[html5] r7711 - [e] (0) Cleanup Affected topics: DOM APIs, HTML, Offline Web Applications, Secur [...]
whatwg at whatwg.org
whatwg at whatwg.org
Fri Feb 8 20:06:17 PST 2013
Author: ianh
Date: 2013-02-08 20:06:15 -0800 (Fri, 08 Feb 2013)
New Revision: 7711
Modified:
complete.html
index
source
Log:
[e] (0) Cleanup
Affected topics: DOM APIs, HTML, Offline Web Applications, Security, Workers
Modified: complete.html
===================================================================
--- complete.html 2013-02-09 02:07:29 UTC (rev 7710)
+++ complete.html 2013-02-09 04:06:15 UTC (rev 7711)
@@ -6625,36 +6625,28 @@
</dl></div>
-<!--CLEANUP-->
<div class=impl>
<h3 id=fetching-resources><span class=secno>2.6 </span>Fetching resources</h3>
<h4 id=terminology-1><span class=secno>2.6.1 </span>Terminology</h4>
- <p id=concept-http-equivalent>User agents can implement a variety
- of transfer protocols, but this specification mostly defines
- behavior in terms of HTTP. <a href=#refsHTTP>[HTTP]</a></p>
+ <p id=concept-http-equivalent>User agents can implement a variety of transfer protocols, but
+ this specification mostly defines behavior in terms of HTTP. <a href=#refsHTTP>[HTTP]</a></p>
- <p>The <dfn id=concept-http-equivalent-get title=concept-http-equivalent-get>HTTP GET
- method</dfn> is equivalent to the default retrieval action of the
- protocol. For example, RETR in FTP. Such actions are idempotent and
- safe, in HTTP terms.</p>
+ <p>The <dfn id=concept-http-equivalent-get title=concept-http-equivalent-get>HTTP GET method</dfn> is equivalent to the default
+ retrieval action of the protocol. For example, RETR in FTP. Such actions are idempotent and safe,
+ in HTTP terms.</p>
- <p>The <dfn id=concept-http-equivalent-codes title=concept-http-equivalent-codes>HTTP response
- codes</dfn> are equivalent to statuses in other protocols that have
- the same basic meanings. For example, a "file not found" error is
- equivalent to a 404 code, a server error is equivalent to a 5xx
- code, and so on.</p>
+ <p>The <dfn id=concept-http-equivalent-codes title=concept-http-equivalent-codes>HTTP response codes</dfn> are equivalent to
+ statuses in other protocols that have the same basic meanings. For example, a "file not found"
+ error is equivalent to a 404 code, a server error is equivalent to a 5xx code, and so on.</p>
- <p>The <dfn id=concept-http-equivalent-headers title=concept-http-equivalent-headers>HTTP
- headers</dfn> are equivalent to fields in other protocols that have
- the same basic meaning. For example, the HTTP authentication
- headers are equivalent to the authentication aspects of the FTP
- protocol.</p>
+ <p>The <dfn id=concept-http-equivalent-headers title=concept-http-equivalent-headers>HTTP headers</dfn> are equivalent to fields in
+ other protocols that have the same basic meaning. For example, the HTTP authentication headers are
+ equivalent to the authentication aspects of the FTP protocol.</p>
- <hr><p>A <dfn id=referrer-source>referrer source</dfn> is either a <code><a href=#document>Document</a></code> or
- a <a href=#url>URL</a>.</p>
+ <p>A <dfn id=referrer-source>referrer source</dfn> is either a <code><a href=#document>Document</a></code> or a <a href=#url>URL</a>.</p>
<h4 id=processing-model><span class=secno>2.6.2 </span>Processing model</h4>
@@ -6937,29 +6929,23 @@
<h4 id=content-type-sniffing><span class=secno>2.6.4 </span>Determining the type of a resource</h4>
- <p>The <dfn id=content-type title=Content-Type>Content-Type metadata</dfn> of a
- resource must be obtained and interpreted in a manner consistent
- with the requirements of the Media Type Sniffing
- specification. <a href=#refsMIMESNIFF>[MIMESNIFF]</a></p>
+ <p>The <dfn id=content-type title=Content-Type>Content-Type metadata</dfn> of a resource must be obtained and
+ interpreted in a manner consistent with the requirements of the Media Type Sniffing specification.
+ <a href=#refsMIMESNIFF>[MIMESNIFF]</a></p>
- <p>The <dfn id=content-type-sniffing-0 title="Content-Type sniffing">sniffed type of a
- resource</dfn> must be found in a manner consistent with the
- requirements given in the Media Type Sniffing
- specification for finding the <i>sniffed-type</i> of the relevant
- sequence of octets. <a href=#refsMIMESNIFF>[MIMESNIFF]</a></p>
+ <p>The <dfn id=content-type-sniffing-0 title="Content-Type sniffing">sniffed type of a resource</dfn> must be found in a
+ manner consistent with the requirements given in the Media Type Sniffing specification for finding
+ the <i>sniffed-type</i> of the relevant sequence of octets. <a href=#refsMIMESNIFF>[MIMESNIFF]</a></p>
- <p>The <dfn id=content-type-sniffing:-image title="Content-Type sniffing: image">rules for sniffing
- images specifically</dfn> and the <dfn id=content-type-sniffing:-text-or-binary title="Content-Type sniffing:
- text or binary">rules for distinguishing if a resource is text or
- binary</dfn> are also defined in the Media Type Sniffing
- specification. Both sets of rules return a <a href=#mime-type>MIME type</a> as
- their result. <a href=#refsMIMESNIFF>[MIMESNIFF]</a></p>
+ <p>The <dfn id=content-type-sniffing:-image title="Content-Type sniffing: image">rules for sniffing images specifically</dfn> and
+ the <dfn id=content-type-sniffing:-text-or-binary title="Content-Type sniffing: text or binary">rules for distinguishing if a resource is
+ text or binary</dfn> are also defined in the Media Type Sniffing specification. Both sets of rules
+ return a <a href=#mime-type>MIME type</a> as their result. <a href=#refsMIMESNIFF>[MIMESNIFF]</a></p>
- <p class=warning>It is imperative that the rules in the Media Type
- Sniffing specification be followed exactly. When a user agent uses
- different heuristics for content type detection than the server
- expects, security problems can occur. For more details, see the
- Media Type Sniffing specification. <a href=#refsMIMESNIFF>[MIMESNIFF]</a></p>
+ <p class=warning>It is imperative that the rules in the Media Type Sniffing specification be
+ followed exactly. When a user agent uses different heuristics for content type detection than the
+ server expects, security problems can occur. For more details, see the Media Type Sniffing
+ specification. <a href=#refsMIMESNIFF>[MIMESNIFF]</a></p>
<h4 id=extracting-character-encodings-from-meta-elements><span class=secno>2.6.5 </span>Extracting character encodings from <code><a href=#the-meta-element>meta</a></code> elements</h4>
@@ -8381,16 +8367,13 @@
<dl class=domintro><dt><var title="">document</var> . <code title=dom-document-referrer><a href=#dom-document-referrer>referrer</a></code></dt>
<dd>
-<!--CLEANUP-->
+ <p>Returns <a href="#the-document's-address" title="the document's address">the address</a> of the <code><a href=#document>Document</a></code>
+ from which the user navigated to this one, unless it was blocked or there was no such document,
+ in which case it returns the empty string.</p>
- <p>Returns <a href="#the-document's-address" title="the document's address">the address</a>
- of the <code><a href=#document>Document</a></code> from which the user navigated to this
- one, unless it was blocked or there was no such document, in which
- case it returns the empty string.</p>
+ <p>The <code title=rel-noreferrer><a href=#link-type-noreferrer>noreferrer</a></code> link type can be used to block the
+ referrer.</p>
- <p>The <code title=rel-noreferrer><a href=#link-type-noreferrer>noreferrer</a></code> link
- type can be used to block the referrer.</p>
-
</dd>
</dl><div class=impl>
@@ -8507,8 +8490,10 @@
<dl class=domintro><dt><var title="">document</var> . <code title=dom-document-readyState><a href=#dom-document-readystate>readyState</a></code></dt>
<dd>
- <p>Returns "<code title="">loading</code>" while the <code><a href=#document>Document</a></code> is loading, "<code title="">interactive</code>" once it is finished parsing but still loading sub-resources, and "<code title="">complete</code>" once it has loaded.</p>
- <p>The <code title=event-readystatechange><a href=#event-readystatechange>readystatechange</a></code> event fires on the <code><a href=#document>Document</a></code> object when this value changes.</p>
+ <p>Returns "<code title="">loading</code>" while the <code><a href=#document>Document</a></code> is loading, "<code title="">interactive</code>" once it is finished parsing but still loading sub-resources, and
+ "<code title="">complete</code>" once it has loaded.</p>
+ <p>The <code title=event-readystatechange><a href=#event-readystatechange>readystatechange</a></code> event fires on the
+ <code><a href=#document>Document</a></code> object when this value changes.</p>
</dd>
</dl><div class=impl>
@@ -18925,7 +18910,7 @@
</dd>
- </dl><!-- CLEANUP --><div class=impl>
+ </dl><div class=impl>
<p>The IDL attributes <dfn id=dom-a-href title=dom-a-href><code>href</code></dfn>, <dfn id=dom-a-download title=dom-a-download><code>download</code></dfn>, <dfn id=dom-a-ping title=dom-a-ping><code>ping</code></dfn>, <dfn id=dom-a-target title=dom-a-target><code>target</code></dfn>,
<dfn id=dom-a-rel title=dom-a-rel><code>rel</code></dfn>, <dfn id=dom-a-hreflang title=dom-a-hreflang><code>hreflang</code></dfn>, and <dfn id=dom-a-type title=dom-a-type><code>type</code></dfn>, must <a href=#reflect>reflect</a> the respective content
@@ -18938,12 +18923,12 @@
same value as the <code><a href=#textcontent>textContent</a></code> IDL attribute on the element, and on setting, must act
as if the <code><a href=#textcontent>textContent</a></code> IDL attribute on the element had been set to the new value.</p>
- <p>The <code><a href=#the-a-element>a</a></code> element also supports the <code><a href=#urlutils>URLUtils</a></code> interface. The <a href=#concept-uu-input title=concept-uu-input>input</a> is
- the value of the element's <code title=attr-hyperlink-href><a href=#attr-hyperlink-href>href</a></code> content attribute, if there is such an
- attribute, or the empty string otherwise; the <a href=#concept-uu-base title=concept-uu-base>base</a>
- is <a href="#the-element's-base-url">the element's base URL</a>; the <a href=#concept-uu-query-encoding title=concept-uu-query-encoding>query encoding</a>
- being the <a href="#document's-character-encoding">document's character encoding</a>; and the <a href=#concept-uu-update title=concept-uu-update>update steps</a> being the same as setting the element's
- <code title=attr-hyperlink-href><a href=#attr-hyperlink-href>href</a></code> content attribute to the new output value.</p>
+ <p>The <code><a href=#the-a-element>a</a></code> element also supports the <code><a href=#urlutils>URLUtils</a></code> interface. The <a href=#concept-uu-input title=concept-uu-input>input</a> is the value of the element's <code title=attr-hyperlink-href><a href=#attr-hyperlink-href>href</a></code> content attribute, if there is such an attribute, or the
+ empty string otherwise; the <a href=#concept-uu-base title=concept-uu-base>base</a> is <a href="#the-element's-base-url">the element's base
+ URL</a>; the <a href=#concept-uu-query-encoding title=concept-uu-query-encoding>query encoding</a> being the
+ <a href="#document's-character-encoding">document's character encoding</a>; and the <a href=#concept-uu-update title=concept-uu-update>update
+ steps</a> being the same as setting the element's <code title=attr-hyperlink-href><a href=#attr-hyperlink-href>href</a></code>
+ content attribute to the new output value.</p>
</div>
<!--TOPIC:HTML-->
@@ -24759,12 +24744,10 @@
<!-- if we get to this point we know we can successfully parsed the URL, since this algorithm is
only used after fetching the resource in the steps above -->
-<!--CLEANUP-->
- <p>Otherwise, if applying the <a href=#url-parser>URL parser</a> algorithm to the
- <a href=#url>URL</a> of the specified resource (after any redirects) results in a <a href=#parsed-url>parsed URL</a>
- whose <a href=#concept-url-path title=concept-url-path>path</a> component matches a pattern that a
- <a href=#plugin>plugin</a> supports, then the <a href=#concept-embed-type title=concept-embed-type>content's type</a> is
- the type that that plugin can handle.</p>
+ <p>Otherwise, if applying the <a href=#url-parser>URL parser</a> algorithm to the <a href=#url>URL</a> of the
+ specified resource (after any redirects) results in a <a href=#parsed-url>parsed URL</a> whose <a href=#concept-url-path title=concept-url-path>path</a> component matches a pattern that a <a href=#plugin>plugin</a>
+ supports, then the <a href=#concept-embed-type title=concept-embed-type>content's type</a> is the type that that
+ plugin can handle.</p>
<p class=example>For example, a plugin might say that it can handle resources with <a href=#concept-url-path title=concept-url-path>path</a> components that end with the four character string "<code title="">.swf</code>".</p>
@@ -25295,10 +25278,8 @@
<!-- if we get to this point we know we can successfully parsed the URL, since this
algorithm is only used after fetching the resource in the steps above -->
-<!--CLEANUP-->
- <p>If applying the <a href=#url-parser>URL parser</a> algorithm to the
- <a href=#url>URL</a> of the specified resource (after any redirects) results in a <a href=#parsed-url>parsed URL</a>
- whose <a href=#concept-url-path title=concept-url-path>path</a> component matches a pattern that a <a href=#plugin>plugin</a>
+ <p>If applying the <a href=#url-parser>URL parser</a> algorithm to the <a href=#url>URL</a> of the
+ specified resource (after any redirects) results in a <a href=#parsed-url>parsed URL</a> whose <a href=#concept-url-path title=concept-url-path>path</a> component matches a pattern that a <a href=#plugin>plugin</a>
supports, then let <var title="">resource type</var> be the type that that plugin can
handle.</p>
@@ -54973,36 +54954,32 @@
</div>
-<!--CLEANUP-->
<div class=impl>
<h5 id=form-submission-algorithm><span class=secno>4.10.22.3 </span>Form submission algorithm</h5>
- <p>When a <code><a href=#the-form-element>form</a></code> element <var title="">form</var> is <dfn id=concept-form-submit title=concept-form-submit>submitted</dfn> from an element <var title="">submitter</var> (typically a button), optionally with a
- <var title="">submitted from <code title=dom-form-submit><a href=#dom-form-submit>submit()</a></code> method</var> flag set, the
- user agent must run the following steps:</p>
+ <p>When a <code><a href=#the-form-element>form</a></code> element <var title="">form</var> is <dfn id=concept-form-submit title=concept-form-submit>submitted</dfn> from an element <var title="">submitter</var>
+ (typically a button), optionally with a <var title="">submitted from <code title=dom-form-submit><a href=#dom-form-submit>submit()</a></code> method</var> flag set, the user agent must run the
+ following steps:</p>
- <ol><li><p>Let <var title="">form document</var> be the <var title="">form</var>'s <code><a href=#document>Document</a></code>.</li>
+ <ol><li><p>Let <var title="">form document</var> be the <var title="">form</var>'s
+ <code><a href=#document>Document</a></code>.</li>
- <li id=sandboxSubmitBlocked><p>If <var title="">form
- document</var> has no associated <a href=#browsing-context>browsing context</a> or
- its <a href=#active-sandboxing-flag-set>active sandboxing flag set</a> has its
- <a href=#sandboxed-forms-browsing-context-flag>sandboxed forms browsing context flag</a> set, then abort
- these steps without doing anything.</li>
+ <li id=sandboxSubmitBlocked><p>If <var title="">form document</var> has no associated
+ <a href=#browsing-context>browsing context</a> or its <a href=#active-sandboxing-flag-set>active sandboxing flag set</a> has its
+ <a href=#sandboxed-forms-browsing-context-flag>sandboxed forms browsing context flag</a> set, then abort these steps without doing
+ anything.</li>
- <li><p>Let <var title="">form browsing context</var> be the
- <a href=#browsing-context>browsing context</a> of <var title="">form
- document</var>.</li>
+ <li><p>Let <var title="">form browsing context</var> be the <a href=#browsing-context>browsing context</a> of <var title="">form document</var>.</li>
<!-- lock (all the following steps are skipped if called from submit() - see unlock step below) -->
- <li><p>If the <var title="">submitted from <code title=dom-form-submit><a href=#dom-form-submit>submit()</a></code> method</var> flag is not
- set, and the <var title="">submitter</var> element's <a href=#concept-fs-novalidate title=concept-fs-novalidate>no-validate state</a> is false,
- then <a href=#interactively-validate-the-constraints>interactively validate the constraints</a> of <var title="">form</var> and examine the result: if the result is
- negative (the constraint validation concluded that there were
- invalid fields and probably informed the user of this) then abort
- these steps.</li>
+ <li><p>If the <var title="">submitted from <code title=dom-form-submit><a href=#dom-form-submit>submit()</a></code>
+ method</var> flag is not set, and the <var title="">submitter</var> element's <a href=#concept-fs-novalidate title=concept-fs-novalidate>no-validate state</a> is false, then <a href=#interactively-validate-the-constraints>interactively
+ validate the constraints</a> of <var title="">form</var> and examine the result: if the result
+ is negative (the constraint validation concluded that there were invalid fields and probably
+ informed the user of this) then abort these steps.</li>
<li><p>If the <var title="">submitted from <code title=dom-form-submit><a href=#dom-form-submit>submit()</a></code>
method</var> flag is not set, then <a href=#fire-a-simple-event>fire a simple event</a> that bubbles and is
@@ -55010,43 +54987,40 @@
event's default action is prevented (i.e. if the event is canceled) then abort these steps.
