-error title="parse error">parse errors</a> having occurred, with no <code><a href=#the-script-element>script</a></code>
+  elements being anywhere in the list or as descendants of elements in the list, and with all the
+  elements in the list (including their descendants) being themselves conforming.</p>
 
+  <p>The <code><a href=#the-iframe-element>iframe</a></code> element must be empty in <a href=#xml-documents>XML documents</a>.</p>
+
+  <p class=note>The <a href=#html-parser>HTML parser</a> treats markup inside <code><a href=#the-iframe-element>iframe</a></code> elements as
+  text.</p>
+
+
   <div class=impl>
 
-  <p>The IDL attributes <dfn id=dom-iframe-src title=dom-iframe-src><code>src</code></dfn>, <dfn id=dom-iframe-srcdoc title=dom-iframe-srcdoc><code>srcdoc</code></dfn>, <dfn id=dom-iframe-name title=dom-iframe-name><code>name</code></dfn>, <dfn id=dom-iframe-sandbox title=dom-iframe-sandbox><code>sandbox</code></dfn>, and <dfn id=dom-iframe-seamless title=dom-iframe-seamless><code>seamless</code></dfn> must
-  <a href=#reflect>reflect</a> the respective content attributes of the same
-  name.</p>
+  <hr><!-- DOM --><p>The IDL attributes <dfn id=dom-iframe-src title=dom-iframe-src><code>src</code></dfn>, <dfn id=dom-iframe-srcdoc title=dom-iframe-srcdoc><code>srcdoc</code></dfn>, <dfn id=dom-iframe-name title=dom-iframe-name><code>name</code></dfn>, <dfn id=dom-iframe-sandbox title=dom-iframe-sandbox><code>sandbox</code></dfn>, and <dfn id=dom-iframe-seamless title=dom-iframe-seamless><code>seamless</code></dfn> must <a href=#reflect>reflect</a> the respective
+  content attributes of the same name.</p>
 
-  <p>The <dfn id=dom-iframe-contentdocument title=dom-iframe-contentDocument><code>contentDocument</code></dfn>
-  IDL attribute must return the <code><a href=#document>Document</a></code> object of the
-  <a href=#active-document>active document</a> of the <code><a href=#the-iframe-element>iframe</a></code> element's
-  <a href=#nested-browsing-context>nested browsing context</a>, if any, or null otherwise.</p>
+  <p>The <dfn id=dom-iframe-contentdocument title=dom-iframe-contentDocument><code>contentDocument</code></dfn> IDL attribute
+  must return the <code><a href=#document>Document</a></code> object of the <a href=#active-document>active document</a> of the
+  <code><a href=#the-iframe-element>iframe</a></code> element's <a href=#nested-browsing-context>nested browsing context</a>, if any, or null otherwise.</p>
 
-  <p>The <dfn id=dom-iframe-contentwindow title=dom-iframe-contentWindow><code>contentWindow</code></dfn>
-  IDL attribute must return the <code><a href=#windowproxy>WindowProxy</a></code> object of the
-  <code><a href=#the-iframe-element>iframe</a></code> element's <a href=#nested-browsing-context>nested browsing
-  context</a>, if any, or null otherwise.</p>
+  <p>The <dfn id=dom-iframe-contentwindow title=dom-iframe-contentWindow><code>contentWindow</code></dfn> IDL attribute must
+  return the <code><a href=#windowproxy>WindowProxy</a></code> object of the <code><a href=#the-iframe-element>iframe</a></code> element's <a href=#nested-browsing-context>nested
+  browsing context</a>, if any, or null otherwise.</p>
 
   </div>
 
   <div class=example>
 
-   <p>Here is an example of a page using an <code><a href=#the-iframe-element>iframe</a></code> to
-   include advertising from an advertising broker:</p>
+   <p>Here is an example of a page using an <code><a href=#the-iframe-element>iframe</a></code> to include advertising from an
+   advertising broker:</p>
 
    <pre><iframe src="http://ads.example.com/?customerid=923513721&amp;format=banner"
         width="468" height="60"></iframe></pre>

Modified: source
===================================================================
--- source	2012-09-26 00:22:32 UTC (rev 7405)
+++ source	2012-09-26 03:27:07 UTC (rev 7406)
@@ -167,12 +167,7 @@
    publication policies</a>.</li>
 -->
 
-   <li>The W3C HTML specification omits an example that references the
-   schema.org microdata vocabulary as part of a compromise intended to
-   resolve larger issues of divergence between the specifications.
-   (Many other examples that reference schema.org and microdata are
-   included apparently without issue, however.)</li><!-- "I put a bike
-   bell on his bike." -->
+   <li>The W3C HTML specification omits mentions of microdata.</li>
 
    <li>The W3C HTML specification defines conformance for documents in
    a more traditional (version-orientated) way, because of <a
@@ -28639,127 +28634,160 @@
    </dd>
   </dl><!--TOPIC:HTML-->
 
-  <p>The <code>iframe</code> element <span>represents</span> a
-  <span>nested browsing context</span>.</p>
+  <!-- INTRO -->
 
-  <p>The <dfn title="attr-iframe-src"><code>src</code></dfn> attribute
-  gives the address of a page that the <span>nested browsing
-  context</span> is to contain. The attribute, if present, must be a
-  <span>valid non-empty URL potentially surrounded by
-  spaces</span>.</p>
+  <p>The <code>iframe</code> element <span>represents</span> a <span>nested browsing
+  context</span>.</p>
 
-<!--END w3c-html--><!--MD-->
-  <p>If the <code title="attr-itemprop">itemprop</code> is specified
-  on an <code>iframe</code> element, then the <code
-  title="attr-iframe-src">src</code> attribute must also be
-  specified.</p>
-<!--START w3c-html--><!--MD-->
 
-  <p>The <dfn title="attr-iframe-srcdoc"><code>srcdoc</code></dfn>
-  attribute gives the content of the page that the <span>nested
-  browsing context</span> is to contain. The value of the attribute is
-  the source of <dfn>an <code>iframe</code> <code
-  title="attr-iframe-srcdoc">srcdoc</code> document</dfn>.</p>
+  <!-- SRC/SRCDOC -->
 
-  <p>For <code>iframe</code> elements in <span>HTML documents</span>,
-  the attribute, if present, must have a value using <span>the HTML
-  syntax</span> that consists of the following syntactic components,
-  in the given order:</p>
+  <p>The <dfn title="attr-iframe-src"><code>src</code></dfn> attribute gives the address of a page
+  that the <span>nested browsing context</span> is to contain. The attribute, if present, must be a
+  <span>valid non-empty URL potentially surrounded by spaces</span>. If the <code
+  title="attr-itemprop">itemprop</code> is specified on an <code>iframe</code> element, then the
+  <code title="attr-iframe-src">src</code> attribute must also be specified.</p>
 
+  <p>The <dfn title="attr-iframe-srcdoc"><code>srcdoc</code></dfn> attribute gives the content of
+  the page that the <span>nested browsing context</span> is to contain. The value of the attribute
+  is the source of <dfn>an <code>iframe</code> <code title="attr-iframe-srcdoc">srcdoc</code>
+  document</dfn>.</p>
+
+  <p>For <code>iframe</code> elements in <span>HTML documents</span>, the <code
+  title="attr-iframe-srcdoc">srcdoc</code> attribute, if present, must have a value using <span>the
+  HTML syntax</span> that consists of the following syntactic components, in the given order:</p>
+
   <ol>
 
-   <li>Any number of <span title="syntax-comments">comments</span> and
-   <span title="space character">space characters</span>.</li>
+   <li>Any number of <span title="syntax-comments">comments</span> and <span title="space
+   character">space characters</span>.</li>
 
    <li>Optionally, a <span title="syntax-doctype">DOCTYPE</span>.
 