Otherwise, continue (effectively the default action is to perform the submission).</li>
- <!-- if you add any steps between the "lock" and "unlock" lines,
- make sure to update the step immediately before the "lock" line -->
+ <!-- if you add any steps between the "lock" and "unlock" lines, make sure to update the step
+ immediately before the "lock" line -->
<!-- unlock -->
- <li><p>Let <var title="">form data set</var> be the result of
- <a href=#constructing-the-form-data-set>constructing the form data set</a> for <var title="">form</var> in the context of <var title="">submitter</var>.</li>
+ <li><p>Let <var title="">form data set</var> be the result of <a href=#constructing-the-form-data-set>constructing the form data
+ set</a> for <var title="">form</var> in the context of <var title="">submitter</var>.</li>
<li><p>Let <var title="">action</var> be the <var title="">submitter</var> element's <a href=#concept-fs-action title=concept-fs-action>action</a>.</li>
<li>
- <p>If <var title="">action</var> is the empty string, let <var title="">action</var> be <a href="#the-document's-address">the document's address</a> of
- the <var title="">form document</var>.</p>
+ <p>If <var title="">action</var> is the empty string, let <var title="">action</var> be
+ <a href="#the-document's-address">the document's address</a> of the <var title="">form document</var>.</p>
- <!-- Don't ask me why. But that's what IE does. It even treats
- action="" differently from action=" " or action="#" (the latter
- two resolve to the base URL, the first one resolves to the doc
- URL). And other browsers concur. It is even required, see e.g.
+ <!-- Don't ask me why. But that's what IE does. It even treats action="" differently from
+ action=" " or action="#" (the latter two resolve to the base URL, the first one resolves to the
+ doc URL). And other browsers concur. It is even required, see e.g.
http://bugs.webkit.org/show_bug.cgi?id=7763
https://bugzilla.mozilla.org/show_bug.cgi?id=297761
-->
</li>
- <li><p><a href=#resolve-a-url title="resolve a url">Resolve</a> the
- <a href=#url>URL</a> <var title="">action</var>, relative to the <var title="">submitter</var> element. If this fails, abort these
- steps.</li>
+ <li><p><a href=#resolve-a-url title="resolve a url">Resolve</a> the <a href=#url>URL</a> <var title="">action</var>, relative to the <var title="">submitter</var> element. If this fails,
+ abort these steps.</li>
- <li><p>Let <var title="">action</var> be the resulting
- <a href=#absolute-url>absolute URL</a>.</li>
+ <li><p>Let <var title="">action</var> be the resulting <a href=#absolute-url>absolute URL</a>.</li>
<li><p>Let <var title="">action components</var> be the resulting <a href=#parsed-url>parsed
URL</a>.</li>
- <li><p>Let <var title="">scheme</var> be the <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> of the resulting
- <a href=#parsed-url>parsed URL</a>.</li>
+ <li><p>Let <var title="">scheme</var> be the <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> of
+ the resulting <a href=#parsed-url>parsed URL</a>.</li>
<li><p>Let <var title="">enctype</var> be the <var title="">submitter</var> element's <a href=#concept-fs-enctype title=concept-fs-enctype>enctype</a>.</li>
@@ -55054,13 +55028,12 @@
<li><p>Let <var title="">target</var> be the <var title="">submitter</var> element's <a href=#concept-fs-target title=concept-fs-target>target</a>.</li>
- <li><p>If the user indicated a specific <a href=#browsing-context>browsing
- context</a> to use when submitting the form, then let <var title="">target browsing context</var> be that <a href=#browsing-context>browsing
- context</a>. Otherwise, apply <a href=#the-rules-for-choosing-a-browsing-context-given-a-browsing-context-name>the rules for choosing a
- browsing context given a browsing context name</a> using <var title="">target</var> as the name and <var title="">form browsing
- context</var> as the context in which the algorithm is executed,
- and let <var title="">target browsing context</var> be the
- resulting <a href=#browsing-context>browsing context</a>.</li>
+ <li><p>If the user indicated a specific <a href=#browsing-context>browsing context</a> to use when submitting the
+ form, then let <var title="">target browsing context</var> be that <a href=#browsing-context>browsing context</a>.
+ Otherwise, apply <a href=#the-rules-for-choosing-a-browsing-context-given-a-browsing-context-name>the rules for choosing a browsing context given a browsing context
+ name</a> using <var title="">target</var> as the name and <var title="">form browsing
+ context</var> as the context in which the algorithm is executed, and let <var title="">target
+ browsing context</var> be the resulting <a href=#browsing-context>browsing context</a>.</li>
<li><p>If <var title="">target browsing context</var> was created in the previous step, or,
alternatively, if the <var title="">form document</var> has not yet <a href=#completely-loaded>completely
@@ -55070,14 +55043,12 @@
<li>
- <p>If the value of <var title="">method</var> is <a href=#attr-fs-method-dialog title=attr-fs-method-dialog>dialog</a> then jump to the <a href=#submit-dialog title=submit-dialog>submit dialog</a> steps.</p>
+ <p>If the value of <var title="">method</var> is <a href=#attr-fs-method-dialog title=attr-fs-method-dialog>dialog</a> then jump to the <a href=#submit-dialog title=submit-dialog>submit
+ dialog</a> steps.</p>
- <p>Otherwise, select the appropriate row in the table below based
- on the value of <var title="">scheme</var> as given by the first
- cell of each row. Then, select the appropriate cell on that row
- based on the value of <var title="">method</var> as given in the
- first cell of each column. Then, jump to the steps named in that
- cell and defined below the table.</p>
+ <p>Otherwise, select the appropriate row in the table below based on the value of <var title="">scheme</var> as given by the first cell of each row. Then, select the appropriate cell
+ on that row based on the value of <var title="">method</var> as given in the first cell of each
+ column. Then, jump to the steps named in that cell and defined below the table.</p>
<table><thead><tr><td>
<th> <a href=#attr-fs-method-get title=attr-fs-method-GET>GET</a>
@@ -55100,47 +55071,40 @@
<tr><th> <code title="">mailto</code>
<td> <a href=#submit-mailto-headers title=submit-mailto-headers>Mail with headers</a>
<td> <a href=#submit-mailto-body title=submit-mailto-body>Mail as body</a>
- </table><p>If <var title="">scheme</var> is not one of those listed in
- this table, then the behavior is not defined by this
- specification. User agents should, in the absence of another
- specification defining this, act in a manner analogous to that
- defined in this specification for similar schemes.</p>
+ </table><p>If <var title="">scheme</var> is not one of those listed in this table, then the behavior is
+ not defined by this specification. User agents should, in the absence of another specification
+ defining this, act in a manner analogous to that defined in this specification for similar
+ schemes.</p>
<p>The behaviors are as follows:</p>
<dl><dt><dfn id=submit-mutate-action title=submit-mutate-action>Mutate action URL</dfn>
<dd>
- <p>Let <var title="">query</var> be the result of encoding the
- <var title="">form data set</var> using the <a href=#application/x-www-form-urlencoded-encoding-algorithm><code title="">application/x-www-form-urlencoded</code> encoding
+ <p>Let <var title="">query</var> be the result of encoding the <var title="">form data
+ set</var> using the <a href=#application/x-www-form-urlencoded-encoding-algorithm><code title="">application/x-www-form-urlencoded</code> encoding
algorithm</a>, interpreted as a US-ASCII string.</p>
- <!-- by this point we've already tried to resolve the URL, so we
- know we can parse it -->
+ <!-- by this point we've already tried to resolve the URL, so we know we can parse it -->
<p>Set <var title="">parsed action</var>'s <a href=#concept-url-query title=concept-url-query>query</a>
component to <var title="">query</var>.</p>
- <p>Let <var title="">destination</var> be a new <a href=#url>URL</a>
- formed by applying the <a href=#url-serializer>URL serializer</a> algorithm to <var title="">parsed action</var>.</p>
+ <p>Let <var title="">destination</var> be a new <a href=#url>URL</a> formed by applying the
+ <a href=#url-serializer>URL serializer</a> algorithm to <var title="">parsed action</var>.</p>
- <p><a href=#navigate>Navigate</a><!--DONAV form--> <var title="">target
- browsing context</var> to <var title="">destination</var>. If
- <var title="">replace</var> is true, then <var title="">target
- browsing context</var> must be navigated with <a href=#replacement-enabled>replacement
- enabled</a>.</p>
+ <p><a href=#navigate>Navigate</a><!--DONAV form--> <var title="">target browsing context</var> to <var title="">destination</var>. If <var title="">replace</var> is true, then <var title="">target
+ browsing context</var> must be navigated with <a href=#replacement-enabled>replacement enabled</a>.</p>
</dd>
<dt><dfn id=submit-body title=submit-body>Submit as entity body</dfn>
<dd>
- <p>Let <var title="">entity body</var> be the result of encoding
- the <var title="">form data set</var> using the
- <a href=#appropriate-form-encoding-algorithm>appropriate form encoding algorithm</a>.</p>
+ <p>Let <var title="">entity body</var> be the result of encoding the <var title="">form data
+ set</var> using the <a href=#appropriate-form-encoding-algorithm>appropriate form encoding algorithm</a>.</p>
- <p>Let <var title="">MIME type</var> be determined as
- follows:</p>
+ <p>Let <var title="">MIME type</var> be determined as follows:</p>
<dl><dt>If <var title="">enctype</var> is <code title=attr-fs-enctype-urlencoded><a href=#attr-fs-enctype-urlencoded>application/x-www-form-urlencoded</a></code></dt>
@@ -55148,25 +55112,20 @@
<dt>If <var title="">enctype</var> is <code title=attr-fs-enctype-formdata><a href=#attr-fs-enctype-formdata>multipart/form-data</a></code></dt>
- <dd>Let <var title="">MIME type</var> be the concatenation of
- the string "<code title="">multipart/form-data;</code>", a
- U+0020 SPACE character, the string "<code title="">boundary=</code>", and the <a href=#multipart/form-data-boundary-string><code title="">multipart/form-data</code> boundary string</a>
- generated by the <a href=#multipart/form-data-encoding-algorithm><code title="">multipart/form-data</code> encoding
+ <dd>Let <var title="">MIME type</var> be the concatenation of the string "<code title="">multipart/form-data;</code>", a U+0020 SPACE character, the string "<code title="">boundary=</code>", and the <a href=#multipart/form-data-boundary-string><code title="">multipart/form-data</code> boundary
+ string</a> generated by the <a href=#multipart/form-data-encoding-algorithm><code title="">multipart/form-data</code> encoding
algorithm</a>.</dd>
<dt>If <var title="">enctype</var> is <code title=attr-fs-enctype-text><a href=#attr-fs-enctype-text>text/plain</a></code></dt>
<dd>Let <var title="">MIME type</var> be "<code title="">text/plain</code>".</dd>
- </dl><!--<p>If <var title="">method</var> is anything but (GET or)
- POST, and the <span>origin</span> of <var title="">action</var>
- is not the <span>same origin</span> as that of <var
- title="">form document</var>, then abort these steps.</p> [or do
- CORS] (this is commented out since only POST can trigger this
- now, and that's historically unrestricted)--><p>Otherwise, <a href=#navigate>navigate</a><!--DONAV form--> <var title="">target browsing context</var> to <var title="">action</var> using the HTTP method given by <var title="">method</var> and with <var title="">entity body</var>
- as the entity body, of type <var title="">MIME type</var>. If
- <var title="">replace</var> is true, then <var title="">target
- browsing context</var> must be navigated with <a href=#replacement-enabled>replacement
+ </dl><!--<p>If <var title="">method</var> is anything but (GET or) POST, and the
+ <span>origin</span> of <var title="">action</var> is not the <span>same origin</span> as that
+ of <var title="">form document</var>, then abort these steps.</p> [or do CORS] (this is
+ commented out since only POST can trigger this now, and that's historically unrestricted)--><p>Otherwise, <a href=#navigate>navigate</a><!--DONAV form--> <var title="">target browsing
+ context</var> to <var title="">action</var> using the HTTP method given by <var title="">method</var> and with <var title="">entity body</var> as the entity body, of type
+ <var title="">MIME type</var>. If <var title="">replace</var> is true, then <var title="">target browsing context</var> must be navigated with <a href=#replacement-enabled>replacement
enabled</a>.</p>
</dd>
@@ -55174,10 +55133,8 @@
<dt><dfn id=submit-get-action title=submit-get-action>Get action URL</dfn>
<dd>
- <p><a href=#navigate>Navigate</a><!--DONAV form--> <var title="">target
- browsing context</var> to <var title="">action</var>. If <var title="">replace</var> is true, then <var title="">target
- browsing context</var> must be navigated with <a href=#replacement-enabled>replacement
- enabled</a>.</p>
+ <p><a href=#navigate>Navigate</a><!--DONAV form--> <var title="">target browsing context</var> to <var title="">action</var>. If <var title="">replace</var> is true, then <var title="">target
+ browsing context</var> must be navigated with <a href=#replacement-enabled>replacement enabled</a>.</p>
<p class=note>The <var title="">form data set</var> is discarded.</p>
@@ -55186,29 +55143,25 @@
<dt><dfn id=submit-data-post title=submit-data-post>Post to data:</dfn>
<dd>
- <p>Let <var title="">data</var> be the result of encoding the
- <var title="">form data set</var> using the <a href=#appropriate-form-encoding-algorithm>appropriate
- form encoding algorithm</a>.</p>
+ <p>Let <var title="">data</var> be the result of encoding the <var title="">form data
+ set</var> using the <a href=#appropriate-form-encoding-algorithm>appropriate form encoding algorithm</a>.</p>
- <p>If <var title="">action</var> contains the string "<code title="">%%%%</code>" (four U+0025 PERCENT SIGN characters),
- then <a href=#percent-encode>percent encode</a> all bytes in <var title="">data</var> that, if
- interpreted as US-ASCII, are not characters in the URL <a href=#default-encode-set>default encode set</a>,
- and then, treating the result as a US-ASCII string,
+ <p>If <var title="">action</var> contains the string "<code title="">%%%%</code>" (four U+0025
+ PERCENT SIGN characters), then <a href=#percent-encode>percent encode</a> all bytes in <var title="">data</var> that, if interpreted as US-ASCII, are not characters in the URL
+ <a href=#default-encode-set>default encode set</a>, and then, treating the result as a US-ASCII string,
<a href=#utf-8-percent-encode>UTF-8 percent encode</a> all the U+0025 PERCENT SIGN characters in the resulting
- string and replace the first occurrence of "<code title="">%%%%</code>" in <var title="">action</var> with the
- resulting doubly-escaped string. <a href=#refsURL>[URL]</a></p>
+ string and replace the first occurrence of "<code title="">%%%%</code>" in <var title="">action</var> with the resulting doubly-escaped string. <a href=#refsURL>[URL]</a></p>
- <p>Otherwise, if <var title="">action</var> contains the string
- "<code title="">%%</code>" (two U+0025 PERCENT SIGN characters
- in a row, but not four), then <a href=#utf-8-percent-encode>UTF-8 percent encode</a> all characters in <var title="">data</var> that, if interpreted as US-ASCII,
- are not characters in the URL <a href=#default-encode-set>default encode set</a>, and then, treating the result as a US-ASCII
- string, replace the first occurrence of "<code title="">%%</code>" in <var title="">action</var> with the
- resulting escaped string. <a href=#refsURL>[URL]</a></p>
+ <p>Otherwise, if <var title="">action</var> contains the string "<code title="">%%</code>"
+ (two U+0025 PERCENT SIGN characters in a row, but not four), then <a href=#utf-8-percent-encode>UTF-8 percent
+ encode</a> all characters in <var title="">data</var> that, if interpreted as US-ASCII, are
+ not characters in the URL <a href=#default-encode-set>default encode set</a>, and then, treating the result as a
+ US-ASCII string, replace the first occurrence of "<code title="">%%</code>" in <var title="">action</var> with the resulting escaped string. <a href=#refsURL>[URL]</a></p>
- <p><a href=#navigate>Navigate</a><!--DONAV form--> <var title="">target
- browsing context</var> to the potentially modified <var title="">action</var> (which will be a <a href=#data-protocol title="data
- protocol"><code title="">data:</code> URL</a>). If <var title="">replace</var> is true, then <var title="">target
- browsing context</var> must be navigated with <a href=#replacement-enabled>replacement
+ <p><a href=#navigate>Navigate</a><!--DONAV form--> <var title="">target browsing context</var> to the
+ potentially modified <var title="">action</var> (which will be a <a href=#data-protocol title="data
+ protocol"><code title="">data:</code> URL</a>). If <var title="">replace</var> is true,
+ then <var title="">target browsing context</var> must be navigated with <a href=#replacement-enabled>replacement
enabled</a>.</p>
</dd>
@@ -55216,57 +55169,46 @@
<dt><dfn id=submit-mailto-headers title=submit-mailto-headers>Mail with headers</dfn>
<dd>
- <p>Let <var title="">headers</var> be the resulting encoding the
- <var title="">form data set</var> using the <a href=#application/x-www-form-urlencoded-encoding-algorithm><code title="">application/x-www-form-urlencoded</code> encoding
+ <p>Let <var title="">headers</var> be the resulting encoding the <var title="">form data
+ set</var> using the <a href=#application/x-www-form-urlencoded-encoding-algorithm><code title="">application/x-www-form-urlencoded</code> encoding
algorithm</a>, interpreted as a US-ASCII string.</p>
- <p>Replace occurrences of U+002B PLUS SIGN characters (+) in
- <var title="">headers</var> with the string "<code title="">%20</code>".</p>
+ <p>Replace occurrences of U+002B PLUS SIGN characters (+) in <var title="">headers</var> with
+ the string "<code title="">%20</code>".</p>
- <p>Let <var title="">destination</var> consist of all the
- characters from the first character in <var title="">action</var> to the character immediately before the
- first U+003F QUESTION MARK character (?), if any, or the end of
- the string if there are none.</p>
+ <p>Let <var title="">destination</var> consist of all the characters from the first character
+ in <var title="">action</var> to the character immediately before the first U+003F QUESTION
+ MARK character (?), if any, or the end of the string if there are none.</p>
<p>Append a single U+003F QUESTION MARK character (?) to <var title="">destination</var>.</p>
<p>Append <var title="">headers</var> to <var title="">destination</var>.</p>
- <p><a href=#navigate>Navigate</a><!--DONAV form--> <var title="">target
- browsing context</var> to <var title="">destination</var>. If
- <var title="">replace</var> is true, then <var title="">target
- browsing context</var> must be navigated with <a href=#replacement-enabled>replacement
- enabled</a>.</p>
+ <p><a href=#navigate>Navigate</a><!--DONAV form--> <var title="">target browsing context</var> to <var title="">destination</var>. If <var title="">replace</var> is true, then <var title="">target
+ browsing context</var> must be navigated with <a href=#replacement-enabled>replacement enabled</a>.</p>
</dd>
<dt><dfn id=submit-mailto-body title=submit-mailto-body>Mail as body</dfn>
<dd>
- <p>Let <var title="">body</var> be the resulting of encoding the
- <var title="">form data set</var> using the <a href=#appropriate-form-encoding-algorithm>appropriate
- form encoding algorithm</a> and then <a href=#percent-encode title="percent encode">percent encoding</a> all the bytes
- in the resulting byte string that, when interpreted as US-ASCII,
- are not characters in the URL <a href=#default-encode-set>default encode set</a>. <a href=#refsURL>[URL]</a></p>
+ <p>Let <var title="">body</var> be the resulting of encoding the <var title="">form data
+ set</var> using the <a href=#appropriate-form-encoding-algorithm>appropriate form encoding algorithm</a> and then <a href=#percent-encode title="percent encode">percent encoding</a> all the bytes in the resulting byte string
+ that, when interpreted as US-ASCII, are not characters in the URL <a href=#default-encode-set>default encode
+ set</a>. <a href=#refsURL>[URL]</a></p>
- <p>Let <var title="">destination</var> have the same value as
- <var title="">action</var>.</p>
+ <p>Let <var title="">destination</var> have the same value as <var title="">action</var>.</p>
- <p>If <var title="">destination</var> does not contain a U+003F
- QUESTION MARK character (?), append a single U+003F QUESTION
- MARK character (?) to <var title="">destination</var>. Otherwise, append a single U+0026
- AMPERSAND character (&).</p>
+ <p>If <var title="">destination</var> does not contain a U+003F QUESTION MARK character (?),
+ append a single U+003F QUESTION MARK character (?) to <var title="">destination</var>.