-   <li>Any number of <span title="syntax-comments">comments</span> and
-   <span title="space character">space characters</span>.</li>
+   <li>Any number of <span title="syntax-comments">comments</span> and <span title="space
+   character">space characters</span>.</li>
 
    <li>The root element, in the form of an <code>html</code> <span
    title="syntax-elements">element</span>.</li>
 
-   <li>Any number of <span title="syntax-comments">comments</span> and
-   <span title="space character">space characters</span>.</li>
+   <li>Any number of <span title="syntax-comments">comments</span> and <span title="space
+   character">space characters</span>.</li>
 
   </ol>
 
-  <p>For <code>iframe</code> elements in <span>XML documents</span>,
-  the attribute, if present, must have a value that matches the
-  production labeled <code title="">document</code> in the XML
-  specification. <a href="#refsXML">[XML]</a></p>
+  <p>For <code>iframe</code> elements in <span>XML documents</span>, the <code
+  title="attr-iframe-srcdoc">srcdoc</code> attribute, if present, must have a value that matches the
+  production labeled <code title="">document</code> in the XML specification. <a
+  href="#refsXML">[XML]</a></p>
 
-  <p>If the <code title="attr-iframe-src">src</code> attribute and the
-  <code title="attr-iframe-srcdoc">srcdoc</code> attribute are both
-  specified together, the <code title="attr-iframe-srcdoc">srcdoc</code>
-  attribute takes priority. This allows authors to provide a fallback
-  <span>URL</span> for legacy user agents that do not support the
-  <code title="attr-iframe-srcdoc">srcdoc</code> attribute.</p>
+  <div class="example">
 
+   <p>Here a blog uses the <code title="attr-iframe-srcdoc">srcdoc</code> attribute in conjunction
+   with the <code title="attr-iframe-sandbox">sandbox</code> and <code
+   title="attr-iframe-seamless">seamless</code> attributes described below to provide users of user
+   agents that support this feature with an extra layer of protection from script injection in the
+   blog post comments:</p>
+
+   <pre><article>
+ <h1>I got my own magazine!</h1>
+ <p>After much effort, I've finally found a publisher, and so now I
+ have my own magazine! Isn't that awesome?! The first issue will come
+ out in September, and we have articles about getting food, and about
+ getting in boxes, it's going to be great!</p>
+ <footer>
+  <p>Written by <a href="/users/cap">cap</a>, 1 hour ago.
+ </footer>
+ <article>
+  <footer> Thirteen minutes ago, <a href="/users/ch">ch</a> wrote: </footer>
+  <iframe seamless sandbox srcdoc="<p>did you get a cover picture yet?"></iframe>
+ </article>
+ <article>
+  <footer> Nine minutes ago, <a href="/users/cap">cap</a> wrote: </footer>
+  <iframe seamless sandbox srcdoc="<p>Yeah, you can see it <a href=&quot;/gallery?mode=cover&amp;amp;page=1&quot;>in my gallery</a>."></iframe>
+ </article>
+ <article>
+  <footer> Five minutes ago, <a href="/users/ch">ch</a> wrote: </footer>
+  <iframe seamless sandbox srcdoc="<p>hey that's earl's table.
+<p>you should get earl&amp;amp;me on the next cover."></iframe>
+ </article></pre>
+
+   <p>Notice the way that quotes have to be escaped (otherwise the <code
+   title="attr-iframe-srcdoc">srcdoc</code> attribute would end prematurely), and the way raw
+   ampersands (e.g. in URLs or in prose) mentioned in the sandboxed content have to be
+   <em>doubly</em> escaped — once so that the ampersand is preserved when originally parsing
+   the <code title="attr-iframe-srcdoc">srcdoc</code> attribute, and once more to prevent the
+   ampersand from being misinterpreted when parsing the sandboxed content.</p>
+
+  </div>
+
+  <p class="note">In <span>the HTML syntax</span>, authors need only remember to use U+0022
+  QUOTATION MARK characters (") to wrap the attribute contents and then to escape all U+0022
+  QUOTATION MARK (") and U+0026 AMPERSAND (&) characters, and to specify the <code
+  title="attr-iframe-sandbox">sandbox</code> attribute, to ensure safe embedding of content.</p>
+
+  <p class="note">Due to restrictions of <span>the XHTML syntax</span>, in XML the U+003C LESS-THAN
+  SIGN character (<) needs to be escaped as well. In order to prevent <a
+  href="http://www.w3.org/TR/REC-xml/#AVNormalize">attribute-value normalization</a>, some of XML's
+  whitespace characters — specifically U+0009 CHARACTER TABULATION (tab), U+000A LINE FEED
+  (LF), and U+000D CARRIAGE RETURN (CR) — also need to be escaped. <a
+  href="#refsXML">[XML]</a></p>
+
+  <p class="note">If the <code title="attr-iframe-src">src</code> attribute and the <code
+  title="attr-iframe-srcdoc">srcdoc</code> attribute are both specified together, the <code
+  title="attr-iframe-srcdoc">srcdoc</code> attribute takes priority. This allows authors to provide
+  a fallback <span>URL</span> for legacy user agents that do not support the <code
+  title="attr-iframe-srcdoc">srcdoc</code> attribute.</p>
+
+
   <div class="impl">
 
-  <p>When an <code>iframe</code> element is <span title="insert an
-  element into a document">inserted into a document</span>, the user
-  agent must create a <span>nested browsing context</span>, and then
-  <span>process the <code>iframe</code> attributes</span> for the
-  first time.</p>
+  <hr> <!-- SRC/SRCDOC PROCESSING MODEL -->
 
-  <p>When an <code>iframe</code> element is <span title="remove an
-  element from a document">removed from a document</span>, the user
-  agent must <span title="a browsing context is
-  discarded">discard</span> the <span>nested browsing
-  context</span>.</p>
+  <p>When an <code>iframe</code> element is <span title="insert an element into a document">inserted
+  into a document</span>, the user agent must create a <span>nested browsing context</span>, and
+  then <span>process the <code>iframe</code> attributes</span> for the first time.</p>
 
-  <p class="note">This happens without any <code
-  title="event-unload">unload</code> events firing (the <span>nested
-  browsing context</span> and its <code>Document</code> are <em
-  title="a browsing context is discarded">discarded</em>, not <em
-  title="unload a document">unloaded</em>).</p>
+  <p>When an <code>iframe</code> element is <span title="remove an element from a document">removed
+  from a document</span>, the user agent must <span title="a browsing context is
+  discarded">discard</span> the <span>nested browsing context</span>.</p>
 
+  <p class="note">This happens without any <code title="event-unload">unload</code> events firing
+  (the <span>nested browsing context</span> and its <code>Document</code> are <em title="a browsing
+  context is discarded">discarded</em>, not <em title="unload a document">unloaded</em>).</p>
+
   <!-- START of section that's very similar to <frame> -->
 
-  <p>Whenever an <code>iframe</code> element with a <span>nested
-  browsing context</span> has its <code
-  title="attr-iframe-srcdoc">srcdoc</code> attribute set, changed, or
-  removed, the user agent must <span>process the <code>iframe</code>
-  attributes</span>.</p>
+  <p>Whenever an <code>iframe</code> element with a <span>nested browsing context</span> has its
+  <code title="attr-iframe-srcdoc">srcdoc</code> attribute set, changed, or removed, the user agent
+  must <span>process the <code>iframe</code> attributes</span>.</p>
 
-  <p>Similarly, whenever an <code>iframe</code> element with a
-  <span>nested browsing context</span> but with no <code
-  title="attr-iframe-srcdoc">srcdoc</code> attribute specified has its
-  <code title="attr-iframe-src">src</code> attribute set, changed, or
-  removed, the user agent must <span>process the <code>iframe</code>
-  attributes</span>.</p> <!-- It doesn't happen when the base URL is
-  changed, though. -->
+  <p>Similarly, whenever an <code>iframe</code> element with a <span>nested browsing context</span>
+  but with no <code title="attr-iframe-srcdoc">srcdoc</code> attribute specified has its <code
+  title="attr-iframe-src">src</code> attribute set, changed, or removed, the user agent must
+  <span>process the <code>iframe</code> attributes</span>.</p> <!-- It doesn't happen when the base
+  URL is changed, though. -->
 
-  <p>When the user agent is to <dfn>process the <code>iframe</code>
-  attributes</dfn>, it must run the first appropriate steps from the
-  following list:</p>
+  <p>When the user agent is to <dfn>process the <code>iframe</code> attributes</dfn>, it must run
+  the first appropriate steps from the following list:</p>
 
   <dl class="switch">
 
-   <dt>If the <code title="attr-iframe-srcdoc">srcdoc</code> attribute
-   is specified</dt>
+   <dt>If the <code title="attr-iframe-srcdoc">srcdoc</code> attribute is specified</dt>
 
-   <dd><p><span>Navigate</span><!--DONAV iframe--> the element's
-   <span>child browsing context</span> to a resource whose
-   <span>Content-Type</span> is <code>text/html</code>, whose
-   <span>URL</span> is <code>about:srcdoc</code>, and whose data
-   consists of the value of the attribute. The resulting
-   <code>Document</code> must be considered <span>an
-   <code>iframe</code> <code title="attr-iframe-srcdoc">srcdoc</code>
-   document</span>.</p></dd>
+   <dd><p><span>Navigate</span><!--DONAV iframe--> the element's <span>child browsing context</span>
+   to a resource whose <span>Content-Type</span> is <code>text/html</code>, whose <span>URL</span>
+   is <code>about:srcdoc</code>, and whose data consists of the value of the attribute. The
+   resulting <code>Document</code> must be considered <span>an <code>iframe</code> <code
+   title="attr-iframe-srcdoc">srcdoc</code> document</span>.</p></dd>
 
-   <dt>Otherwise, if the element has no <code
-   title="attr-iframe-src">src</code> attribute specified, and the
-   user agent is processing the <code>iframe</code>'s attributes for
-   the first time</dt>
+   <dt>Otherwise, if the element has no <code title="attr-iframe-src">src</code> attribute
+   specified, and the user agent is processing the <code>iframe</code>'s attributes for the first
+   time</dt>
 
    <dd>
 
-    <p><span>Queue a task</span> to <span>fire a simple event</span>
-    named <code title="event-load">load</code> at the
-    <code>iframe</code> element.</p>
+    <p><span>Queue a task</span> to <span>fire a simple event</span> named <code
+    title="event-load">load</code> at the <code>iframe</code> element.</p>
 
    </dd>
 
@@ -28771,26 +28799,22 @@
 
      <li>
 
-      <p>If the value of the <code title="attr-iframe-src">src</code>
-      attribute is the empty string, let <var title="">url</var> be
-      the string "<code>about:blank</code>".</p>
+      <p>If the value of the <code title="attr-iframe-src">src</code> attribute is the empty string,
+      let <var title="">url</var> be the string "<code>about:blank</code>".</p>
 
-      <p>Otherwise, <span title="resolve a url">resolve</span> the
-      value of the <code title="attr-iframe-src">src</code> attribute,
-      relative to the <code>iframe</code> element.</p>
+      <p>Otherwise, <span title="resolve a url">resolve</span> the value of the <code
+      title="attr-iframe-src">src</code> attribute, relative to the <code>iframe</code> element.</p>
 
-      <p>If that is not successful, then let <var title="">url</var>
-      be the string "<code>about:blank</code>". Otherwise, let <var
-      title="">url</var> be the resulting <span>absolute
-      URL</span>.</p>
+      <p>If that is not successful, then let <var title="">url</var> be the string
+      "<code>about:blank</code>". Otherwise, let <var title="">url</var> be the resulting
+      <span>absolute URL</span>.</p>
 
      </li>
 
      <li>
 
-      <p><span>Navigate</span><!--DONAV iframe--> the element's
-      <span>child browsing context</span> to <var
-      title="">url</var>.</p>
+      <p><span>Navigate</span><!--DONAV iframe--> the element's <span>child browsing context</span>
+      to <var title="">url</var>.</p>
       
      </li>
 
@@ -28800,210 +28824,120 @@
 
   </dl>
 
-  <p>Any <span title="navigate">navigation</span> required of the user
-  agent in the <span>process the <code>iframe</code> attributes</span>
-  algorithm must be completed as an <span>explicit self-navigation
-  override</span> and with the <code>iframe</code> element's
-  document's <span>browsing context</span> as the <span>source
-  browsing context</span>.</p>
+  <p>Any <span title="navigate">navigation</span> required of the user agent in the <span>process
+  the <code>iframe</code> attributes</span> algorithm must be completed as an <span>explicit
+  self-navigation override</span> and with the <code>iframe</code> element's document's
+  <span>browsing context</span> as the <span>source browsing context</span>.</p>
 
-  <p>Furthermore, if the <span>active document</span> of the element's
-  <span>child browsing context</span> before such a <span
-  title="navigate">navigation</span> was not <span>completely
-  loaded</span> at the time of the new <span
-  title="navigate">navigation</span>, then the <span
-  title="navigate">navigation</span> must be completed with
-  <span>replacement enabled</span>.</p>
+  <p>Furthermore, if the <span>active document</span> of the element's <span>child browsing
+  context</span> before such a <span title="navigate">navigation</span> was not <span>completely
+  loaded</span> at the time of the new <span title="navigate">navigation</span>, then the <span
+  title="navigate">navigation</span> must be completed with <span>replacement enabled</span>.</p>
 
-  <p>Similarly, if the <span>child browsing context</span>'s
-  <span>session history</span> contained only one
-  <code>Document</code> when the <span>process the <code>iframe</code>
-  attributes</span> algorithm was invoked, and that was the
-  <code>about:blank</code> <code>Document</code> created when the
-  <span>child browsing context</span> was created, then any <span
-  title="navigate">navigation</span> required of the user agent in
-  that algorithm must be completed with <span>replacement
-  enabled</span>.</p> <!-- see also the note near similar text for the
+  <p>Similarly, if the <span>child browsing context</span>'s <span>session history</span> contained
+  only one <code>Document</code> when the <span>process the <code>iframe</code> attributes</span>
+  algorithm was invoked, and that was the <code>about:blank</code> <code>Document</code> created
+  when the <span>child browsing context</span> was created, then any <span
+  title="navigate">navigation</span> required of the user agent in that algorithm must be completed
+  with <span>replacement enabled</span>.</p> <!-- see also the note near similar text for the
   location.assign() method -->
 
-  </div>
+  <p>When content loads in an <code>iframe</code>, after any <code title="event-load">load</code>
+  events are fired within the content itself, <!-- XXX bug 16829 --> the user agent must <span>queue
+  a task</span> to <span>fire a simple event</span> named <code title="event-load">load</code> at
+  the <code>iframe</code> element. When content whose <span>URL</span> has the <span>same
+  origin</span> as the <code>iframe</code> element's <code>Document</code> fails to load (e.g. due
+  to a DNS error, network error, or if the server returned a 4xx or 5xx status code <span
+  title="concept-http-equivalent-codes">or equivalent</span>), then the user agent must <span>queue
+  a task</span> to <span>fire a simple event</span> named <code title="event-error">error</code> at
+  the element instead. (This event does not fire for <span title="parse error">parse errors</span>,
+  script errors, or any errors for cross-origin resources.)</p>
 
-  <!-- END of section that's very similar to <frame> -->
+  <p>The <span>task source</span> for these <span title="concept-task">tasks</span> is the <span>DOM
+  manipulation task source</span>.</p>
 
-  <p class="note">If, when the element is created, the <code
-  title="attr-iframe-srcdoc">srcdoc</code> attribute is not set, and
-  the <code title="attr-iframe-src">src</code> attribute is either
-  also not set or set but its value cannot be <span title="resolve a
-  url">resolved</span>, the browsing context will remain at the
-  initial <code>about:blank</code> page.</p>
+  <p class="note">A <code title="event-load">load</code> event is also fired at the
+  <code>iframe</code> element when it is created if no other data is loaded in it.</p>
 
-  <p class="note">If the user <span title="navigate">navigates</span>
-  away from this page, the <code>iframe</code>'s corresponding
-  <code>WindowProxy</code> object will proxy new <code>Window</code>
-  objects for new <code>Document</code> objects, but the <code
-  title="attr-iframe-src">src</code> attribute will not change.</p>
+  <p>When the <code>iframe</code>'s <span>active document</span> is not <span>ready for post-load
+  tasks</span>, and when anything in the <code>iframe</code> is <span title="delay the load
+  event">delaying the load event</span> of the <code>iframe</code>'s <span>browsing context</span>'s
+  <span>active document</span>, the <code>iframe</code> must <span>delay the load event</span> of
+  its document.</p>
 