+ Otherwise, append a single U+0026 AMPERSAND character (&).</p>
<p>Append the string "<code title="">body=</code>" to <var title="">destination</var>.</p>
- <p>Append <var title="">body</var>, interpreted as a US-ASCII
- string, to <var title="">destination</var>.</p>
+ <p>Append <var title="">body</var>, interpreted as a US-ASCII string, to <var title="">destination</var>.</p>
- <p><a href=#navigate>Navigate</a><!--DONAV form--> <var title="">target
- browsing context</var> to <var title="">destination</var>. If
- <var title="">replace</var> is true, then <var title="">target
- browsing context</var> must be navigated with <a href=#replacement-enabled>replacement
- enabled</a>.</p>
+ <p><a href=#navigate>Navigate</a><!--DONAV form--> <var title="">target browsing context</var> to <var title="">destination</var>. If <var title="">replace</var> is true, then <var title="">target
+ browsing context</var> must be navigated with <a href=#replacement-enabled>replacement enabled</a>.</p>
</dd>
@@ -55274,12 +55216,9 @@
<dt><dfn id=submit-dialog title=submit-dialog>Submit dialog</dfn>
<dd>
- <p>Let <var title="">dialog</var> be the nearest ancestor
- <code><a href=#the-dialog-element>dialog</a></code> element of <var title="">form</var>, if
- any.</p>
+ <p>Let <var title="">dialog</var> be the nearest ancestor <code><a href=#the-dialog-element>dialog</a></code> element of <var title="">form</var>, if any.</p>
- <p>If there isn't one, do nothing. Otherwise, proceed as
- follows:</p>
+ <p>If there isn't one, do nothing. Otherwise, proceed as follows:</p>
<p>If <var title="">submitter</var> is an <code><a href=#the-input-element>input</a></code> element whose <code title=attr-input-type><a href=#attr-input-type>type</a></code> attribute is in the <a href="#image-button-state-(type=image)" title=attr-input-type-image>Image Button</a> state, then let <var title="">result</var>
be the string formed by concatenating the <a href=#concept-input-type-image-coordinate title=concept-input-type-image-coordinate>selected coordinate</a>'s <var title="">x</var>-component, expressed as a base-ten number using <a href=#ascii-digits>ASCII digits</a>, a
@@ -55290,8 +55229,7 @@
<p>Otherwise, there is no <var title="">result</var>.</p>
- <p>Then, <a href=#close-the-dialog>close the dialog</a> <var title="">dialog</var>. If there is a <var title="">result</var>,
- let that be the return value.</p>
+ <p>Then, <a href=#close-the-dialog>close the dialog</a> <var title="">dialog</var>. If there is a <var title="">result</var>, let that be the return value.</p>
</dd>
@@ -55305,189 +55243,148 @@
<dt>If <var title="">enctype</var> is <code title=attr-fs-enctype-formdata><a href=#attr-fs-enctype-formdata>multipart/form-data</a></code></dt>
- <dd>Use the <a href=#multipart/form-data-encoding-algorithm><code title="">multipart/form-data</code> encoding
- algorithm</a>.</dd>
+ <dd>Use the <a href=#multipart/form-data-encoding-algorithm><code title="">multipart/form-data</code> encoding algorithm</a>.</dd>
<dt>If <var title="">enctype</var> is <code title=attr-fs-enctype-text><a href=#attr-fs-enctype-text>text/plain</a></code></dt>
- <dd>Use the <a href=#text/plain-encoding-algorithm><code title="">text/plain</code> encoding
- algorithm</a>.</dd>
+ <dd>Use the <a href=#text/plain-encoding-algorithm><code title="">text/plain</code> encoding algorithm</a>.</dd>
</dl></li>
</ol><h5 id=constructing-form-data-set><span class=secno>4.10.22.4 </span>Constructing the form data set</h5>
- <p>The algorithm to <dfn id=constructing-the-form-data-set title="constructing the form data
- set">construct the form data set</dfn> for a form <var title="">form</var> optionally in the context of a submitter <var title="">submitter</var> is as follows. If not specified otherwise,
- <var title="">submitter</var> is null.</p>
+ <p>The algorithm to <dfn id=constructing-the-form-data-set title="constructing the form data set">construct the form data set</dfn>
+ for a form <var title="">form</var> optionally in the context of a submitter <var title="">submitter</var> is as follows. If not specified otherwise, <var title="">submitter</var>
+ is null.</p>
- <ol><li><p>Let <var title="">controls</var> be a list of all the <a href=#category-submit title=category-submit>submittable elements</a> whose
- <a href=#form-owner>form owner</a> is <var title="">form</var>, in <a href=#tree-order>tree
- order</a>.</li>
+ <ol><li><p>Let <var title="">controls</var> be a list of all the <a href=#category-submit title=category-submit>submittable elements</a> whose <a href=#form-owner>form owner</a> is <var title="">form</var>, in <a href=#tree-order>tree order</a>.</li>
- <li><p>Let the <var title="">form data set</var> be a list of
- name-value-type tuples, initially empty.</li>
+ <li><p>Let the <var title="">form data set</var> be a list of name-value-type tuples, initially
+ empty.</li>
<li>
- <p><i>Loop</i>: For each element <var title="">field</var> in <var title="">controls</var>, in <a href=#tree-order>tree order</a>, run the
- following substeps:</p>
+ <p><i>Loop</i>: For each element <var title="">field</var> in <var title="">controls</var>, in
+ <a href=#tree-order>tree order</a>, run the following substeps:</p>
<ol><li>
- <p>If any of the following conditions are met, then skip these
- substeps for this element:</p>
+ <p>If any of the following conditions are met, then skip these substeps for this element:</p>
- <ul><li>The <var title="">field</var> element has a
- <code><a href=#the-datalist-element>datalist</a></code> element ancestor.</li>
+ <ul><li>The <var title="">field</var> element has a <code><a href=#the-datalist-element>datalist</a></code> element ancestor.</li>
<li>The <var title="">field</var> element is <a href=#concept-fe-disabled title=concept-fe-disabled>disabled</a>.</li>
- <li>The <var title="">field</var> element is a <a href=#concept-button title=concept-button>button</a> but it is not <var title="">submitter</var>.</li>
+ <li>The <var title="">field</var> element is a <a href=#concept-button title=concept-button>button</a> but
+ it is not <var title="">submitter</var>.</li>
- <li>The <var title="">field</var> element is an
- <code><a href=#the-input-element>input</a></code> element whose <code title=attr-input-type><a href=#attr-input-type>type</a></code> attribute is in the <a href="#checkbox-state-(type=checkbox)" title=attr-input-type-checkbox>Checkbox</a> state and
- whose <a href=#concept-fe-checked title=concept-fe-checked>checkedness</a> is
- false.</li>
+ <li>The <var title="">field</var> element is an <code><a href=#the-input-element>input</a></code> element whose <code title=attr-input-type><a href=#attr-input-type>type</a></code> attribute is in the <a href="#checkbox-state-(type=checkbox)" title=attr-input-type-checkbox>Checkbox</a> state and whose <a href=#concept-fe-checked title=concept-fe-checked>checkedness</a> is false.</li>
- <li>The <var title="">field</var> element is an
- <code><a href=#the-input-element>input</a></code> element whose <code title=attr-input-type><a href=#attr-input-type>type</a></code> attribute is in the <a href="#radio-button-state-(type=radio)" title=attr-input-type-radio>Radio Button</a> state and
- whose <a href=#concept-fe-checked title=concept-fe-checked>checkedness</a> is
- false.</li>
+ <li>The <var title="">field</var> element is an <code><a href=#the-input-element>input</a></code> element whose <code title=attr-input-type><a href=#attr-input-type>type</a></code> attribute is in the <a href="#radio-button-state-(type=radio)" title=attr-input-type-radio>Radio Button</a> state and whose <a href=#concept-fe-checked title=concept-fe-checked>checkedness</a> is false.</li>
- <li>The <var title="">field</var> element is not an
- <code><a href=#the-input-element>input</a></code> element whose <code title=attr-input-type><a href=#attr-input-type>type</a></code> attribute is in the <a href="#image-button-state-(type=image)" title=attr-input-type-image>Image Button</a> state, and
- either the <var title="">field</var> element does not have a
- <code title=attr-fe-name><a href=#attr-fe-name>name</a></code> attribute specified, or
- its <code title=attr-fe-name><a href=#attr-fe-name>name</a></code> attribute's value is
- the empty string.</li>
+ <li>The <var title="">field</var> element is not an <code><a href=#the-input-element>input</a></code> element whose <code title=attr-input-type><a href=#attr-input-type>type</a></code> attribute is in the <a href="#image-button-state-(type=image)" title=attr-input-type-image>Image Button</a> state, and either the <var title="">field</var> element does not have a <code title=attr-fe-name><a href=#attr-fe-name>name</a></code> attribute
+ specified, or its <code title=attr-fe-name><a href=#attr-fe-name>name</a></code> attribute's value is the empty
+ string.</li>
- <li>The <var title="">field</var> element is an
- <code><a href=#the-object-element>object</a></code> element that is not using a
- <a href=#plugin>plugin</a>.</li>
+ <li>The <var title="">field</var> element is an <code><a href=#the-object-element>object</a></code> element that is not using
+ a <a href=#plugin>plugin</a>.</li>
</ul><p>Otherwise, process <var title="">field</var> as follows:</p>
</li>
- <li><p>Let <var title="">type</var> be the value of the <code title="">type</code> IDL attribute of <var title="">field</var>.</li> <!-- if the field is an <object>
- element, this will get ignored. -->
+ <li><p>Let <var title="">type</var> be the value of the <code title="">type</code> IDL
+ attribute of <var title="">field</var>.</li> <!-- if the field is an <object> element, this
+ will get ignored. -->
<li>
- <p>If the <var title="">field</var> element is an
- <code><a href=#the-input-element>input</a></code> element whose <code title=attr-input-type><a href=#attr-input-type>type</a></code> attribute is in the <a href="#image-button-state-(type=image)" title=attr-input-type-image>Image Button</a> state,
- then run these further nested substeps:</p>
+ <p>If the <var title="">field</var> element is an <code><a href=#the-input-element>input</a></code> element whose <code title=attr-input-type><a href=#attr-input-type>type</a></code> attribute is in the <a href="#image-button-state-(type=image)" title=attr-input-type-image>Image Button</a> state, then run these further nested
+ substeps:</p>
- <ol><li><p>If the <var title="">field</var> element has a <code title=attr-fe-name><a href=#attr-fe-name>name</a></code> attribute specified and its
- value is not the empty string, let <var title="">name</var> be
- that value followed by a single U+002E FULL STOP character (.).