-  <div class="example">
+  <p class="note">If, during the handling of the <code title="event-load">load</code> event, the
+  <span>browsing context</span> in the <code>iframe</code> is again <span
+  title="navigate">navigated</span>, that will further <span>delay the load event</span>.</p>
 
-   <p>Here a blog uses the <code
-   title="attr-iframe-srcdoc">srcdoc</code> attribute in conjunction
-   with the <code title="attr-iframe-sandbox">sandbox</code> and <code
-   title="attr-iframe-seamless">seamless</code> attributes described
-   below to provide users of user agents that support this feature
-   with an extra layer of protection from script injection in the blog
-   post comments:</p>
+  </div>
 
-   <pre><article>
- <h1>I got my own magazine!</h1>
- <p>After much effort, I've finally found a publisher, and so now I
- have my own magazine! Isn't that awesome?! The first issue will come
- out in September, and we have articles about getting food, and about
- getting in boxes, it's going to be great!</p>
- <footer>
-  <p>Written by <a href="/users/cap">cap</a>, 1 hour ago.
- </footer>
- <article>
-  <footer> Thirteen minutes ago, <a href="/users/ch">ch</a> wrote: </footer>
-  <iframe seamless sandbox srcdoc="<p>did you get a cover picture yet?"></iframe>
- </article>
- <article>
-  <footer> Nine minutes ago, <a href="/users/cap">cap</a> wrote: </footer>
-  <iframe seamless sandbox srcdoc="<p>Yeah, you can see it <a href=&quot;/gallery?mode=cover&amp;amp;page=1&quot;>in my gallery</a>."></iframe>
- </article>
- <article>
-  <footer> Five minutes ago, <a href="/users/ch">ch</a> wrote: </footer>
-  <iframe seamless sandbox srcdoc="<p>hey that's earl's table.
-<p>you should get earl&amp;amp;me on the next cover."></iframe>
- </article></pre>
+  <!-- END of section that's very similar to <frame> -->
 
-   <p>Notice the way that quotes have to be escaped (otherwise the
-   <code title="attr-iframe-srcdoc">srcdoc</code> attribute would end
-   prematurely), and the way raw ampersands (e.g. in URLs or in prose)
-   mentioned in the sandboxed content have to be <em>doubly</em>
-   escaped — once so that the ampersand is preserved when
-   originally parsing the <code
-   title="attr-iframe-srcdoc">srcdoc</code> attribute, and once more
-   to prevent the ampersand from being misinterpreted when parsing the
-   sandboxed content.</p>
+  <p class="note">If, when the element is created, the <code
+  title="attr-iframe-srcdoc">srcdoc</code> attribute is not set, and the <code
+  title="attr-iframe-src">src</code> attribute is either also not set or set but its value cannot be
+  <span title="resolve a url">resolved</span>, the browsing context will remain at the initial
+  <code>about:blank</code> page.</p>
 
-  </div>
+  <p class="note">If the user <span title="navigate">navigates</span> away from this page, the
+  <code>iframe</code>'s corresponding <code>WindowProxy</code> object will proxy new
+  <code>Window</code> objects for new <code>Document</code> objects, but the <code
+  title="attr-iframe-src">src</code> attribute will not change.</p>
 
-  <p class="note">In <span>the HTML syntax</span>, authors need only
-  remember to use U+0022 QUOTATION MARK characters (") to wrap the
-  attribute contents and then to escape all U+0022 QUOTATION MARK (")
-  and U+0026 AMPERSAND (&) characters, and to specify the <code
-  title="attr-iframe-sandbox">sandbox</code> attribute, to ensure safe
-  embedding of content.</p>
 
-  <p class="note">Due to restrictions of <span>the XHTML
-  syntax</span>, in XML the U+003C LESS-THAN SIGN character (<)
-  needs to be escaped as well. In order to prevent <a
-  href="http://www.w3.org/TR/REC-xml/#AVNormalize">attribute-value
-  normalization</a>, some of XML's whitespace characters —
-  specifically U+0009 CHARACTER TABULATION (tab), U+000A LINE FEED
-  (LF), and U+000D CARRIAGE RETURN (CR) — also need to be
-  escaped. <a href="#refsXML">[XML]</a></p>
+  <hr> <!-- NAME -->
 
-  <hr>
+  <p>The <dfn title="attr-iframe-name"><code>name</code></dfn> attribute, if present, must be a
+  <span>valid browsing context name</span>. The given value is used to name the <span>nested
+  browsing context</span>. <span class="impl">When the browsing context is created, if the attribute
+  is present, the <span>browsing context name</span> must be set to the value of this attribute;
+  otherwise, the <span>browsing context name</span> must be set to the empty string.</span></p>
 
-  <p>The <dfn title="attr-iframe-name"><code>name</code></dfn>
-  attribute, if present, must be a <span>valid browsing context
-  name</span>. The given value is used to name the <span>nested
-  browsing context</span>. <span class="impl">When the browsing
-  context is created, if the attribute is present, the <span>browsing
-  context name</span> must be set to the value of this attribute;
-  otherwise, the <span>browsing context name</span> must be set to the
-  empty string.</span></p>
-
   <div class="impl">
 
-  <p>Whenever the <code title="attr-iframe-name">name</code> attribute
-  is set, the nested <span>browsing context</span>'s <span
-  title="browsing context name">name</span> must be changed to the new
-  value. If the attribute is removed, the <span>browsing context
-  name</span> must be set to the empty string.</p>
+  <p>Whenever the <code title="attr-iframe-name">name</code> attribute is set, the nested
+  <span>browsing context</span>'s <span title="browsing context name">name</span> must be changed to
+  the new value. If the attribute is removed, the <span>browsing context name</span> must be set to
+  the empty string.</p>
 
-  <p>When content loads in an <code>iframe</code>, after any <code
-  title="event-load">load</code> events are fired within the content
-  itself, the user agent must <span>queue a task</span> to <span>fire
-  a simple event</span> named <code title="event-load">load</code> at
-  the <code>iframe</code> element. When content whose <span>URL</span>
-  has the <span>same origin</span> as the <code>iframe</code>
-  element's <code>Document</code> fails to load (e.g. due to a DNS
-  error, network error, or if the server returned a 4xx or 5xx status
-  code <span title="concept-http-equivalent-codes">or
-  equivalent</span>), then the user agent must <span>queue a
-  task</span> to <span>fire a simple event</span> named <code
-  title="event-error">error</code> at the element instead. (This event
-  does not fire for <span title="parse error">parse errors</span>,
-  script errors, or any errors for cross-origin resources.)</p>
-
-  <p>The <span>task source</span> for these <span
-  title="concept-task">tasks</span> is the <span>DOM manipulation
-  task source</span>.</p>
-
-  <p class="note">A <code title="event-load">load</code> event is also
-  fired at the <code>iframe</code> element when it is created if no
-  other data is loaded in it.</p>
-
-  <p>When the <code>iframe</code>'s <span>active document</span> is
-  not <span>ready for post-load tasks</span>, and when anything in the
-  <code>iframe</code> is <span title="delay the load event">delaying
-  the load event</span> of the <code>iframe</code>'s <span>browsing
-  context</span>'s <span>active document</span>, the
-  <code>iframe</code> must <span>delay the load event</span> of its
-  document.</p>
-
-  <p class="note">If, during the handling of the <code
-  title="event-load">load</code> event, the <span>browsing
-  context</span> in the <code>iframe</code> is again <span
-  title="navigate">navigated</span>, that will further <span>delay the
-  load event</span>.</p>
-
   </div>
 
-  <hr>
 
-  <p>The <dfn title="attr-iframe-sandbox"><code>sandbox</code></dfn>
-  attribute, when specified, enables a set of extra restrictions on
-  any content hosted by the <code>iframe</code>. Its value must be an
-  <span>unordered set of unique space-separated tokens</span> that are
-  <span>ASCII case-insensitive</span>. The allowed values are
-  <code title="attr-iframe-sandbox-allow-forms">allow-forms</code>,
-  <code title="attr-iframe-sandbox-allow-popups">allow-popups</code>,
-  <code title="attr-iframe-sandbox-allow-same-origin">allow-same-origin</code>,
-  <code title="attr-iframe-sandbox-allow-scripts">allow-scripts</code>, and
-  <code title="attr-iframe-sandbox-allow-top-navigation">allow-top-navigation</code>.
+  <hr> <!-- SANDBOX -->
 
-  When the attribute is set, the content is treated as being from a
-  unique <span>origin</span>, forms and scripts are disabled, links
-  are prevented from targeting other <span title="browsing
-  context">browsing contexts</span>, and plugins are secured. The
-  <code
-  title="attr-iframe-sandbox-allow-same-origin">allow-same-origin</code>
-  keyword allows the content to be treated as being from the same
-  origin instead of forcing it into a unique origin, the <code
-  title="attr-iframe-sandbox-allow-top-navigation">allow-top-navigation</code>
-  keyword allows the content to <span>navigate</span> its
-  <span>top-level browsing context</span>, and the <code
+  <p>The <dfn title="attr-iframe-sandbox"><code>sandbox</code></dfn> attribute, when specified,
+  enables a set of extra restrictions on any content hosted by the <code>iframe</code>. Its value
+  must be an <span>unordered set of unique space-separated tokens</span> that are <span>ASCII
+  case-insensitive</span>. The allowed values are <code
   title="attr-iframe-sandbox-allow-forms">allow-forms</code>, <code
+  title="attr-iframe-sandbox-allow-popups">allow-popups</code>, <code
+  title="attr-iframe-sandbox-allow-same-origin">allow-same-origin</code>, <code
+  title="attr-iframe-sandbox-allow-scripts">allow-scripts</code>, and <code
+  title="attr-iframe-sandbox-allow-top-navigation">allow-top-navigation</code>.</p>
+
+  <p>When the attribute is set, the content is treated as being from a unique <span>origin</span>,
+  forms and scripts are disabled, links are prevented from targeting other <span title="browsing
+  context">browsing contexts</span>, and plugins are secured. The <code
+  title="attr-iframe-sandbox-allow-same-origin">allow-same-origin</code> keyword allows the content
+  to be treated as being from the same origin instead of forcing it into a unique origin, the <code
+  title="attr-iframe-sandbox-allow-top-navigation">allow-top-navigation</code> keyword allows the
+  content to <span>navigate</span> its <span>top-level browsing context</span>, and the <code
+  title="attr-iframe-sandbox-allow-forms">allow-forms</code>, <code
   title="attr-iframe-sandbox-allow-popups">allow-popups</code> and <code
-  title="attr-iframe-sandbox-allow-scripts">allow-scripts</code>
-  keywords re-enable forms, popups, and scripts respectively.</p>
+  title="attr-iframe-sandbox-allow-scripts">allow-scripts</code> keywords re-enable forms, popups,
+  and scripts respectively.</p>
 
-  <p class="warning">Setting both the
-  <code title="attr-iframe-sandbox-allow-scripts">allow-scripts</code> and
-  <code title="attr-iframe-sandbox-allow-same-origin">allow-same-origin</code>
-  keywords together when the embedded page has the <span>same
-  origin</span> as the page containing the <code>iframe</code> allows
-  the embedded page to simply remove the <code
-  title="attr-iframe-sandbox">sandbox</code> attribute.</p>
+  <p class="warning">Setting both the <code
+  title="attr-iframe-sandbox-allow-scripts">allow-scripts</code> and <code
+  title="attr-iframe-sandbox-allow-same-origin">allow-same-origin</code> keywords together when the
+  embedded page has the <span>same origin</span> as the page containing the <code>iframe</code>
+  allows the embedded page to simply remove the <code title="attr-iframe-sandbox">sandbox</code>
+  attribute.</p>
 
-  <p class="warning">Sandboxing hostile content is of minimal help if
-  an attacker can convince the user to just visit the hostile content
-  directly, rather than in the <code>iframe</code>. To limit the
-  damage that can be caused by hostile HTML content, it should be
-  served from a separate dedicated domain.</p>
+  <p class="warning">Sandboxing hostile content is of minimal help if an attacker can convince the
+  user to just visit the hostile content directly, rather than in the <code>iframe</code>. To limit
+  the damage that can be caused by hostile HTML content, it should be served from a separate
+  dedicated domain.</p>
 
   <div class="impl">
 
@@ -29014,50 +28948,42 @@
        - block access to 'parent.frames' from sandbox
   -->
 
-  <p>While the <code title="attr-iframe-sandbox">sandbox</code>
-  attribute is set or changed, the user agent must <span title="parse
-  a sandboxing directive">parse the sandboxing directive</span> using
-  the attribute's value as the <var title="">input</var> and the
-  <code>iframe</code> element's <span>nested browsing context</span>'s
-  <span><code>iframe</code> sandboxing flag set</span> as the
+  <p>While the <code title="attr-iframe-sandbox">sandbox</code> attribute is set or changed, the
+  user agent must <span title="parse a sandboxing directive">parse the sandboxing directive</span>
+  using the attribute's value as the <var title="">input</var> and the <code>iframe</code> element's
+  <span>nested browsing context</span>'s <span><code>iframe</code> sandboxing flag set</span> as the
   output.</p>
 
-  <p class="warning">These flags only take effect when the
-  <span>nested browsing context</span> of the <code>iframe</code> is
-  <span title="navigate">navigated</span>. Removing them, or removing
-  the entire <code title="attr-iframe-sandbox">sandbox</code>
-  attribute, has no effect on an already-loaded page.</p>
+  <p class="warning">These flags only take effect when the <span>nested browsing context</span> of
+  the <code>iframe</code> is <span title="navigate">navigated</span>. Removing them, or removing the
+  entire <code title="attr-iframe-sandbox">sandbox</code> attribute, has no effect on an
+  already-loaded page.</p>
 
   </div>
 
   <div class="example">
 
-   <p>In this example, some completely-unknown, potentially hostile,
-   user-provided HTML content is embedded in a page. Because it is
-   served from a separate domain, it is affected by all the normal
-   cross-site restrictions. In addition, the embedded page has
-   scripting disabled, plugins disabled, forms disabled, and it cannot
-   navigate any frames or windows other than itself (or any frames or
+   <p>In this example, some completely-unknown, potentially hostile, user-provided HTML content is
+   embedded in a page. Because it is served from a separate domain, it is affected by all the normal
+   cross-site restrictions. In addition, the embedded page has scripting disabled, plugins disabled,
+   forms disabled, and it cannot navigate any frames or windows other than itself (or any frames or
    windows it itself embeds).</p>
 
    <pre><p>We're not scared of you! Here is your content, unedited:</p>
 <iframe sandbox src="http://usercontent.example.net/getusercontent.cgi?id=12193"></iframe></pre>
 
-   <p class="warning">It is important to use a separate domain so that
-   if the attacker convinces the user to visit that page directly, the
-   page doesn't run in the context of the site's origin, which would
-   make the user vulnerable to any attack found in the page.</p>
+   <p class="warning">It is important to use a separate domain so that if the attacker convinces the
+   user to visit that page directly, the page doesn't run in the context of the site's origin, which
+   would make the user vulnerable to any attack found in the page.</p>
 
   </div>
 
   <div class="example">
 
-   <p>In this example, a gadget from another site is embedded. The
-   gadget has scripting and forms enabled, and the origin sandbox
-   restrictions are lifted, allowing the gadget to communicate with
-   its originating server. The sandbox is still useful, however, as it
-   disables plugins and popups, thus reducing the risk of the user
-   being exposed to malware and other annoyances.</p>
+   <p>In this example, a gadget from another site is embedded. The gadget has scripting and forms
+   enabled, and the origin sandbox restrictions are lifted, allowing the gadget to communicate with
+   its originating server. The sandbox is still useful, however, as it disables plugins and popups,
+   thus reducing the risk of the user being exposed to malware and other annoyances.</p>
 