- Otherwise, let <var title="">name</var> be the empty
- string.</li>
+ <ol><li><p>If the <var title="">field</var> element has a <code title=attr-fe-name><a href=#attr-fe-name>name</a></code>
+ attribute specified and its value is not the empty string, let <var title="">name</var> be
+ that value followed by a single U+002E FULL STOP character (.). Otherwise, let <var title="">name</var> be the empty string.</li>
- <li><p>Let <var title="">name<sub title="">x</sub></var> be the
- string consisting of the concatenation of <var title="">name</var> and a single U+0078 LATIN SMALL LETTER X
- character (x).</li>
+ <li><p>Let <var title="">name<sub title="">x</sub></var> be the string consisting of the
+ concatenation of <var title="">name</var> and a single U+0078 LATIN SMALL LETTER X character
+ (x).</li>
- <li><p>Let <var title="">name<sub title="">y</sub></var> be the
- string consisting of the concatenation of <var title="">name</var> and a single U+0079 LATIN SMALL LETTER Y
- character (y).</li>
+ <li><p>Let <var title="">name<sub title="">y</sub></var> be the string consisting of the
+ concatenation of <var title="">name</var> and a single U+0079 LATIN SMALL LETTER Y character
+ (y).</li>
- <li><p>The <var title="">field</var> element is <var title="">submitter</var>, and before this algorithm was invoked
- the user <a href=#concept-input-type-image-coordinate title=concept-input-type-image-coordinate>indicated a
- coordinate</a>. Let <var title="">x</var> be the <var title="">x</var>-component of the coordinate selected by the
- user, and let <var title="">y</var> be the <var title="">y</var>-component of the coordinate selected by the
- user.</li>
+ <li><p>The <var title="">field</var> element is <var title="">submitter</var>, and before
+ this algorithm was invoked the user <a href=#concept-input-type-image-coordinate title=concept-input-type-image-coordinate>indicated a coordinate</a>. Let <var title="">x</var> be the <var title="">x</var>-component of the coordinate selected by the
+ user, and let <var title="">y</var> be the <var title="">y</var>-component of the coordinate
+ selected by the user.</li>
- <li><p>Append an entry to the <var title="">form data set</var>
- with the name <var title="">name<sub title="">x</sub></var>,
- the value <var title="">x</var>, and the type <var title="">type</var>.</li>
+ <li><p>Append an entry to the <var title="">form data set</var> with the name <var title="">name<sub title="">x</sub></var>, the value <var title="">x</var>, and the type <var title="">type</var>.</li>
- <li><p>Append an entry to the <var title="">form data set</var>
- with the name <var title="">name<sub title="">y</sub></var> and
- the value <var title="">y</var>, and the type <var title="">type</var>.</li>
+ <li><p>Append an entry to the <var title="">form data set</var> with the name <var title="">name<sub title="">y</sub></var> and the value <var title="">y</var>, and the type
+ <var title="">type</var>.</li>
- <li><p>Skip the remaining substeps for this element: if there
- are any more elements in <var title="">controls</var>, return
- to the top of the <i>loop</i> step, otherwise, jump to the
+ <li><p>Skip the remaining substeps for this element: if there are any more elements in <var title="">controls</var>, return to the top of the <i>loop</i> step, otherwise, jump to the
<i>end</i> step below.</li>
</ol></li>
- <li><p>Let <var title="">name</var> be the value of the <var title="">field</var> element's <code title=attr-fe-name><a href=#attr-fe-name>name</a></code> attribute.</li>
+ <li><p>Let <var title="">name</var> be the value of the <var title="">field</var> element's
+ <code title=attr-fe-name><a href=#attr-fe-name>name</a></code> attribute.</li>
- <li><p>If the <var title="">field</var> element is a
- <code><a href=#the-select-element>select</a></code> element, then for each <code><a href=#the-option-element>option</a></code>
- element in the <code><a href=#the-select-element>select</a></code> element whose <a href=#concept-option-selectedness title=concept-option-selectedness>selectedness</a> is true and that is not <a href=#concept-option-disabled title=concept-option-disabled>disabled</a>,
- append an entry to the <var title="">form data set</var> with the
- <var title="">name</var> as the name, the <a href=#concept-option-value title=concept-option-value>value</a> of the
- <code><a href=#the-option-element>option</a></code> element as the value, and <var title="">type</var> as the type.</li>
+ <li><p>If the <var title="">field</var> element is a <code><a href=#the-select-element>select</a></code> element, then for each
+ <code><a href=#the-option-element>option</a></code> element in the <code><a href=#the-select-element>select</a></code> element whose <a href=#concept-option-selectedness title=concept-option-selectedness>selectedness</a> is true and that is not <a href=#concept-option-disabled title=concept-option-disabled>disabled</a>, append an entry to the <var title="">form data
+ set</var> with the <var title="">name</var> as the name, the <a href=#concept-option-value title=concept-option-value>value</a> of the <code><a href=#the-option-element>option</a></code> element as the value, and
+ <var title="">type</var> as the type.</li>
<li>
- <p>Otherwise, if the <var title="">field</var> element is an
- <code><a href=#the-input-element>input</a></code> element whose <code title=attr-input-type><a href=#attr-input-type>type</a></code> attribute is in the <a href="#checkbox-state-(type=checkbox)" title=attr-input-type-checkbox>Checkbox</a> state or the
- <a href="#radio-button-state-(type=radio)" title=attr-input-type-radio>Radio Button</a> state,
- then run these further nested substeps:</p>
+ <p>Otherwise, if the <var title="">field</var> element is an <code><a href=#the-input-element>input</a></code> element whose
+ <code title=attr-input-type><a href=#attr-input-type>type</a></code> attribute is in the <a href="#checkbox-state-(type=checkbox)" title=attr-input-type-checkbox>Checkbox</a> state or the <a href="#radio-button-state-(type=radio)" title=attr-input-type-radio>Radio Button</a> state, then run these further nested
+ substeps:</p>
- <ol><li><p>If the <var title="">field</var> element has a <code title=attr-input-value><a href=#attr-input-value>value</a></code> attribute specified, then
- let <var title="">value</var> be the value of that attribute;
- otherwise, let <var title="">value</var> be the string
- "<code title="">on</code>".</li>
+ <ol><li><p>If the <var title="">field</var> element has a <code title=attr-input-value><a href=#attr-input-value>value</a></code> attribute specified, then let <var title="">value</var>
+ be the value of that attribute; otherwise, let <var title="">value</var> be the string "<code title="">on</code>".</li>
- <li><p>Append an entry to the <var title="">form data set</var>
- with <var title="">name</var> as the name, <var title="">value</var> as the value, and <var title="">type</var>
- as the type.</li>
+ <li><p>Append an entry to the <var title="">form data set</var> with <var title="">name</var>
+ as the name, <var title="">value</var> as the value, and <var title="">type</var> as the
+ type.</li>
</ol></li>
- <li><p>Otherwise, if the <var title="">field</var> element is an
- <code><a href=#the-input-element>input</a></code> element whose <code title=attr-input-type><a href=#attr-input-type>type</a></code> attribute is in the <a href="#file-upload-state-(type=file)" title=attr-input-type-file>File Upload</a> state, then for
- each file <a href=#concept-input-type-file-selected title=concept-input-type-file-selected>selected</a> in the
- <code><a href=#the-input-element>input</a></code> element, append an entry to the <var title="">form data set</var> with the <var title="">name</var> as
- the name, the file (consisting of the name, the type, and the
- body) as the value, and <var title="">type</var> as the type. If
- there are no <a href=#concept-input-type-file-selected title=concept-input-type-file-selected>selected files</a>,
- then append an entry to the <var title="">form data set</var>
- with the <var title="">name</var> as the name, the empty string
- as the value, and <code>application/octet-stream</code> as the
- type.</li>
- <!-- https://bugzilla.mozilla.org/show_bug.cgi?id=529859 -->
+ <li><p>Otherwise, if the <var title="">field</var> element is an <code><a href=#the-input-element>input</a></code> element
+ whose <code title=attr-input-type><a href=#attr-input-type>type</a></code> attribute is in the <a href="#file-upload-state-(type=file)" title=attr-input-type-file>File Upload</a> state, then for each file <a href=#concept-input-type-file-selected title=concept-input-type-file-selected>selected</a> in the <code><a href=#the-input-element>input</a></code> element,
+ append an entry to the <var title="">form data set</var> with the <var title="">name</var> as
+ the name, the file (consisting of the name, the type, and the body) as the value, and <var title="">type</var> as the type. If there are no <a href=#concept-input-type-file-selected title=concept-input-type-file-selected>selected files</a>, then append an entry to the
+ <var title="">form data set</var> with the <var title="">name</var> as the name, the empty
+ string as the value, and <code>application/octet-stream</code> as the type.</li> <!--
+ https://bugzilla.mozilla.org/show_bug.cgi?id=529859 -->
- <li><p>Otherwise, if the <var title="">field</var> element is an
- <code><a href=#the-object-element>object</a></code> element: try to obtain a form submission
- value from the <a href=#plugin>plugin</a><!-- using NPAPI's
- NPP_GetValue() entry point with the NPPVformValue variable -->,
- and if that is successful, append an entry to the <var title="">form data set</var> with <var title="">name</var> as the
- name, the returned form submission value as the value, and the
- string "<code title="">object</code>" as the type.</li>
+ <li><p>Otherwise, if the <var title="">field</var> element is an <code><a href=#the-object-element>object</a></code> element:
+ try to obtain a form submission value from the <a href=#plugin>plugin</a><!-- using NPAPI's
+ NPP_GetValue() entry point with the NPPVformValue variable -->, and if that is successful,
+ append an entry to the <var title="">form data set</var> with <var title="">name</var> as the
+ name, the returned form submission value as the value, and the string "<code title="">object</code>" as the type.</li>
- <li><p>Otherwise, append an entry to the <var title="">form data
- set</var> with <var title="">name</var> as the name, the <a href=#concept-fe-value title=concept-fe-value>value</a> of the <var title="">field</var> element as the value, and <var title="">type</var> as the type.</li>
+ <li><p>Otherwise, append an entry to the <var title="">form data set</var> with <var title="">name</var> as the name, the <a href=#concept-fe-value title=concept-fe-value>value</a> of the <var title="">field</var> element as the value, and <var title="">type</var> as the type.</li>
<li>
<p>If the element has a <code title=attr-fe-dirname><a href=#attr-fe-dirname>dirname</a></code> attribute, and that
- attribute's value is not the empty string, then run these
- substeps:</p>
+ attribute's value is not the empty string, then run these substeps:</p>
- <ol><li><p>Let <var title="">dirname</var> be the value of the
- element's <code title=attr-fe-dirname><a href=#attr-fe-dirname>dirname</a></code>
- attribute.</li>
+ <ol><li><p>Let <var title="">dirname</var> be the value of the element's <code title=attr-fe-dirname><a href=#attr-fe-dirname>dirname</a></code> attribute.</li>
- <li><p>Let <var title="">dir</var> be the string "<code title="">ltr</code>" if <a href=#the-directionality>the directionality</a> of the
- element is '<a href=#concept-ltr title=concept-ltr>ltr</a>', and "<code title="">rtl</code>" otherwise (i.e. when <a href=#the-directionality>the
- directionality</a> of the element is '<a href=#concept-rtl title=concept-rtl>rtl</a>').</li>
+ <li><p>Let <var title="">dir</var> be the string "<code title="">ltr</code>" if <a href=#the-directionality>the
+ directionality</a> of the element is '<a href=#concept-ltr title=concept-ltr>ltr</a>', and "<code title="">rtl</code>" otherwise (i.e. when <a href=#the-directionality>the directionality</a> of the element is
+ '<a href=#concept-rtl title=concept-rtl>rtl</a>').</li>
- <li><p>Append an entry to the <var title="">form data set</var>
- with <var title="">dirname</var> as the name, <var title="">dir</var> as the value, and the string "<code title="">direction</code>" as the type.</li>
+ <li><p>Append an entry to the <var title="">form data set</var> with <var title="">dirname</var> as the name, <var title="">dir</var> as the value, and the string
+ "<code title="">direction</code>" as the type.</li>
- </ol><p class=note>An element can only have a <code title=attr-fe-dirname><a href=#attr-fe-dirname>dirname</a></code> attribute if it is a
- <code><a href=#the-textarea-element>textarea</a></code> element or an <code><a href=#the-input-element>input</a></code> element
- whose <code title=attr-input-type><a href=#attr-input-type>type</a></code> attribute is in
- either the <a href="#text-(type=text)-state-and-search-state-(type=search)" title=attr-input-type-text>Text</a> state
- or the <a href="#text-(type=text)-state-and-search-state-(type=search)" title=attr-input-type-search>Search</a>
- state.</p>
+ </ol><p class=note>An element can only have a <code title=attr-fe-dirname><a href=#attr-fe-dirname>dirname</a></code>
+ attribute if it is a <code><a href=#the-textarea-element>textarea</a></code> element or an <code><a href=#the-input-element>input</a></code> element whose
+ <code title=attr-input-type><a href=#attr-input-type>type</a></code> attribute is in either the <a href="#text-(type=text)-state-and-search-state-(type=search)" title=attr-input-type-text>Text</a> state or the <a href="#text-(type=text)-state-and-search-state-(type=search)" title=attr-input-type-search>Search</a> state.</p>
</li>
@@ -55495,22 +55392,20 @@
<li>
- <p><i>End</i>: For the name of each entry in the <var title="">form data set</var>, and for the value of each entry in
- the <var title="">form data set</var> whose type is not "<code title="">file</code>" or "<code title="">textarea</code>", replace
- every occurrence of a U+000D CARRIAGE RETURN (CR) character not
- followed by a U+000A LINE FEED (LF) character, and every
- occurrence of a U+000A LINE FEED (LF) character not preceded by a
- U+000D CARRIAGE RETURN (CR) character, by a two-character string
- consisting of a U+000D CARRIAGE RETURN U+000A LINE FEED (CRLF)
- character pair.</p>
+ <p><i>End</i>: For the name of each entry in the <var title="">form data set</var>, and for the
+ value of each entry in the <var title="">form data set</var> whose type is not "<code title="">file</code>" or "<code title="">textarea</code>", replace every occurrence of a U+000D
+ CARRIAGE RETURN (CR) character not followed by a U+000A LINE FEED (LF) character, and every
+ occurrence of a U+000A LINE FEED (LF) character not preceded by a U+000D CARRIAGE RETURN (CR)
+ character, by a two-character string consisting of a U+000D CARRIAGE RETURN U+000A LINE FEED
+ (CRLF) character pair.</p>
- <p class=note>In the case of the <a href=#concept-fe-value title=concept-fe-value>value</a> of <code><a href=#the-textarea-element>textarea</a></code>
- elements, this newline normalization is already performed during
- the conversion of the control's <a href=#concept-textarea-raw-value title=concept-textarea-raw-value>raw value</a> into the
- control's <a href=#concept-fe-value title=concept-fe-value>value</a> (which also
- performs any necessary line wrapping). In the case of
- <code><a href=#the-input-element>input</a></code> elements <code title=attr-input-type><a href=#attr-input-type>type</a></code> attributes in the <a href="#file-upload-state-(type=file)" title=attr-input-type-file>File Upload</a> state, the value
- is not normalized.</p>
+ <p class=note>In the case of the <a href=#concept-fe-value title=concept-fe-value>value</a> of
+ <code><a href=#the-textarea-element>textarea</a></code> elements, this newline normalization is already performed during the
+ conversion of the control's <a href=#concept-textarea-raw-value title=concept-textarea-raw-value>raw value</a> into the
+ control's <a href=#concept-fe-value title=concept-fe-value>value</a> (which also performs any necessary line
+ wrapping). In the case of <code><a href=#the-input-element>input</a></code> elements <code title=attr-input-type><a href=#attr-input-type>type</a></code>
+ attributes in the <a href="#file-upload-state-(type=file)" title=attr-input-type-file>File Upload</a> state, the value is not
+ normalized.</p>
</li>
@@ -55563,19 +55458,16 @@
</ol><h5 id=url-encoded-form-data><span class=secno>4.10.22.6 </span>URL-encoded form data</h5>
- <p class=note>This form data set encoding is in many ways an
- aberrant monstrosity, the result of many years of implementation
- accidents and compromises leading to a set of requirements necessary
- for interoperability, but in no way representing good design
- practices. In particular, readers are cautioned to pay close
- attention to the twisted details involving repeated (and in some
- cases nested) conversions between character encodings and byte
- sequences.</p>
+ <p class=note>This form data set encoding is in many ways an aberrant monstrosity, the result of
+ many years of implementation accidents and compromises leading to a set of requirements necessary
+ for interoperability, but in no way representing good design practices. In particular, readers are
+ cautioned to pay close attention to the twisted details involving repeated (and in some cases
+ nested) conversions between character encodings and byte sequences.</p>
<div class=impl>
- <p>The <dfn id=application/x-www-form-urlencoded-encoding-algorithm><code title="">application/x-www-form-urlencoded</code> encoding
- algorithm</dfn> is as follows:</p>
+ <p>The <dfn id=application/x-www-form-urlencoded-encoding-algorithm><code title="">application/x-www-form-urlencoded</code> encoding algorithm</dfn> is as
+ follows:</p>
<ol><!-- the first few steps of this are the same as in the next section --><li><p>Let <var title="">result</var> be the empty string.</li>
@@ -55597,26 +55489,20 @@
<li>
- <p>For each entry in the <var title="">form data set</var>,
- perform these substeps:</p>
+ <p>For each entry in the <var title="">form data set</var>, perform these substeps:</p>
- <ol><li><p>If the entry's name is "<code title=attr-fe-name-charset><a href=#attr-fe-name-charset>_charset_</a></code>"
- and its type is "<code title="">hidden</code>", replace its value
- with <var title="">charset</var>.</li>
+ <ol><li><p>If the entry's name is "<code title=attr-fe-name-charset><a href=#attr-fe-name-charset>_charset_</a></code>" and its
+ type is "<code title="">hidden</code>", replace its value with <var title="">charset</var>.</li>
- <li><p>If the entry's type is "<code title="">file</code>",
- replace its value with the file's filename only.</li> <!--
- this is not present in the next section -->
+ <li><p>If the entry's type is "<code title="">file</code>", replace its value with the file's
+ filename only.</li> <!-- this is not present in the next section -->
- <li><p>For each character in the entry's name and value that
- cannot be expressed using the selected character encoding,
- replace the character by a string consisting of a U+0026
- AMPERSAND character (&), a U+0023 NUMBER SIGN character (#),
- one or more <a href=#ascii-digits>ASCII digits</a> representing the Unicode code point of the
- character in base ten, and finally a U+003B SEMICOLON character
- (;).</li><!-- we should say it should be the shortest
- possible string, no leading zeros. this whole step is asinine,
- though, so... -->
+ <li><p>For each character in the entry's name and value that cannot be expressed using the
+ selected character encoding, replace the character by a string consisting of a U+0026 AMPERSAND
+ character (&), a U+0023 NUMBER SIGN character (#), one or more <a href=#ascii-digits>ASCII digits</a>
+ representing the Unicode code point of the character in base ten, and finally a U+003B
+ SEMICOLON character (;).</li><!-- we should say it should be the shortest possible string,
+ no leading zeros. this whole step is asinine, though, so... -->
<!-- this is where the similarities with the next section end -->
@@ -55629,19 +55515,19 @@
<li>
- <p>For each byte in the entry's name and value, apply the
- appropriate subsubsteps from the following list:</p>
+ <p>For each byte in the entry's name and value, apply the appropriate subsubsteps from the
+ following list:</p>
<dl class=switch><dt>The byte is 0x20 (U+0020 SPACE if interpreted as ASCII)</dt>
- <dd>Replace the byte with a single 0x2B byte (U+002B PLUS SIGN
- character (+) if interpreted as ASCII).</dd>
+ <dd>Replace the byte with a single 0x2B byte (U+002B PLUS SIGN character (+) if interpreted
+ as ASCII).</dd>
<!-- * - . 0-9 a-z _ A-Z -->
- <dt>If the byte is in the range 0x2A, 0x2D, 0x2E, 0x30 to 0x39,
- 0x41 to 0x5A, 0x5F, 0x61 to 0x7A</dt>
+ <dt>If the byte is in the range 0x2A, 0x2D, 0x2E, 0x30 to 0x39, 0x41 to 0x5A, 0x5F, 0x61 to
+ 0x7A</dt>
<dd><p>Leave the byte as is.</dd>
@@ -55654,12 +55540,11 @@
(%) followed by <a href=#uppercase-ascii-hex-digits>uppercase ASCII hex digits</a> representing the hexadecimal value
of the byte in question (zero-padded if necessary).</li>
- <li><p>Encode the string <var title="">s</var> as US-ASCII,
- so that it is now a byte string.</p>
+ <li><p>Encode the string <var title="">s</var> as US-ASCII, so that it is now a byte
+ string.</p>
- <li><p>Replace the byte in question in the name or value
- being processed by the bytes in <var title="">s</var>,
- preserving their relative order.</li>
+ <li><p>Replace the byte in question in the name or value being processed by the bytes in
+ <var title="">s</var>, preserving their relative order.</li>
</ol></dd>
@@ -55667,19 +55552,20 @@
<li>
- <p>Interpret the entry's name and value as Unicode strings
- encoded in US-ASCII. (All of the bytes in the string will be in
- the range 0x00 to 0x7F; the high bit will be zero throughout.)