    <pre><iframe sandbox="allow-same-origin allow-forms allow-scripts"
         src="http://maps.example.com/embedded.html"></iframe></pre>
@@ -29078,313 +29004,254 @@
 
    <pre><a href=D>Link</a></pre>
 
-   <p>For this example, suppose all the files were served as
-   <code>text/html</code>.</p>
+   <p>For this example, suppose all the files were served as <code>text/html</code>.</p>
 
-   <p>Page C in this scenario has all the sandboxing flags
-   set. Scripts are disabled, because the <code>iframe</code> in A has
-   scripts disabled, and this overrides the <code
-   title="attr-iframe-sandbox-allow-scripts">allow-scripts</code>
-   keyword set on the <code>iframe</code> in B. Forms are also
-   disabled, because the inner <code>iframe</code> (in B) does not
-   have the <code
-   title="attr-iframe-sandbox-allow-forms">allow-forms</code> keyword
+   <p>Page C in this scenario has all the sandboxing flags set. Scripts are disabled, because the
+   <code>iframe</code> in A has scripts disabled, and this overrides the <code
+   title="attr-iframe-sandbox-allow-scripts">allow-scripts</code> keyword set on the
+   <code>iframe</code> in B. Forms are also disabled, because the inner <code>iframe</code> (in B)
+   does not have the <code title="attr-iframe-sandbox-allow-forms">allow-forms</code> keyword
    set.</p>
 
    <p>Suppose now that a script in A removes all the <code
-   title="attr-iframe-sandbox">sandbox</code> attributes in A
-   <!--grammar-check-override--> and B. This would change nothing
-   immediately. If the user clicked the link in C, loading page D into
-   the <code>iframe</code> in B, page D would now act as if the
-   <code>iframe</code> in B had the <code
-   title="attr-iframe-sandbox-allow-same-origin">allow-same-origin</code>
-   and <code
-   title="attr-iframe-sandbox-allow-forms">allow-forms</code> keywords
-   set, because that was the state of the <span>nested browsing
-   context</span> in the <code>iframe</code> in A when page B was
+   title="attr-iframe-sandbox">sandbox</code> attributes in A <!--grammar-check-override--> and B.
+   This would change nothing immediately. If the user clicked the link in C, loading page D into the
+   <code>iframe</code> in B, page D would now act as if the <code>iframe</code> in B had the <code
+   title="attr-iframe-sandbox-allow-same-origin">allow-same-origin</code> and <code
+   title="attr-iframe-sandbox-allow-forms">allow-forms</code> keywords set, because that was the
+   state of the <span>nested browsing context</span> in the <code>iframe</code> in A when page B was
    loaded.</p>
 
    <p>Generally speaking, dynamically removing or changing the <code
-   title="attr-iframe-sandbox">sandbox</code> attribute is
-   ill-advised, because it can make it quite hard to reason about what
-   will be allowed and what will not.</p>
+   title="attr-iframe-sandbox">sandbox</code> attribute is ill-advised, because it can make it quite
+   hard to reason about what will be allowed and what will not.</p>
 
   </div>
 
-  <p class="note">Potentially hostile files should not be served from
-  the same server as the file containing the <code>iframe</code>
-  element. Using a different domain ensures that scripts in the files
-  are unable to attack the site, even if the user is tricked into
-  visiting those pages directly, without the protection of the <code
-  title="attr-iframe-sandbox">sandbox</code> attribute.</p>
+  <p class="note">Potentially hostile files should not be served from the same server as the file
+  containing the <code>iframe</code> element. Using a different domain ensures that scripts in the
+  files are unable to attack the site, even if the user is tricked into visiting those pages
+  directly, without the protection of the <code title="attr-iframe-sandbox">sandbox</code>
+  attribute.</p>
 
-  <p class="warning">If the <code
-  title="attr-iframe-sandbox-allow-scripts">allow-scripts</code>
+  <p class="warning">If the <code title="attr-iframe-sandbox-allow-scripts">allow-scripts</code>
   keyword is set along with <code
-  title="attr-iframe-sandbox-allow-same-origin">allow-same-origin</code>
-  keyword, and the file is from the <span>same origin</span> as the
-  <code>iframe</code>'s <code>Document</code>, then a script in the
-  "sandboxed" iframe could just reach out, remove the <code
-  title="attr-iframe-sandbox">sandbox</code> attribute, and then
-  reload itself, effectively breaking out of the sandbox
-  altogether.</p>
+  title="attr-iframe-sandbox-allow-same-origin">allow-same-origin</code> keyword, and the file is
+  from the <span>same origin</span> as the <code>iframe</code>'s <code>Document</code>, then a
+  script in the "sandboxed" iframe could just reach out, remove the <code
+  title="attr-iframe-sandbox">sandbox</code> attribute, and then reload itself, effectively breaking
+  out of the sandbox altogether.</p>
 
 
-  <hr>
+  <hr> <!-- SEAMLESS -->
 
+  <!-- v2: Might be interesting to have a value on seamless that allowed event propagation of some
+  sort, maybe based on the WICD work: http://www.w3.org/TR/WICD/ -->
 
-  <!-- v2: Might be interesting to have a value on seamless that
-  allowed event propagation of some sort, maybe based on the WICD
-  work: http://www.w3.org/TR/WICD/ -->
+  <p>The <dfn title="attr-iframe-seamless"><code>seamless</code></dfn> attribute is a <span>boolean
+  attribute</span>. When specified, it indicates that the <code>iframe</code> element's
+  <span>browsing context</span> is to be rendered in a manner that makes it appear to be part of the
+  containing document (seamlessly included in the parent document).</p>
 
-  <p>The <dfn title="attr-iframe-seamless"><code>seamless</code></dfn>
-  attribute is a <span>boolean attribute</span>. When specified, it
-  indicates that the <code>iframe</code> element's <span>browsing
-  context</span> is to be rendered in a manner that makes it appear to
-  be part of the containing document (seamlessly included in the
-  parent document).</p>
-
   <div class="impl">
 
-  <p>An <code>iframe</code> element is said to be <dfn>in seamless
-  mode</dfn> when all of the following conditions are met:</p>
+  <p>An <code>iframe</code> element is said to be <dfn>in seamless mode</dfn> when all of the
+  following conditions are met:</p>
 
   <ul>
 
-   <li>The <code title="attr-iframe-seamless">seamless</code>
-   attribute is set on the <code>iframe</code> element, and
+   <li>The <code title="attr-iframe-seamless">seamless</code> attribute is set on the
+   <code>iframe</code> element, and
 
-   <li>The <code>iframe</code> element's owner <code>Document</code>'s
-   <span>active sandboxing flag set</span> does not have the
-   <span>sandboxed seamless iframes flag</span> set, and
+   <li>The <code>iframe</code> element's owner <code>Document</code>'s <span>active sandboxing flag
+   set</span> does not have the <span>sandboxed seamless iframes flag</span> set, and
 
    <li>Either:
 
     <ul>
 
-     <li>The <span>browsing context</span>'s <span>active
-     document</span> has the <span>same origin</span> as the
+     <li>The <span>browsing context</span>'s <span>active document</span> has the <span>same
+     origin</span> as the <code>iframe</code> element's <code>Document</code>, or
+
+     <li>The <span>browsing context</span>'s <span>active document</span>'s <em><span title="the
+     document's address">address</span></em> has the <span>same origin</span> as the
      <code>iframe</code> element's <code>Document</code>, or
 
-     <li>The <span>browsing context</span>'s <span>active
-     document</span>'s <em><span title="the document's
-     address">address</span></em> has the <span>same origin</span> as
-     the <code>iframe</code> element's <code>Document</code>, or
+     <li>The <span>browsing context</span>'s <span>active document</span> is <span>an
+     <code>iframe</code> <code title="attr-iframe-srcdoc">srcdoc</code> document</span>.
 
-     <li>The <span>browsing context</span>'s <span>active
-     document</span> is <span>an <code>iframe</code> <code
-     title="attr-iframe-srcdoc">srcdoc</code> document</span>.
-
     </ul>
 
    </li>
 
   </ul>
 
-  <p>When an <code>iframe</code> element is <span>in seamless
-  mode</span>, the following requirements apply:</p>
+  <p>When an <code>iframe</code> element is <span>in seamless mode</span>, the following
+  requirements apply:</p>
 
   <ul>
 
-   <li><p>The user agent must set the <dfn>seamless browsing context
-   flag</dfn> to true for that <span>browsing context</span>. This
-   will <a href="#seamlessLinks">cause links to open in the parent
-   browsing context</a> unless an <span>explicit self-navigation
-   override</span> is used (<code
-   title="">target="_self"</code>).</p></li>
+   <li><p>The user agent must set the <dfn>seamless browsing context flag</dfn> to true for that
+   <span>browsing context</span>. This will <a href="#seamlessLinks">cause links to open in the
+   parent browsing context</a> unless an <span>explicit self-navigation override</span> is used
+   (<code title="">target="_self"</code>).</p></li>
 
-   <li><p>Media queries in the context of the <code>iframe</code>'s
-   <span>browsing context</span> (e.g. on <code
-   title="attr-style-media">media</code> attributes of
-   <code>style</code> elements in <code>Document</code>s in that
-   <code>iframe</code>) must be evaluated with respect to the nearest
-   <span>ancestor browsing context</span> that is not itself being
-   <span title="browsing context nested through">nested through</span>
-   an <code>iframe</code> that is <span>in seamless
+   <li><p>Media queries in the context of the <code>iframe</code>'s <span>browsing context</span>
+   (e.g. on <code title="attr-style-media">media</code> attributes of <code>style</code> elements in
+   <code>Document</code>s in that <code>iframe</code>) must be evaluated with respect to the nearest
+   <span>ancestor browsing context</span> that is not itself being <span title="browsing context
+   nested through">nested through</span> an <code>iframe</code> that is <span>in seamless
    mode</span>. <a href="#refsMQ">[MQ]</a></p></li>
 
-   <li><p>In a CSS-supporting user agent: the user agent must add all
-   the style sheets that apply to the <code>iframe</code> element to
-   the cascade of the <span>active document</span> of the
-   <code>iframe</code> element's <span>nested browsing context</span>,
-   at the appropriate cascade levels, before any style sheets
-   specified by the document itself.</p></li>
+   <li><p>In a CSS-supporting user agent: the user agent must add all the style sheets that apply to
+   the <code>iframe</code> element to the cascade of the <span>active document</span> of the
+   <code>iframe</code> element's <span>nested browsing context</span>, at the appropriate cascade
+   levels, before any style sheets specified by the document itself.</p></li>
 
-   <li><p>In a CSS-supporting user agent: the user agent must, for the
-   purpose of CSS property inheritance only, treat the root element of
-   the <span>active document</span> of the <code>iframe</code>
-   element's <span>nested browsing context</span> as being a child of
-   the <code>iframe</code> element. (Thus inherited properties on the
-   root element of the document in the <code>iframe</code> will
-   inherit the computed values of those properties on the
-   <code>iframe</code> element instead of taking their initial
-   values.)</p></li>
+   <li><p>In a CSS-supporting user agent: the user agent must, for the purpose of CSS property
+   inheritance only, treat the root element of the <span>active document</span> of the
+   <code>iframe</code> element's <span>nested browsing context</span> as being a child of the
+   <code>iframe</code> element. (Thus inherited properties on the root element of the document in
+   the <code>iframe</code> will inherit the computed values of those properties on the
+   <code>iframe</code> element instead of taking their initial values.)</p></li>
 
-   <li><p>In visual media, in a CSS-supporting user agent: the user
-   agent should set the intrinsic width of the <code>iframe</code> to
-   the width that the element would have if it was a non-replaced
-   block-level element with 'width: auto', unless that width would be
-   zero (e.g. if the element is floating or absolutely positioned), in
-   which case the user agent should set the intrinsic width of the
-   <code>iframe</code> to the shrink-to-fit width of the root element
-   (if any) of the content rendered in the
-   <code>iframe</code>.</p></li>
+   <li><p>In visual media, in a CSS-supporting user agent: the user agent should set the intrinsic
+   width of the <code>iframe</code> to the width that the element would have if it was a
+   non-replaced block-level element with 'width: auto', unless that width would be zero (e.g. if the
+   element is floating or absolutely positioned), in which case the user agent should set the
+   intrinsic width of the <code>iframe</code> to the shrink-to-fit width of the root element (if
+   any) of the content rendered in the <code>iframe</code>.</p></li>
 
-   <li><p>In visual media, in a CSS-supporting user agent: the user
-   agent should set the intrinsic height of the <code>iframe</code> to
-   the shortest height that would make the content rendered in the
-   <code>iframe</code> at its current width (as given in the previous
-   bullet point) have no scrollable overflow at its bottom edge<!--,
-   if the scrolling position was such that the top of the viewport for
-   the content rendered in the <code>iframe</code> was aligned with
-   the origin of that content's canvas-->. Scrollable overflow is any
-   overflow that would increase the range to which a scrollbar or
-   other scrolling mechanism can scroll.</p></li>
+   <li><p>In visual media, in a CSS-supporting user agent: the user agent should set the intrinsic
+   height of the <code>iframe</code> to the shortest height that would make the content rendered in
+   the <code>iframe</code> at its current width (as given in the previous bullet point) have no
+   scrollable overflow at its bottom edge<!--, if the scrolling position was such that the top of
+   the viewport for the content rendered in the <code>iframe</code> was aligned with the origin of
+   that content's canvas-->. Scrollable overflow is any overflow that would increase the range to
+   which a scrollbar or other scrolling mechanism can scroll.</p></li>
 
    <li>
 
-    <p>In visual media, in a CSS-supporting user agent: the user agent
-    must force the height of the initial containing block of the
-    <span>active document</span> of the <span>nested browsing
+    <p>In visual media, in a CSS-supporting user agent: the user agent must force the height of the
+    initial containing block of the <span>active document</span> of the <span>nested browsing
     context</span> of the <code>iframe</code> to zero.</p>
 
-    <p class="note">This is intended to get around the otherwise
-    circular dependency of percentage dimensions that depend on the
-    height of the containing block, thus affecting the height of the
-    document's bounding box, thus affecting the height of the
-    viewport, thus affecting the size of the initial containing
-    block.</p>
+    <p class="note">This is intended to get around the otherwise circular dependency of percentage
+    dimensions that depend on the height of the containing block, thus affecting the height of the
+    document's bounding box, thus affecting the height of the viewport, thus affecting the size of
+    the initial containing block.</p>
 
    </li>
 
-   <li><p>In speech media, the user agent should render the <span>nested
-   browsing context</span> without announcing that it is a separate
-   document.</p></li>
+   <li><p>In speech media, the user agent should render the <span>nested browsing context</span>
+   without announcing that it is a separate document.</p></li>
 
    <li>
 
-    <p>User agents should, in general, act as if the <span>active
-    document</span> of the <code>iframe</code>'s <span>nested browsing
-    context</span> was part of the document that the
+    <p>User agents should, in general, act as if the <span>active document</span> of the
+    <code>iframe</code>'s <span>nested browsing context</span> was part of the document that the
     <code>iframe</code> is in, if any.</p>
 
-    <p class="example">For example if the user agent supports listing
-    all the links in a document, links in "seamlessly" nested
-    documents would be included in that list without being
+    <p class="example">For example if the user agent supports listing all the links in a document,
+    links in "seamlessly" nested documents would be included in that list without being
     significantly distinguished from links in the document itself.</p>
 
    </li>
 
   </ul>
 
-  <p>If the attribute is not specified, or if the <span>origin</span>
-  conditions listed above are not met, then the user agent should
-  render the <span>nested browsing context</span> in a manner that is
-  clearly distinguishable as a separate <span>browsing context</span>,
-  and the <span>seamless browsing context flag</span> must be set to
-  false for that <span>browsing context</span>.</p>
+  <p>If the attribute is not specified, or if the <span>origin</span> conditions listed above are
+  not met, then the user agent should render the <span>nested browsing context</span> in a manner
+  that is clearly distinguishable as a separate <span>browsing context</span>, and the
+  <span>seamless browsing context flag</span> must be set to false for that <span>browsing
+  context</span>.</p>
 