+ <p>Interpret the entry's name and value as Unicode strings encoded in US-ASCII. (All of the
+ bytes in the string will be in the range 0x00 to 0x7F; the high bit will be zero throughout.)
The entry's name and value are now Unicode strings again.</p>
</li>
- <li><p>If the entry's name is "<code title=attr-fe-name-isindex><a href=#attr-fe-name-isindex>isindex</a></code>", its type is "<code title="">text</code>", and this is the first entry in the <var title="">form data set</var>, then append the value to <var title="">result</var> and skip the rest of the substeps for this
- entry, moving on to the next entry, if any, or the next step in
- the overall algorithm otherwise.</li>
+ <li><p>If the entry's name is "<code title=attr-fe-name-isindex><a href=#attr-fe-name-isindex>isindex</a></code>", its type is
+ "<code title="">text</code>", and this is the first entry in the <var title="">form data
+ set</var>, then append the value to <var title="">result</var> and skip the rest of the
+ substeps for this entry, moving on to the next entry, if any, or the next step in the overall
+ algorithm otherwise.</li>
- <li><p>If this is not the first entry, append a single U+0026
- AMPERSAND character (&) to <var title="">result</var>.</li>
+ <li><p>If this is not the first entry, append a single U+0026 AMPERSAND character (&) to
+ <var title="">result</var>.</li>
<li><p>Append the entry's name to <var title="">result</var>.</li>
@@ -55689,105 +55575,95 @@
</ol></li>
- <li><p>Encode <var title="">result</var> as US-ASCII and return the
- resulting byte stream.</li>
+ <li><p>Encode <var title="">result</var> as US-ASCII and return the resulting byte
+ stream.</li>
</ol></div>
- <p>To <dfn id=application/x-www-form-urlencoded-decoding-algorithm title="application/x-www-form-urlencoded decoding
- algorithm">decode <code>application/x-www-form-urlencoded</code>
- payloads</dfn>, the following algorithm should be used. This
- algorithm uses as inputs the payload itself, <var title="">payload</var>, consisting of a Unicode string using only
- characters in the range U+0000 to U+007F; a default character
- encoding <var title="">encoding</var>; and optionally an <var title="">isindex</var> flag indicating that the payload is to be
- processed as if it had been generated for a form containing an <code title=attr-fe-name-isindex><a href=#attr-fe-name-isindex>isindex</a></code> control. The output of
- this algorithm is a sorted list of name-value pairs. If the <var title="">isindex</var> flag is set and the first control really was
- an <code title=attr-fe-name-isindex><a href=#attr-fe-name-isindex>isindex</a></code> control, then
- the first name-value pair will have as its name the empty
- string.</p>
+ <p>To <dfn id=application/x-www-form-urlencoded-decoding-algorithm title="application/x-www-form-urlencoded decoding algorithm">decode
+ <code>application/x-www-form-urlencoded</code> payloads</dfn>, the following algorithm should be
+ used. This algorithm uses as inputs the payload itself, <var title="">payload</var>, consisting of
+ a Unicode string using only characters in the range U+0000 to U+007F; a default character encoding
+ <var title="">encoding</var>; and optionally an <var title="">isindex</var> flag indicating that
+ the payload is to be processed as if it had been generated for a form containing an <code title=attr-fe-name-isindex><a href=#attr-fe-name-isindex>isindex</a></code> control. The output of this algorithm is a sorted list
+ of name-value pairs. If the <var title="">isindex</var> flag is set and the first control really
+ was an <code title=attr-fe-name-isindex><a href=#attr-fe-name-isindex>isindex</a></code> control, then the first name-value pair
+ will have as its name the empty string.</p>
<ol><li><p>Let <var title="">strings</var> be the result of <a href=#strictly-split-a-string title="strictly split a string">strictly splitting the
string</a> <var title="">payload</var> on U+0026 AMPERSAND
characters (&).</li>
- <li><p>If the <var title="">isindex</var> flag is set and the first
- string in <var title="">strings</var> does not contain a U+003D
- EQUALS SIGN character (=), insert a U+003D EQUALS SIGN character
- (=) at the start of the first string in <var title="">strings</var>.</li>
+ <li><p>If the <var title="">isindex</var> flag is set and the first string in <var title="">strings</var> does not contain a U+003D EQUALS SIGN character (=), insert a U+003D
+ EQUALS SIGN character (=) at the start of the first string in <var title="">strings</var>.</li>
- <li><p>Let <var title="">pairs</var> be an empty list of name-value
- pairs.</li>
+ <li><p>Let <var title="">pairs</var> be an empty list of name-value pairs.</li>
<li>
- <p>For each string <var title="">string</var> in <var title="">strings</var>, run these substeps:</p>
+ <p>For each string <var title="">string</var> in <var title="">strings</var>, run these
+ substeps:</p>
<ol><li>
- <p>If <var title="">string</var> contains a U+003D EQUALS SIGN
- character (=), then let <var title="">name</var> be the
- substring of <var title="">string</var> from the start of <var title="">string</var> up to but excluding its first U+003D
- EQUALS SIGN character (=), and let <var title="">value</var> be
- the substring from the first character, if any, after the first
- U+003D EQUALS SIGN character (=) up to the end of <var title="">string</var>. If the first U+003D EQUALS SIGN character
- (=) is the first character, then <var title="">name</var> will
- be the empty string. If it is the last character, then <var title="">value</var> will be the empty string.</p>
+ <p>If <var title="">string</var> contains a U+003D EQUALS SIGN character (=), then let <var title="">name</var> be the substring of <var title="">string</var> from the start of <var title="">string</var> up to but excluding its first U+003D EQUALS SIGN character (=), and let
+ <var title="">value</var> be the substring from the first character, if any, after the first
+ U+003D EQUALS SIGN character (=) up to the end of <var title="">string</var>. If the first
+ U+003D EQUALS SIGN character (=) is the first character, then <var title="">name</var> will be
+ the empty string. If it is the last character, then <var title="">value</var> will be the
+ empty string.</p>
- <p>Otherwise, <var title="">string</var> contains no U+003D
- EQUALS SIGN characters (=). Let <var title="">name</var> have
- the value of <var title="">string</var> and let <var title="">value</var> be the empty string.</p>
+ <p>Otherwise, <var title="">string</var> contains no U+003D EQUALS SIGN characters (=). Let
+ <var title="">name</var> have the value of <var title="">string</var> and let <var title="">value</var> be the empty string.</p>
</li>
<li>
- <p>Replace any U+002B PLUS SIGN characters (+) in <var title="">name</var> and <var title="">value</var> with U+0020
- SPACE characters.</p>
+ <p>Replace any U+002B PLUS SIGN characters (+) in <var title="">name</var> and <var title="">value</var> with U+0020 SPACE characters.</p>
</li>
<li>
- <p>Replace any escape in <var title="">name</var> and <var title="">value</var> with the character represented by the
- escape. This replacement must not be recursive.</p>
+ <p>Replace any escape in <var title="">name</var> and <var title="">value</var> with the
+ character represented by the escape. This replacement must not be recursive.</p>
- <p>An escape is a U+0025 PERCENT SIGN character (%) followed by
- two <a href=#ascii-hex-digits>ASCII hex digits</a>.</p>
+ <p>An escape is a U+0025 PERCENT SIGN character (%) followed by two <a href=#ascii-hex-digits>ASCII hex
+ digits</a>.</p>
- <p>The character represented by an escape is the Unicode
- character whose code point is equal to the value of the two
- characters after the U+0025 PERCENT SIGN character (%),
- interpreted as a hexadecimal number (in the range 0..255).</p>
+ <p>The character represented by an escape is the Unicode character whose code point is equal
+ to the value of the two characters after the U+0025 PERCENT SIGN character (%), interpreted as
+ a hexadecimal number (in the range 0..255).</p>
- <p class=example>So for instance the string "<code title="">A%2BC</code>" would become "<code title="">A+C</code>".
- Similarly, the string "<code title="">100%25AA%21</code>"
- becomes the string "<code title="">100%AA!</code>".</p>
+ <p class=example>So for instance the string "<code title="">A%2BC</code>" would become
+ "<code title="">A+C</code>". Similarly, the string "<code title="">100%25AA%21</code>" becomes
+ the string "<code title="">100%AA!</code>".</p>
</li>
- <li><p>Convert the <var title="">name</var> and <var title="">value</var> strings to their byte representation in
- ISO-8859-1 (i.e. convert the Unicode string to a byte string,
- mapping code points to byte values directly).</li>
+ <li><p>Convert the <var title="">name</var> and <var title="">value</var> strings to their byte
+ representation in ISO-8859-1 (i.e. convert the Unicode string to a byte string, mapping code
+ points to byte values directly).</li>
<li><p>Add a pair consisting of <var title="">name</var> and <var title="">value</var> to <var title="">pairs</var>.</li>
</ol></li>
- <li><p>If any of the name-value pairs in <var title="">pairs</var>
- have a name component consisting of the string "<code title="">_charset_</code>" encoded in US-ASCII, and the value
- component of the first such pair, when decoded as US-ASCII, is the
- name of a supported character encoding, then let <var title="">encoding</var> be that character encoding (replacing the
- default passed to the algorithm).</li> <!-- XXX -->
+ <li><p>If any of the name-value pairs in <var title="">pairs</var> have a name component
+ consisting of the string "<code title="">_charset_</code>" encoded in US-ASCII, and the value
+ component of the first such pair, when decoded as US-ASCII, is the name of a supported character
+ encoding, then let <var title="">encoding</var> be that character encoding (replacing the default
+ passed to the algorithm).</li> <!-- XXX -->
- <li><p>Convert the name and value components of each name-value
- pair in <var title="">pairs</var> to Unicode by interpreting the
- bytes according to the encoding <var title="">encoding</var>.</li>
+ <li><p>Convert the name and value components of each name-value pair in <var title="">pairs</var>
+ to Unicode by interpreting the bytes according to the encoding <var title="">encoding</var>.</li>
<li><p>Return <var title="">pairs</var>.</li>
- </ol><p class=note>Parameters on the
- <code><a href=#application/x-www-form-urlencoded>application/x-www-form-urlencoded</a></code> MIME type are
- ignored. In particular, this MIME type does not support the <code title="">charset</code> parameter.</p>
+ </ol><p class=note>Parameters on the <code><a href=#application/x-www-form-urlencoded>application/x-www-form-urlencoded</a></code> MIME type are
+ ignored. In particular, this MIME type does not support the <code title="">charset</code>
+ parameter.</p>
@@ -65922,12 +65798,11 @@
</dl><div class=impl>
-<!--CLEANUP-->
<p>The <dfn id=dom-document-domain title=dom-document-domain><code>domain</code></dfn> attribute on
<code><a href=#document>Document</a></code> objects must be initialized to <a href="#the-document's-domain">the document's domain</a>, if it has
one, and the empty string otherwise. If the value is an IPv6 address, then the square brackets
- from the <a href=#concept-url-host title=concept-url-host>host</a> component must be omitted
- from the attribute's value.</p>
+ from the <a href=#concept-url-host title=concept-url-host>host</a> component must be omitted from the attribute's
+ value.</p>
<p>On getting, the attribute must return its current value, unless the <code><a href=#document>Document</a></code> has
no <a href=#browsing-context>browsing context</a>, in which case it must return the empty string.</p>
@@ -66041,10 +65916,10 @@
protects two different sites on the same host will fail, as the ports are ignored when comparing
origins after the <code title=dom-document-domain><a href=#dom-document-domain>document.domain</a></code> attribute has been
used.</p>
-<!--TOPIC:HTML-->
+<!--TOPIC:HTML-->
<h3 id=sandboxing><span class=secno>6.4 </span>Sandboxing</h3>
@@ -66644,22 +66519,24 @@
<li>If that fails, throw a <code><a href=#securityerror>SecurityError</a></code> exception and abort these steps.</li>
-<!--CLEANUP-->
- <li>Compare the resulting <a href=#parsed-url>parsed URL</a> to the result of applying the <a href=#url-parser>URL parser</a> algorithm to <a href="#the-document's-address">the document's address</a>. If
- any component of these two <a href=#url title=URL>URLs</a> differ other than the <a href=#concept-url-path title=concept-url-path>path</a>, <a href=#concept-url-query title=concept-url-query>query</a>, and <a href=#concept-url-fragment title=concept-url-fragment>fragment</a> components, then throw a
+ <li>Compare the resulting <a href=#parsed-url>parsed URL</a> to the result of applying the <a href=#url-parser>URL
+ parser</a> algorithm to <a href="#the-document's-address">the document's address</a>. If any component of these two
+ <a href=#url title=URL>URLs</a> differ other than the <a href=#concept-url-path title=concept-url-path>path</a>,
+ <a href=#concept-url-query title=concept-url-query>query</a>, and <a href=#concept-url-fragment title=concept-url-fragment>fragment</a> components, then throw a
<code><a href=#securityerror>SecurityError</a></code> exception and abort these steps.</li>
<li>If the <a href=#origin>origin</a> of the resulting <a href=#absolute-url>absolute URL</a> is not the same as
the <a href=#origin>origin</a> of the <a href=#entry-script>entry script</a>'s <a href="#script's-document" title="script's
- document">document</a>, and either the <a href=#concept-url-path title=concept-url-path>path</a> or <a href=#concept-url-query title=concept-url-query>query</a> components of the two <a href=#parsed-url title="parsed URL">parsed URLs</a>
- compared in the previous step differ, throw a <code><a href=#securityerror>SecurityError</a></code> exception and abort
- these steps. (This prevents sandboxed content from spoofing other pages on the same
+ document">document</a>, and either the <a href=#concept-url-path title=concept-url-path>path</a> or <a href=#concept-url-query title=concept-url-query>query</a> components of the two <a href=#parsed-url title="parsed URL">parsed
+ URLs</a> compared in the previous step differ, throw a <code><a href=#securityerror>SecurityError</a></code> exception
+ and abort these steps. (This prevents sandboxed content from spoofing other pages on the same
origin.)</li>
<li><p>Let <var title="">new URL</var> be the resulting <a href=#absolute-url>absolute URL</a>.</li>
</ol><p>For the purposes of the comparisons in the above substeps, the <a href=#concept-url-path title=concept-url-path>path</a> and <a href=#concept-url-query title=concept-url-query>query</a> components
- can only be the same if the <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> component of both <a href=#parsed-url title="parsed URL">parsed URLs</a> are <a href=#concept-url-scheme-relative title=concept-url-scheme-relative>relative schemes</a>.</p>
+ can only be the same if the <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> component of both
+ <a href=#parsed-url title="parsed URL">parsed URLs</a> are <a href=#concept-url-scheme-relative title=concept-url-scheme-relative>relative schemes</a>.</p>
</li>
@@ -66748,13 +66625,11 @@
<div class=example>
- <p>Consider a game where the user can navigate along a line, such
- that the user is always at some coordinate, and such that the user
- can bookmark the page corresponding to a particular coordinate, to
- return to it later.</p>
+ <p>Consider a game where the user can navigate along a line, such that the user is always at some
+ coordinate, and such that the user can bookmark the page corresponding to a particular
+ coordinate, to return to it later.</p>
- <p>A static page implementing the x=5 position in such a game could
- look like the following:</p>
+ <p>A static page implementing the x=5 position in such a game could look like the following:</p>
<pre><!DOCTYPE HTML>
<!-- this is http://example.com/line?x=5 -->
@@ -66765,9 +66640,8 @@
<a href="?x=4">retreat to 4</a>?
</p></pre>
- <p>The problem with such a system is that each time the user
- clicks, the whole page has to be reloaded. Here instead is another
- way of doing it, using script:</p>
+ <p>The problem with such a system is that each time the user clicks, the whole page has to be
+ reloaded. Here instead is another way of doing it, using script:</p>
<pre><!DOCTYPE HTML>
<!-- this starts off as http://example.com/line?x=5 -->
@@ -66797,30 +66671,24 @@
}
</script></pre>
- <p>In systems without script, this still works like the previous
- example. However, users that <em>do</em> have script support can
- now navigate much faster, since there is no network access for the
- same experience. Furthermore, contrary to the experience the user
- would have with just a naïve script-based approach,
- bookmarking and navigating the session history still work.</p>
+ <p>In systems without script, this still works like the previous example. However, users that
+ <em>do</em> have script support can now navigate much faster, since there is no network access
+ for the same experience. Furthermore, contrary to the experience the user would have with just a
+ naïve script-based approach, bookmarking and navigating the session history still work.</p>
- <p>In the example above, the <var title="">data</var> argument to
- the <code title=dom-history-pushState><a href=#dom-history-pushstate>pushState()</a></code> method
- is the same information as would be sent to the server, but in a
- more convenient form, so that the script doesn't have to parse the
- URL each time the user navigates.</p>
+ <p>In the example above, the <var title="">data</var> argument to the <code title=dom-history-pushState><a href=#dom-history-pushstate>pushState()</a></code> method is the same information as would be sent
+ to the server, but in a more convenient form, so that the script doesn't have to parse the URL
+ each time the user navigates.</p>
</div>
<div class=example>
- <p>Applications might not use the same title for a <a href=#session-history-entry>session
- history entry</a> as the value of the document's
- <code><a href=#the-title-element>title</a></code> element at that time. For example, here is a
- simple page that shows a block in the <code><a href=#the-title-element>title</a></code> element.
- Clearly, when navigating backwards to a previous state the user
- does not go back in time, and therefore it would be inappropriate
- to put the time in the session history title.</p>
+ <p>Applications might not use the same title for a <a href=#session-history-entry>session history entry</a> as the
+ value of the document's <code><a href=#the-title-element>title</a></code> element at that time. For example, here is a simple
+ page that shows a block in the <code><a href=#the-title-element>title</a></code> element. Clearly, when navigating backwards to
+ a previous state the user does not go back in time, and therefore it would be inappropriate to
+ put the time in the session history title.</p>
<pre><!DOCTYPE HTML>
<TITLE>Line</TITLE>
@@ -66847,9 +66715,8 @@
<h4 id=the-location-interface><span class=secno>6.5.3 </span>The <code><a href=#location>Location</a></code> interface</h4>
- <p>Each <code><a href=#document>Document</a></code> object in a <a href=#browsing-context>browsing
- context</a>'s session history is associated with a unique
- instance of a <code><a href=#location>Location</a></code> object.</p>
+ <p>Each <code><a href=#document>Document</a></code> object in a <a href=#browsing-context>browsing context</a>'s session history is
+ associated with a unique instance of a <code><a href=#location>Location</a></code> object.</p>
<dl class=domintro><dt><var title="">document</var> . <code title=dom-document-location><a href=#dom-document-location>location</a></code> [ = <var title="">value</var> ]</dt>
<dt><var title="">window</var> . <code title=dom-location><a href=#dom-location>location</a></code> [ = <var title="">value</var> ]</dt>
@@ -66864,14 +66731,12 @@
</dl><div class=impl>
- <p>The <dfn id=dom-document-location title=dom-document-location><code>location</code></dfn> attribute
- of the <code><a href=#document>Document</a></code> interface must return the
- <code><a href=#location>Location</a></code> object for that <code><a href=#document>Document</a></code> object,
- if it is in a <a href=#browsing-context>browsing context</a>, and null otherwise.</p>
+ <p>The <dfn id=dom-document-location title=dom-document-location><code>location</code></dfn> attribute of the
+ <code><a href=#document>Document</a></code> interface must return the <code><a href=#location>Location</a></code> object for that
+ <code><a href=#document>Document</a></code> object, if it is in a <a href=#browsing-context>browsing context</a>, and null otherwise.</p>
- <p>The <dfn id=dom-location title=dom-location><code>location</code></dfn>
- attribute of the <code><a href=#window>Window</a></code> interface must return the
- <code><a href=#location>Location</a></code> object for that <code><a href=#window>Window</a></code> object's
+ <p>The <dfn id=dom-location title=dom-location><code>location</code></dfn> attribute of the <code><a href=#window>Window</a></code>
+ interface must return the <code><a href=#location>Location</a></code> object for that <code><a href=#window>Window</a></code> object's
<code><a href=#document>Document</a></code>.</p>
</div>
@@ -67191,14 +67056,15 @@
<li><p>Let <var title="">gone async</var> be false.</li>
-<!--CLEANUP-->
- <li id=navigate-fragid-step><p><i>Fragment identifiers</i>: Apply the <a href=#url-parser>URL parser</a> algorithm to the <a href=#absolute-url>absolute URL</a> of
- the new resource and the <a href="#the-document's-address" title="the document's address">address</a> of the
- <a href=#active-document>active document</a> of the <a href=#browsing-context>browsing context</a> being navigated. If all the components of the resulting <a href=#parsed-url title="parsed URL">parsed URLs</a> , ignoring any
- <a href=#concept-url-fragment title=concept-url-fragment>fragment</a> components, are identical, and the new resource is to be fetched using HTTP GET <a href=#concept-http-equivalent-get title=concept-http-equivalent-get>or equivalent</a>, and the <a href=#parsed-url>parsed URL</a> of
- the new resource has a <a href=#concept-url-fragment title=concept-url-fragment>fragment</a> component that is not null (even if it
- is empty), then <a href=#scroll-to-fragid title=navigate-fragid>navigate to that fragment identifier</a> and
- abort these steps.</li>
+ <li id=navigate-fragid-step><p><i>Fragment identifiers</i>: Apply the <a href=#url-parser>URL parser</a>
+ algorithm to the <a href=#absolute-url>absolute URL</a> of the new resource and the <a href="#the-document's-address" title="the
+ document's address">address</a> of the <a href=#active-document>active document</a> of the <a href=#browsing-context>browsing
+ context</a> being navigated. If all the components of the resulting <a href=#parsed-url title="parsed
+ URL">parsed URLs</a>, ignoring any <a href=#concept-url-fragment title=concept-url-fragment>fragment</a>
+ components, are identical, and the new resource is to be fetched using HTTP GET <a href=#concept-http-equivalent-get title=concept-http-equivalent-get>or equivalent</a>, and the <a href=#parsed-url>parsed URL</a> of the
+ new resource has a <a href=#concept-url-fragment title=concept-url-fragment>fragment</a> component that is not null
+ (even if it is empty), then <a href=#scroll-to-fragid title=navigate-fragid>navigate to that fragment
+ identifier</a> and abort these steps.</li>
<li><p>If <var title="">gone async</var> is false, cancel any preexisting but not yet <a href=#concept-navigate-mature title=concept-navigate-mature>mature</a> attempt to navigate the <a href=#browsing-context>browsing
context</a>, including canceling any instances of the <a href=#fetch>fetch</a> algorithm started by
@@ -67660,18 +67526,18 @@
encoding is established, the <a href="#document's-character-encoding">document's character encoding</a> must be set to that
character encoding.</p>
-<!--CLEANUP-->
<p>If the root element, as parsed according to the XML specifications cited above, is found to be
an <code><a href=#the-html-element>html</a></code> element with an attribute <code title=attr-html-manifest><a href=#attr-html-manifest>manifest</a></code>
whose value is not the empty string, then, as soon as the element is <a href=#insert-an-element-into-a-document title="insert an
element into a document">inserted into the document</a>, the user agent must <a href=#resolve-a-url title="resolve a url">resolve</a> the value of that attribute relative to that element, and if
- that is successful, must apply the <a href=#url-serializer>URL serializer</a> algorithm to the resulting <a href=#parsed-url>parsed URL</a> with the <i>exclude fragment flag</i> set to obtain <var title="">manifest URL</var>, and then run the <a href=#concept-appcache-init title=concept-appcache-init>application cache selection
- algorithm</a> with <var title="">manifest URL</var>
- as the manifest URL, passing in
- the newly-created <code><a href=#document>Document</a></code>. Otherwise, if the attribute is absent, its value is the
- empty string, or resolving its value fails, then as soon as the root element is <a href=#insert-an-element-into-a-document title="insert an element into a document">inserted into the document</a>, the user agent must
- run the <a href=#concept-appcache-init title=concept-appcache-init>application cache selection algorithm</a> with no
- manifest, and passing in the <code><a href=#document>Document</a></code>.</p>
+ that is successful, must apply the <a href=#url-serializer>URL serializer</a> algorithm to the resulting
+ <a href=#parsed-url>parsed URL</a> with the <i>exclude fragment flag</i> set to obtain <var title="">manifest
+ URL</var>, and then run the <a href=#concept-appcache-init title=concept-appcache-init>application cache selection
+ algorithm</a> with <var title="">manifest URL</var> as the manifest URL, passing in the
+ newly-created <code><a href=#document>Document</a></code>. Otherwise, if the attribute is absent, its value is the empty
+ string, or resolving its value fails, then as soon as the root element is <a href=#insert-an-element-into-a-document title="insert an
+ element into a document">inserted into the document</a>, the user agent must run the <a href=#concept-appcache-init title=concept-appcache-init>application cache selection algorithm</a> with no manifest, and
+ passing in the <code><a href=#document>Document</a></code>.</p>
<p class=note>Because the processing of the <code title=attr-html-manifest><a href=#attr-html-manifest>manifest</a></code>
attribute happens only once the root element is parsed, any URLs referenced by processing
@@ -67909,8 +67775,9 @@
processing model must be followed to determine what <a href=#the-indicated-part-of-the-document>the indicated part of the
document</a> is.</p>
- <ol><!--CLEANUP--><li><p>Apply the <a href=#url-parser>URL parser</a> algorithm to the <a href=#url>URL</a>, and let <var title="">fragid</var> be the <a href=#concept-url-fragment title=concept-url-fragment>fragment</a> component of the
- resulting <a href=#parsed-url>parsed URL</a>.</li><!-- parsing can't fail, since we checked earlier on when navigating -->
+ <ol><li><p>Apply the <a href=#url-parser>URL parser</a> algorithm to the <a href=#url>URL</a>, and let <var title="">fragid</var> be the <a href=#concept-url-fragment title=concept-url-fragment>fragment</a> component of the
+ resulting <a href=#parsed-url>parsed URL</a>.</li><!-- parsing can't fail, since we checked earlier on
+ when navigating -->
<li><p>If <var title="">fragid</var> is the empty string, then <a href=#the-indicated-part-of-the-document>the indicated part of the
document</a> is the top of the document; stop the algorithm here.</li>
@@ -69042,34 +68909,26 @@
</div>
-<!--CLEANUP-->
<h5 id=writing-cache-manifests><span class=secno>6.7.3.2 </span>Writing cache manifests</h5>
- <p>Manifests must be served using the
- <code><a href=#text/cache-manifest>text/cache-manifest</a></code> <a href=#mime-type>MIME type</a>. All
- resources served using the <code><a href=#text/cache-manifest>text/cache-manifest</a></code>
- <a href=#mime-type>MIME type</a> must follow the syntax of application cache
- manifests, as described in this section.</p>
+ <p>Manifests must be served using the <code><a href=#text/cache-manifest>text/cache-manifest</a></code> <a href=#mime-type>MIME type</a>. All
+ resources served using the <code><a href=#text/cache-manifest>text/cache-manifest</a></code> <a href=#mime-type>MIME type</a> must follow the
+ syntax of application cache manifests, as described in this section.</p>
- <p>An application cache manifest is a text file, whose text is
- encoded using UTF-8. Data in application cache manifests is
- line-based. Newlines must be represented by U+000A LINE FEED (LF)
- characters, U+000D CARRIAGE RETURN (CR) characters, or U+000D
- CARRIAGE RETURN (CR) U+000A LINE FEED (LF) pairs. <a href=#refsRFC3629>[RFC3629]</a></p>
+ <p>An application cache manifest is a text file, whose text is encoded using UTF-8. Data in
+ application cache manifests is line-based. Newlines must be represented by U+000A LINE FEED (LF)
+ characters, U+000D CARRIAGE RETURN (CR) characters, or U+000D CARRIAGE RETURN (CR) U+000A LINE
+ FEED (LF) pairs. <a href=#refsRFC3629>[RFC3629]</a></p>
- <p class=note>This is a <a href=#willful-violation>willful violation</a> of RFC
- 2046, which requires all <code title="">text/*</code> types to only
- allow CRLF line breaks. This requirement, however, is outdated; the
- use of CR, LF, and CRLF line breaks is commonly supported and indeed
- sometimes CRLF is <em>not</em> supported by text editors. <a href=#refsRFC2046>[RFC2046]</a></p>
+ <p class=note>This is a <a href=#willful-violation>willful violation</a> of RFC 2046, which requires all <code title="">text/*</code> types to only allow CRLF line breaks. This requirement, however, is
+ outdated; the use of CR, LF, and CRLF line breaks is commonly supported and indeed sometimes CRLF
+ is <em>not</em> supported by text editors. <a href=#refsRFC2046>[RFC2046]</a></p>
- <p>The first line of an application cache manifest must consist of
- the string "CACHE", a single U+0020 SPACE character, the string
- "MANIFEST", and either a U+0020 SPACE character, a U+0009 CHARACTER
- TABULATION (tab) character, a U+000A LINE FEED (LF) character, or a
- U+000D CARRIAGE RETURN (CR) character. The first line may optionally
- be preceded by a U+FEFF BYTE ORDER MARK (BOM) character. If any
- other text is found on the first line, it is ignored.</p>
+ <p>The first line of an application cache manifest must consist of the string "CACHE", a single
+ U+0020 SPACE character, the string "MANIFEST", and either a U+0020 SPACE character, a U+0009
+ CHARACTER TABULATION (tab) character, a U+000A LINE FEED (LF) character, or a U+000D CARRIAGE
+ RETURN (CR) character. The first line may optionally be preceded by a U+FEFF BYTE ORDER MARK (BOM)
+ character. If any other text is found on the first line, it is ignored.</p>
<p>Subsequent lines, if any, must all be one of the following:</p>
@@ -69080,21 +68939,17 @@
<dt>A comment
<dd>
- <p>Comment lines must consist of zero or more U+0020 SPACE and
- U+0009 CHARACTER TABULATION (tab) characters, followed by a single
- U+0023 NUMBER SIGN character (#), followed by zero or more
- characters other than U+000A LINE FEED (LF) and U+000D CARRIAGE
- RETURN (CR) characters.</p>
+ <p>Comment lines must consist of zero or more U+0020 SPACE and U+0009 CHARACTER TABULATION (tab)
+ characters, followed by a single U+0023 NUMBER SIGN character (#), followed by zero or more
+ characters other than U+000A LINE FEED (LF) and U+000D CARRIAGE RETURN (CR) characters.</p>
- <p class=note>Comments must be on a line on their own. If they
- were to be included on a line with a URL, the "#" would be
- mistaken for part of a fragment identifier.</p>
+ <p class=note>Comments must be on a line on their own. If they were to be included on a line
+ with a URL, the "#" would be mistaken for part of a fragment identifier.</p>
<dt>A section header
<dd>
- <p>Section headers change the current section. There are four
- possible section headers:
+ <p>Section headers change the current section. There are four possible section headers:
<dl><dt><code>CACHE:</code>
<dd>Switches to the <dfn id=concept-appcache-manifest-explicit title=concept-appcache-manifest-explicit>explicit section</dfn>.