-  <p class="warning">It is important that user agents recheck the
-  above conditions whenever the <span>active document</span> of the
-  <span>nested browsing context</span> of the <code>iframe</code>
-  changes, such that the <span>seamless browsing context flag</span>
-  gets unset if the <span>nested browsing context</span> is <span
-  title="navigate">navigated</span> to another origin.</p>
+  <p class="warning">It is important that user agents recheck the above conditions whenever the
+  <span>active document</span> of the <span>nested browsing context</span> of the
+  <code>iframe</code> changes, such that the <span>seamless browsing context flag</span> gets unset
+  if the <span>nested browsing context</span> is <span title="navigate">navigated</span> to another
+  origin.</p>
 
   </div>
 
-  <p class="note">The attribute can be set or removed dynamically,
-  with the rendering updating in tandem.</p>
+  <p class="note">The attribute can be set or removed dynamically, with the rendering updating in
+  tandem.</p>
 
   <div class="example">
 
-   <p>In this example, the site's navigation is embedded using a
-   client-side include using an <code>iframe</code>. Any links in the
-   <code>iframe</code> will, in new user agents, be automatically
-   opened in the <code>iframe</code>'s parent browsing context; for
-   legacy user agents, the site could also include a <code>base</code>
-   element with a <code title="attr-base-target">target</code>
-   attribute with the value <code title="">_parent</code>. Similarly,
-   in new user agents the styles of the parent page will be
-   automatically applied to the contents of the frame, but to support
-   legacy user agents authors might wish to include the styles
+   <p>In this example, the site's navigation is embedded using a client-side include using an
+   <code>iframe</code>. Any links in the <code>iframe</code> will, in new user agents, be
+   automatically opened in the <code>iframe</code>'s parent browsing context; for legacy user
+   agents, the site could also include a <code>base</code> element with a <code
+   title="attr-base-target">target</code> attribute with the value <code title="">_parent</code>.
+   Similarly, in new user agents the styles of the parent page will be automatically applied to the
+   contents of the frame, but to support legacy user agents authors might wish to include the styles
    explicitly.</p>
 
    <pre><nav><iframe seamless src="nav.include.html"></iframe></nav></pre>
 
   </div>
 
-  <p class="note">The <code
-  title="attr-contenteditable">contenteditable</code> attribute does
-  not propagate into <code
-  title="attr-iframe-seamless">seamless</code>
-  <code>iframe</code>s.</p>
+  <p class="note">The <code title="attr-contenteditable">contenteditable</code> attribute does not
+  propagate into <code title="attr-iframe-seamless">seamless</code> <code>iframe</code>s.</p>
 
-  <hr>
 
+  <hr> <!-- DIM ATTRIBUTES -->
 
-  <p>The <code>iframe</code> element supports <span>dimension
-  attributes</span> for cases where the embedded content has specific
-  dimensions (e.g. ad units have well-defined dimensions).</p>
+  <p>The <code>iframe</code> element supports <span>dimension attributes</span> for cases where the
+  embedded content has specific dimensions (e.g. ad units have well-defined dimensions).</p>
 
-  <p>An <code>iframe</code> element never has <span>fallback
-  content</span>, as it will always create a nested <span>browsing
-  context</span>, regardless of whether the specified initial contents
-  are successfully used.</p>
+  <p>An <code>iframe</code> element never has <span>fallback content</span>, as it will always
+  create a nested <span>browsing context</span>, regardless of whether the specified initial
+  contents are successfully used.</p>
 
-  <p>Descendants of <code>iframe</code> elements represent
-  nothing. (In legacy user agents that do not support
-  <code>iframe</code> elements, the contents would be parsed as markup
-  that could act as fallback content.)</p>
 
-  <p id="iframe-content-model">When used in <span>HTML
-  documents</span>, the allowed content model of <code>iframe</code>
-  elements is text, except that invoking the <span>HTML fragment
-  parsing algorithm</span> with the <code>iframe</code> element as the
-  <var title="concept-frag-parse-context">context</var> element and
-  the text contents as the <var title="">input</var> must result in a
-  list of nodes that are all <span>phrasing content</span>, with no
-  <span title="parse error">parse errors</span> having occurred, with
-  no <code>script</code> elements being anywhere in the list or as
-  descendants of elements in the list, and with all the elements in
-  the list (including their descendants) being themselves
-  conforming.</p>
+  <hr> <!-- FALLBACK -->
 
-  <p>The <code>iframe</code> element must be empty in <span>XML
-  documents</span>.</p>
+  <p>Descendants of <code>iframe</code> elements represent nothing. (In legacy user agents that do
+  not support <code>iframe</code> elements, the contents would be parsed as markup that could act as
+  fallback content.)</p>
 
-  <p class="note">The <span>HTML parser</span> treats markup inside
-  <code>iframe</code> elements as text.</p>
+  <p id="iframe-content-model">When used in <span>HTML documents</span>, the allowed content model
+  of <code>iframe</code> elements is text, except that invoking the <span>HTML fragment parsing
+  algorithm</span> with the <code>iframe</code> element as the <var
+  title="concept-frag-parse-context">context</var> element and the text contents as the <var
+  title="">input</var> must result in a list of nodes that are all <span>phrasing content</span>,
+  with no <span title="parse error">parse errors</span> having occurred, with no <code>script</code>
+  elements being anywhere in the list or as descendants of elements in the list, and with all the
+  elements in the list (including their descendants) being themselves conforming.</p>
 
+  <p>The <code>iframe</code> element must be empty in <span>XML documents</span>.</p>
+
+  <p class="note">The <span>HTML parser</span> treats markup inside <code>iframe</code> elements as
+  text.</p>
+
+
   <div class="impl">
 
-  <p>The IDL attributes <dfn
-  title="dom-iframe-src"><code>src</code></dfn>, <dfn
+  <hr> <!-- DOM -->
+
+  <p>The IDL attributes <dfn title="dom-iframe-src"><code>src</code></dfn>, <dfn
   title="dom-iframe-srcdoc"><code>srcdoc</code></dfn>, <dfn
   title="dom-iframe-name"><code>name</code></dfn>, <dfn
   title="dom-iframe-sandbox"><code>sandbox</code></dfn>, and <dfn
-  title="dom-iframe-seamless"><code>seamless</code></dfn> must
-  <span>reflect</span> the respective content attributes of the same
-  name.</p>
+  title="dom-iframe-seamless"><code>seamless</code></dfn> must <span>reflect</span> the respective
+  content attributes of the same name.</p>
 
-  <p>The <dfn
-  title="dom-iframe-contentDocument"><code>contentDocument</code></dfn>
-  IDL attribute must return the <code>Document</code> object of the
-  <span>active document</span> of the <code>iframe</code> element's
-  <span>nested browsing context</span>, if any, or null otherwise.</p>
+  <p>The <dfn title="dom-iframe-contentDocument"><code>contentDocument</code></dfn> IDL attribute
+  must return the <code>Document</code> object of the <span>active document</span> of the
+  <code>iframe</code> element's <span>nested browsing context</span>, if any, or null otherwise.</p>
 
-  <p>The <dfn
-  title="dom-iframe-contentWindow"><code>contentWindow</code></dfn>
-  IDL attribute must return the <code>WindowProxy</code> object of the
-  <code>iframe</code> element's <span>nested browsing
-  context</span>, if any, or null otherwise.</p>
+  <p>The <dfn title="dom-iframe-contentWindow"><code>contentWindow</code></dfn> IDL attribute must
+  return the <code>WindowProxy</code> object of the <code>iframe</code> element's <span>nested
+  browsing context</span>, if any, or null otherwise.</p>
 
   </div>
 
   <div class="example">
 
-   <p>Here is an example of a page using an <code>iframe</code> to
-   include advertising from an advertising broker:</p>
+   <p>Here is an example of a page using an <code>iframe</code> to include advertising from an
+   advertising broker:</p>
 
    <pre><iframe src="http://ads.example.com/?customerid=923513721&amp;format=banner"
         width="468" height="60"></iframe></pre>




More information about the Commit-Watchers mailing list