@@ -69108,258 +68963,212 @@
<dt><code>SETTINGS:</code>
<dd>Switches to the <dfn id=concept-appcache-manifest-settings title=concept-appcache-manifest-settings>settings section</dfn>.
- </dl><p>Section header lines must consist of zero or more U+0020 SPACE
- and U+0009 CHARACTER TABULATION (tab) characters, followed by one
- of the names above (including the U+003A COLON character (:))
- followed by zero or more U+0020 SPACE and U+0009 CHARACTER
- TABULATION (tab) characters.</p>
+ </dl><p>Section header lines must consist of zero or more U+0020 SPACE and U+0009 CHARACTER
+ TABULATION (tab) characters, followed by one of the names above (including the U+003A COLON
+ character (:)) followed by zero or more U+0020 SPACE and U+0009 CHARACTER TABULATION (tab)
+ characters.</p>
- <p>Ironically, by default, the current section is the
- <a href=#concept-appcache-manifest-explicit title=concept-appcache-manifest-explicit>explicit section</a>.</p>
+ <p>Ironically, by default, the current section is the <a href=#concept-appcache-manifest-explicit title=concept-appcache-manifest-explicit>explicit section</a>.</p>
<dt>Data for the current section
<dd>
- <p>The format that data lines must take depends on the current
- section.</p>
+ <p>The format that data lines must take depends on the current section.</p>
+
<p>When the current section is the <a href=#concept-appcache-manifest-explicit title=concept-appcache-manifest-explicit>explicit
- section</a>, data lines must consist of zero or more U+0020
- SPACE and U+0009 CHARACTER TABULATION (tab) characters, a
- <a href=#valid-url>valid URL</a> identifying a resource other than the
- manifest itself, and then zero or more U+0020 SPACE and U+0009
- CHARACTER TABULATION (tab) characters.</p>
+ section</a>, data lines must consist of zero or more U+0020 SPACE and U+0009 CHARACTER
+ TABULATION (tab) characters, a <a href=#valid-url>valid URL</a> identifying a resource other than the
+ manifest itself, and then zero or more U+0020 SPACE and U+0009 CHARACTER TABULATION (tab)
+ characters.</p>
<p>When the current section is the <a href=#concept-appcache-manifest-fallback title=concept-appcache-manifest-fallback>fallback
- section</a>, data lines must consist of zero or more U+0020
- SPACE and U+0009 CHARACTER TABULATION (tab) characters, a
- <a href=#valid-url>valid URL</a> identifying a resource other than the
- manifest itself, one or more U+0020 SPACE and U+0009 CHARACTER
- TABULATION (tab) characters, another <a href=#valid-url>valid URL</a>
- identifying a resource other than the manifest itself, and then
- zero or more U+0020 SPACE and U+0009 CHARACTER TABULATION (tab)
- characters.</p>
+ section</a>, data lines must consist of zero or more U+0020 SPACE and U+0009 CHARACTER
+ TABULATION (tab) characters, a <a href=#valid-url>valid URL</a> identifying a resource other than the
+ manifest itself, one or more U+0020 SPACE and U+0009 CHARACTER TABULATION (tab) characters,
+ another <a href=#valid-url>valid URL</a> identifying a resource other than the manifest itself, and then
+ zero or more U+0020 SPACE and U+0009 CHARACTER TABULATION (tab) characters.</p>
- <p>When the current section is the <a href=#concept-appcache-manifest-network title=concept-appcache-manifest-network>online whitelist
- section</a>, data lines must consist of zero or more U+0020
- SPACE and U+0009 CHARACTER TABULATION (tab) characters, either a
- single U+002A ASTERISK character (*) <!--
- concept-appcache-onlinewhitelist-wildcard --> or a <a href=#valid-url>valid
- URL</a> identifying a resource other than the manifest itself,
- and then zero or more U+0020 SPACE and U+0009 CHARACTER TABULATION
- (tab) characters.</p>
+ <p>When the current section is the <a href=#concept-appcache-manifest-network title=concept-appcache-manifest-network>online
+ whitelist section</a>, data lines must consist of zero or more U+0020 SPACE and U+0009
+ CHARACTER TABULATION (tab) characters, either a single U+002A ASTERISK character (*) <!--
+ concept-appcache-onlinewhitelist-wildcard --> or a <a href=#valid-url>valid URL</a> identifying a resource
+ other than the manifest itself, and then zero or more U+0020 SPACE and U+0009 CHARACTER
+ TABULATION (tab) characters.</p>
<p>When the current section is the <a href=#concept-appcache-manifest-settings title=concept-appcache-manifest-settings>settings
- section</a>, data lines must consist of zero or more U+0020
- SPACE and U+0009 CHARACTER TABULATION (tab) characters, a <a href=#concept-appcache-manifest-setting title=concept-appcache-manifest-setting>setting</a>, and then
- zero or more U+0020 SPACE and U+0009 CHARACTER TABULATION (tab)
- characters.</p>
+ section</a>, data lines must consist of zero or more U+0020 SPACE and U+0009 CHARACTER
+ TABULATION (tab) characters, a <a href=#concept-appcache-manifest-setting title=concept-appcache-manifest-setting>setting</a>,
+ and then zero or more U+0020 SPACE and U+0009 CHARACTER TABULATION (tab) characters.</p>
<p>Currently only one <dfn id=concept-appcache-manifest-setting title=concept-appcache-manifest-setting>setting</dfn> is
defined:</p>
<dl><dt>The cache mode setting</dt>
- <dd>This consists of the string "<code title="">prefer-online</code>". It sets the <a href=#concept-appcache-mode title=concept-appcache-mode>cache mode</a> to <a href=#concept-appcache-mode-prefer-online title=concept-appcache-mode-prefer-online>prefer-online</a>.
- (The <a href=#concept-appcache-mode title=concept-appcache-mode>cache mode</a>
- defaults to <a href=#concept-appcache-mode-fast title=concept-appcache-mode-fast>fast</a>.)</dd>
+ <dd>This consists of the string "<code title="">prefer-online</code>". It sets the <a href=#concept-appcache-mode title=concept-appcache-mode>cache mode</a> to <a href=#concept-appcache-mode-prefer-online title=concept-appcache-mode-prefer-online>prefer-online</a>. (The <a href=#concept-appcache-mode title=concept-appcache-mode>cache mode</a> defaults to <a href=#concept-appcache-mode-fast title=concept-appcache-mode-fast>fast</a>.)</dd>
- </dl><p>Within a <a href=#concept-appcache-manifest-settings title=concept-appcache-manifest-settings>settings
- section</a>, each <a href=#concept-appcache-manifest-setting title=concept-appcache-manifest-setting>setting</a> must
- occur no more than once.</p>
+ </dl><p>Within a <a href=#concept-appcache-manifest-settings title=concept-appcache-manifest-settings>settings section</a>, each <a href=#concept-appcache-manifest-setting title=concept-appcache-manifest-setting>setting</a> must occur no more than once.</p>
<!--
- <p class="note">The URLs in data lines can't be empty strings,
- since those would be relative URLs to the manifest itself. Such
- lines would be confused with blank or invalid lines, anyway.</p>
+ <p class="note">The URLs in data lines can't be empty strings, since those would be relative
+ URLs to the manifest itself. Such lines would be confused with blank or invalid lines,
+ anyway.</p>
-->
- </dl><p>Manifests may contain sections more than once. Sections may be
- empty.</p>
+ </dl><p>Manifests may contain sections more than once. Sections may be empty.</p>
- <p>URLs that are to be fallback pages associated with <a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>fallback namespaces</a>, and
- those namespaces themselves, must be given in <a href=#concept-appcache-manifest-fallback title=concept-appcache-manifest-fallback>fallback sections</a>,
- with the namespace being the first URL of the data line, and the
- corresponding fallback page being the second URL. All the other
- pages to be cached must be listed in <a href=#concept-appcache-manifest-explicit title=concept-appcache-manifest-explicit>explicit
- sections</a>.</p>
+ <p>URLs that are to be fallback pages associated with <a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>fallback namespaces</a>, and those namespaces themselves,
+ must be given in <a href=#concept-appcache-manifest-fallback title=concept-appcache-manifest-fallback>fallback sections</a>, with
+ the namespace being the first URL of the data line, and the corresponding fallback page being the
+ second URL. All the other pages to be cached must be listed in <a href=#concept-appcache-manifest-explicit title=concept-appcache-manifest-explicit>explicit sections</a>.</p>
- <p><a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>Fallback
- namespaces</a> and <a href=#concept-appcache-fallback title=concept-appcache-fallback>fallback entries</a> must have
- the <a href=#same-origin>same origin</a> as the manifest itself.</p>
+ <p><a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>Fallback namespaces</a> and <a href=#concept-appcache-fallback title=concept-appcache-fallback>fallback entries</a> must have the <a href=#same-origin>same origin</a>
+ as the manifest itself.</p>
- <p>A <a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>fallback
- namespace</a> must not be listed more than once.</p>
+ <p>A <a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>fallback namespace</a> must not be listed more
+ than once.</p>
- <p>Namespaces that the user agent is to put into the <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online whitelist</a>
- must all be specified in <a href=#concept-appcache-manifest-network title=concept-appcache-manifest-network>online whitelist
- sections</a>. (This is needed for any URL that the page is
- intending to use to communicate back to the server.) To specify that
- all URLs are automatically whitelisted in this way, a U+002A
- ASTERISK character (*) may be specified as one of the URLs. <!--
- concept-appcache-onlinewhitelist-wildcard --></p>
+ <p>Namespaces that the user agent is to put into the <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online whitelist</a> must all be specified in <a href=#concept-appcache-manifest-network title=concept-appcache-manifest-network>online whitelist sections</a>. (This is needed for
+ any URL that the page is intending to use to communicate back to the server.) To specify that all
+ URLs are automatically whitelisted in this way, a U+002A ASTERISK character (*) may be specified
+ as one of the URLs. <!-- concept-appcache-onlinewhitelist-wildcard --></p>
- <p>Authors should not include namespaces in the <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online whitelist</a> for
- which another namespace in the <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online whitelist</a> is
- a <a href=#prefix-match>prefix match</a>.</p>
+ <p>Authors should not include namespaces in the <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online whitelist</a> for which another namespace in
+ the <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online whitelist</a> is a <a href=#prefix-match>prefix
+ match</a>.</p>
<p><a href=#relative-url title="relative URL">Relative URLs</a> must be given relative to the manifest's own
- URL. All URLs in the manifest must have the same <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> as the manifest itself
- (either explicitly or implicitly, through the use of <a href=#relative-url title="relative url">relative
- URLs</a>). <a href=#refsURL>[URL]</a></p>
+ URL. All URLs in the manifest must have the same <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> as
+ the manifest itself (either explicitly or implicitly, through the use of <a href=#relative-url title="relative
+ url">relative URLs</a>). <a href=#refsURL>[URL]</a></p>
- <p>URLs in manifests must not have fragment identifiers (i.e. the
- U+0023 NUMBER SIGN character isn't allowed in URLs in
- manifests).</p>
+ <p>URLs in manifests must not have fragment identifiers (i.e. the U+0023 NUMBER SIGN character
+ isn't allowed in URLs in manifests).</p>
- <p><a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>Fallback
- namespaces</a> and namespaces in the <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online whitelist</a> are
- matched by <a href=#prefix-match>prefix match</a>.</p>
+ <p><a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>Fallback namespaces</a> and namespaces in the
+ <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online whitelist</a> are matched by <a href=#prefix-match>prefix
+ match</a>.</p>
-<!--CLEANUP-->
<div class=impl>
<h5 id=parsing-cache-manifests><span class=secno>6.7.3.3 </span>Parsing cache manifests</h5>
- <p>When a user agent is to <dfn id=parse-a-manifest>parse a manifest</dfn>, it means
- that the user agent must run the following steps:</p>
+ <p>When a user agent is to <dfn id=parse-a-manifest>parse a manifest</dfn>, it means that the user agent must run the
+ following steps:</p>
- <ol><li><p>Decode the byte stream corresponding
- with the manifest to be parsed <a href=#decoded-as-utf-8,-with-error-handling title="decoded as UTF-8, with
- error handling">as UTF-8, with error handling</a>. <!--All
- U+0000 NULL characters must be replaced by U+FFFD REPLACEMENT
- CHARACTERs. (this isn't black-box testable since neither U+0000 nor
- U+FFFD are valid anywhere in the syntax and thus both will be
- treated the same anyway)--></li>
+ <ol><li><p>Decode the byte stream corresponding with the manifest to be parsed <a href=#decoded-as-utf-8,-with-error-handling title="decoded
+ as UTF-8, with error handling">as UTF-8, with error handling</a>. <!--All U+0000 NULL
+ characters must be replaced by U+FFFD REPLACEMENT CHARACTERs. (this isn't black-box testable
+ since neither U+0000 nor U+FFFD are valid anywhere in the syntax and thus both will be treated
+ the same anyway)--></li>
- <li><p>Let <var title="">base URL</var> be the <a href=#absolute-url>absolute
- URL</a> representing the manifest.</li>
+ <li><p>Let <var title="">base URL</var> be the <a href=#absolute-url>absolute URL</a> representing the
+ manifest.</li>
<li><p>Apply the <a href=#url-parser>URL parser</a> steps to the <var title="">base URL</var>, so that the
components from its <a href=#parsed-url>parsed URL</a> can be used by the subseqent steps of this
algorithm.</li>
- <li><p>Let <var title="">explicit URLs</var> be an initially empty
- list of <a href=#absolute-url title="absolute URL">absolute URLs</a> for <a href=#concept-appcache-explicit title=concept-appcache-explicit>explicit entries</a>.</li>
+ <li><p>Let <var title="">explicit URLs</var> be an initially empty list of <a href=#absolute-url title="absolute
+ URL">absolute URLs</a> for <a href=#concept-appcache-explicit title=concept-appcache-explicit>explicit
+ entries</a>.</li>
- <li><p>Let <var title="">fallback URLs</var> be an initially empty
- mapping of <a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>fallback
- namespaces</a> to <a href=#absolute-url title="absolute URL">absolute
- URLs</a> for <a href=#concept-appcache-fallback title=concept-appcache-fallback>fallback
+ <li><p>Let <var title="">fallback URLs</var> be an initially empty mapping of <a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>fallback namespaces</a> to <a href=#absolute-url title="absolute
+ URL">absolute URLs</a> for <a href=#concept-appcache-fallback title=concept-appcache-fallback>fallback
entries</a>.</li>
- <li><p>Let <var title="">online whitelist namespaces</var> be an
- initially empty list of <a href=#absolute-url title="absolute URL">absolute
- URLs</a> for an <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online
- whitelist</a>.</li>
+ <li><p>Let <var title="">online whitelist namespaces</var> be an initially empty list of <a href=#absolute-url title="absolute URL">absolute URLs</a> for an <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online whitelist</a>.</li>
<li><p>Let <var title="">online whitelist wildcard flag</var> be <i title="">blocking</i>. <!--
concept-appcache-onlinewhitelist-wildcard --></li>
- <li><p>Let <var title="">cache mode flag</var> be <i title="">fast</i>. <!-- concept-appcache-mode-fast --></li>
+ <li><p>Let <var title="">cache mode flag</var> be <i title="">fast</i>. <!--
+ concept-appcache-mode-fast --></li>
- <li><p>Let <var title="">input</var> be the decoded text of the
- manifest's byte stream.</li>
+ <li><p>Let <var title="">input</var> be the decoded text of the manifest's byte stream.</li>
- <li><p>Let <var title="">position</var> be a pointer into <var title="">input</var>, initially pointing at the first
- character.</li>
+ <li><p>Let <var title="">position</var> be a pointer into <var title="">input</var>, initially
+ pointing at the first character.</li>
- <li><p>If <var title="">position</var> is pointing at a U+FEFF BYTE
- ORDER MARK (BOM) character, then advance <var title="">position</var> to the next character.</li>
+ <li><p>If <var title="">position</var> is pointing at a U+FEFF BYTE ORDER MARK (BOM) character,
+ then advance <var title="">position</var> to the next character.</li>
- <li><p>If the characters starting from <var title="">position</var>
- are "CACHE", followed by a U+0020 SPACE character, followed by
- "MANIFEST", then advance <var title="">position</var> to the next
- character after those. Otherwise, this isn't a cache manifest;
- abort this algorithm with a failure while checking for the magic
- signature.</li>
+ <li><p>If the characters starting from <var title="">position</var> are "CACHE", followed by a
+ U+0020 SPACE character, followed by "MANIFEST", then advance <var title="">position</var> to the
+ next character after those. Otherwise, this isn't a cache manifest; abort this algorithm with a
+ failure while checking for the magic signature.</li>
- <li><p>If the character at <var title="">position</var> is neither
- a U+0020 SPACE character, a U+0009 CHARACTER TABULATION (tab)
- character, U+000A LINE FEED (LF) character, nor a U+000D CARRIAGE
- RETURN (CR) character, then this isn't a cache manifest; abort this
- algorithm with a failure while checking for the magic
- signature.</li>
+ <li><p>If the character at <var title="">position</var> is neither a U+0020 SPACE character, a
+ U+0009 CHARACTER TABULATION (tab) character, U+000A LINE FEED (LF) character, nor a U+000D
+ CARRIAGE RETURN (CR) character, then this isn't a cache manifest; abort this algorithm with a
+ failure while checking for the magic signature.</li>
<li><p>This is a cache manifest. The algorithm cannot fail beyond
this point (though bogus lines can get ignored).</li>
- <li><p><a href=#collect-a-sequence-of-characters>Collect a sequence of characters</a> that are
- <em>not</em> U+000A LINE FEED (LF) or U+000D CARRIAGE RETURN (CR)
- characters, and ignore those characters. (Extra text on the first
+ <li><p><a href=#collect-a-sequence-of-characters>Collect a sequence of characters</a> that are <em>not</em> U+000A LINE FEED (LF)
+ or U+000D CARRIAGE RETURN (CR) characters, and ignore those characters. (Extra text on the first
line, after the signature, is ignored.)</li>
<li><p>Let <var title="">mode</var> be "explicit".</li>
- <li><p><i>Start of line</i>: If <var title="">position</var> is
- past the end of <var title="">input</var>, then jump to the last
- step. Otherwise, <a href=#collect-a-sequence-of-characters>collect a sequence of characters</a> that
- are U+000A LINE FEED (LF), U+000D CARRIAGE RETURN (CR), U+0020
- SPACE, or U+0009 CHARACTER TABULATION (tab) characters.</li>
+ <li><p><i>Start of line</i>: If <var title="">position</var> is past the end of <var title="">input</var>, then jump to the last step. Otherwise, <a href=#collect-a-sequence-of-characters>collect a sequence of
+ characters</a> that are U+000A LINE FEED (LF), U+000D CARRIAGE RETURN (CR), U+0020 SPACE, or
+ U+0009 CHARACTER TABULATION (tab) characters.</li>
<!-- strips leading spaces, ignores space-only lines, ignores blank lines -->
- <li><p>Now, <a href=#collect-a-sequence-of-characters>collect a sequence of characters</a> that are
- <em>not</em> U+000A LINE FEED (LF) or U+000D CARRIAGE RETURN (CR)
- characters, and let the result be <var title="">line</var>.</li>
+ <li><p>Now, <a href=#collect-a-sequence-of-characters>collect a sequence of characters</a> that are <em>not</em> U+000A LINE FEED
+ (LF) or U+000D CARRIAGE RETURN (CR) characters, and let the result be <var title="">line</var>.</li>
- <li><p>Drop any trailing U+0020 SPACE and U+0009 CHARACTER
- TABULATION (tab) characters at the end of <var title="">line</var>.</li>
+ <li><p>Drop any trailing U+0020 SPACE and U+0009 CHARACTER TABULATION (tab) characters at the end
+ of <var title="">line</var>.</li>
- <li><p>If <var title="">line</var> is the empty string, then jump
- back to the step labeled "start of line".</li>
+ <li><p>If <var title="">line</var> is the empty string, then jump back to the step labeled "start
+ of line".</li>
- <li><p>If the first character in <var title="">line</var> is a
- U+0023 NUMBER SIGN character (#), then jump back to the step
- labeled "start of line".</li>
+ <li><p>If the first character in <var title="">line</var> is a U+0023 NUMBER SIGN character (#),
+ then jump back to the step labeled "start of line".</li>
- <li><p>If <var title="">line</var> equals "CACHE:" (the word
- "CACHE" followed by a U+003A COLON character (:)), then set <var title="">mode</var> to "explicit" and jump back to the step
- labeled "start of line".</li>
+ <li><p>If <var title="">line</var> equals "CACHE:" (the word "CACHE" followed by a U+003A COLON
+ character (:)), then set <var title="">mode</var> to "explicit" and jump back to the step labeled
+ "start of line".</li>
- <li><p>If <var title="">line</var> equals "FALLBACK:" (the word
- "FALLBACK" followed by a U+003A COLON character (:)), then set <var title="">mode</var> to "fallback" and jump back to the step
+ <li><p>If <var title="">line</var> equals "FALLBACK:" (the word "FALLBACK" followed by a U+003A
+ COLON character (:)), then set <var title="">mode</var> to "fallback" and jump back to the step
labeled "start of line".</li>
- <li><p>If <var title="">line</var> equals "NETWORK:" (the word
- "NETWORK" followed by a U+003A COLON character (:)), then set <var title="">mode</var> to "online whitelist" and jump back to the step
+ <li><p>If <var title="">line</var> equals "NETWORK:" (the word "NETWORK" followed by a U+003A
+ COLON character (:)), then set <var title="">mode</var> to "online whitelist" and jump back to
+ the step labeled "start of line".</li>
+
+ <li><p>If <var title="">line</var> equals "SETTINGS:" (the word "SETTINGS" followed by a U+003A
+ COLON character (:)), then set <var title="">mode</var> to "settings" and jump back to the step
labeled "start of line".</li>
- <li><p>If <var title="">line</var> equals "SETTINGS:" (the word
- "SETTINGS" followed by a U+003A COLON character (:)), then set <var title="">mode</var> to "settings" and jump back to the step labeled
- "start of line".</li>
+ <li><p>If <var title="">line</var> ends with a U+003A COLON character (:), then set <var title="">mode</var> to "unknown" and jump back to the step labeled "start of line".</li>
- <li><p>If <var title="">line</var> ends with a U+003A COLON
- character (:), then set <var title="">mode</var> to "unknown" and
- jump back to the step labeled "start of line".</li>
+ <li><p>This is either a data line or it is syntactically incorrect.</li>
- <li><p>This is either a data line or it is syntactically
- incorrect.</li>
+ <li><p>Let <var title="">position</var> be a pointer into <var title="">line</var>, initially
+ pointing at the start of the string.</li>
- <li><p>Let <var title="">position</var> be a pointer into <var title="">line</var>, initially pointing at the start of the
- string.</li>
+ <li><p>Let <var title="">tokens</var> be a list of strings, initially empty.</li>
- <li><p>Let <var title="">tokens</var> be a list of strings,
- initially empty.</li>
-
<li>
- <p>While <var title="">position</var> doesn't point past the end
- of <var title="">line</var>:</p>
+ <p>While <var title="">position</var> doesn't point past the end of <var title="">line</var>:</p>
- <ol><li><p>Let <var title="">current token</var> be an empty
- string.</li>
+ <ol><li><p>Let <var title="">current token</var> be an empty string.</li>
- <li><p>While <var title="">position</var> doesn't point past the
- end of <var title="">line</var> and the character at <var title="">position</var> is neither a U+0020 SPACE nor a U+0009
- CHARACTER TABULATION (tab) character, add the character at <var title="">position</var> to <var title="">current token</var> and
- advance <var title="">position</var> to the next character in
- <var title="">input</var>.</li>
+ <li><p>While <var title="">position</var> doesn't point past the end of <var title="">line</var> and the character at <var title="">position</var> is neither a U+0020 SPACE
+ nor a U+0009 CHARACTER TABULATION (tab) character, add the character at <var title="">position</var> to <var title="">current token</var> and advance <var title="">position</var> to the next character in <var title="">input</var>.</li>
<li><p>Add <var title="">current token</var> to the <var title="">tokens</var> list.</li>
- <li><p>While <var title="">position</var> doesn't point past the
- end of <var title="">line</var> and the character at <var title="">position</var> is either a U+0020 SPACE or a U+0009
- CHARACTER TABULATION (tab) character, advance <var title="">position</var> to the next character in <var title="">input</var>.</li>
+ <li><p>While <var title="">position</var> doesn't point past the end of <var title="">line</var> and the character at <var title="">position</var> is either a U+0020 SPACE
+ or a U+0009 CHARACTER TABULATION (tab) character, advance <var title="">position</var> to the
+ next character in <var title="">input</var>.</li>
</ol></li>
@@ -69371,20 +69180,17 @@
<dd>
- <p><a href=#resolve-a-url title="resolve a url">Resolve</a> the first item in
- <var title="">tokens</var>, relative to <var title="">base
- URL</var>; ignore the rest.</p>
+ <p><a href=#resolve-a-url title="resolve a url">Resolve</a> the first item in <var title="">tokens</var>,
+ relative to <var title="">base URL</var>; ignore the rest.</p>
- <p>If this fails, then jump back to the step labeled "start of
- line".</p>
+ <p>If this fails, then jump back to the step labeled "start of line".</p>
- <p>If the resulting <a href=#parsed-url>parsed URL</a> has a different
- <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> component than
- <var title="">base URL</var> (the manifest's URL), then jump back to the step
- labeled "start of line".</p>
+ <p>If the resulting <a href=#parsed-url>parsed URL</a> has a different <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> component than <var title="">base URL</var> (the
+ manifest's URL), then jump back to the step labeled "start of line".</p>
<p>Let <var title="">new URL</var> be the result of applying the <a href=#url-serializer>URL serializer</a>
- algorithm to the resulting <a href=#parsed-url>parsed URL</a>, with the <i>exclude fragment flag</i> set.</p>
+ algorithm to the resulting <a href=#parsed-url>parsed URL</a>, with the <i>exclude fragment flag</i>
+ set.</p>
<p>Add <var title="">new URL</var> to the <var title="">explicit URLs</var>.</p>
@@ -69394,19 +69200,16 @@
<dd>
- <p>Let <var title="">part one</var> be the first token in <var title="">tokens</var>, and let <var title="">part two</var> be
- the second token in <var title="">tokens</var>.</p>
+ <p>Let <var title="">part one</var> be the first token in <var title="">tokens</var>, and let
+ <var title="">part two</var> be the second token in <var title="">tokens</var>.</p>
- <p><a href=#resolve-a-url title="resolve a url">Resolve</a> <var title="">part
- one</var> and <var title="">part two</var>, relative to <var title="">base URL</var>.</p>
+ <p><a href=#resolve-a-url title="resolve a url">Resolve</a> <var title="">part one</var> and <var title="">part two</var>, relative to <var title="">base URL</var>.</p>
- <p>If either fails, then jump back to the step labeled "start of
- line".</p>
+ <p>If either fails, then jump back to the step labeled "start of line".</p>
- <p>If the <a href=#absolute-url>absolute URL</a> corresponding to either <var title="">part one</var> or <var title="">part two</var> does not
- have the <a href=#same-origin>same origin</a> as the manifest's URL, then
- jump back to the step labeled "start of line".</p> <!-- SECURITY
- -->
+ <p>If the <a href=#absolute-url>absolute URL</a> corresponding to either <var title="">part one</var> or
+ <var title="">part two</var> does not have the <a href=#same-origin>same origin</a> as the manifest's URL,
+ then jump back to the step labeled "start of line".</p> <!-- SECURITY -->
<p>Let <var title="">part one</var> be the result of applying the <a href=#url-serializer>URL serializer</a>
algorithm to the first resulting <a href=#parsed-url>parsed URL</a>, with the <i>exclude fragment
@@ -69416,14 +69219,14 @@
algorithm to the second resulting <a href=#parsed-url>parsed URL</a>, with the <i>exclude fragment
flag</i> set.</p>
- <p>If <var title="">part one</var> is already in the <var title="">fallback
- URLs</var> mapping as a <a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>fallback namespace</a>,
- then jump back to the step labeled "start of line".</p>
+ <p>If <var title="">part one</var> is already in the <var title="">fallback URLs</var> mapping
+ as a <a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>fallback namespace</a>, then jump back to
+ the step labeled "start of line".</p>
- <p>Otherwise, add
- <var title="">part one</var> to the <var title="">fallback
- URLs</var> mapping as a <a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>fallback namespace</a>,
- mapped to <var title="">part two</var> as the <a href=#concept-appcache-fallback title=concept-appcache-fallback>fallback entry</a>.</p>
+ <p>Otherwise, add <var title="">part one</var> to the <var title="">fallback URLs</var>
+ mapping as a <a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>fallback namespace</a>, mapped to
+ <var title="">part two</var> as the <a href=#concept-appcache-fallback title=concept-appcache-fallback>fallback
+ entry</a>.</p>
</dd>
@@ -69431,24 +69234,20 @@
<dd>
- <p>If the first item in <var title="">tokens</var> is a U+002A
- ASTERISK character (*), then set <var title="">online whitelist
- wildcard flag</var> to <i title="">open</i> and jump back to the
- step labeled "start of line".</p>
+ <p>If the first item in <var title="">tokens</var> is a U+002A ASTERISK character (*), then
+ set <var title="">online whitelist wildcard flag</var> to <i title="">open</i> and jump back
+ to the step labeled "start of line".</p>
- <p>Otherwise, <a href=#resolve-a-url title="resolve a url">resolve</a> the
- first item in <var title="">tokens</var>, relative to <var title="">base URL</var>; ignore the rest.</p>
+ <p>Otherwise, <a href=#resolve-a-url title="resolve a url">resolve</a> the first item in <var title="">tokens</var>, relative to <var title="">base URL</var>; ignore the rest.</p>
- <p>If this fails, then jump back to the step labeled "start of
- line".</p>
+ <p>If this fails, then jump back to the step labeled "start of line".</p>
- <p>If the resulting <a href=#parsed-url>parsed URL</a> has a different
- <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> component than
- <var title="">base URL</var> (the manifest's URL), then jump back to the step
- labeled "start of line".</p>
+ <p>If the resulting <a href=#parsed-url>parsed URL</a> has a different <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> component than <var title="">base URL</var> (the
+ manifest's URL), then jump back to the step labeled "start of line".</p>
<p>Let <var title="">new URL</var> be the result of applying the <a href=#url-serializer>URL serializer</a>
- algorithm to the resulting <a href=#parsed-url>parsed URL</a>, with the <i>exclude fragment flag</i> set.</p>
+ algorithm to the resulting <a href=#parsed-url>parsed URL</a>, with the <i>exclude fragment flag</i>
+ set.</p>
<p>Add <var title="">new URL</var> to the <var title="">online whitelist namespaces</var>.</p>
@@ -69458,13 +69257,12 @@
<dd>
- <p>If <var title="">tokens</var> contains a single token, and
- that token is a <a href=#case-sensitive>case-sensitive</a> match for the string
- "<code title="">prefer-online</code>", then set <var title="">cache mode flag</var> to <i title="">prefer-online</i>
- and jump back to the step labeled "start of line".</p>
+ <p>If <var title="">tokens</var> contains a single token, and that token is a
+ <a href=#case-sensitive>case-sensitive</a> match for the string "<code title="">prefer-online</code>", then
+ set <var title="">cache mode flag</var> to <i title="">prefer-online</i> and jump back to the
+ step labeled "start of line".</p>
- <p>Otherwise, the line is an unsupported setting: do nothing;
- the line is ignored.</p>
+ <p>Otherwise, the line is an unsupported setting: do nothing; the line is ignored.</p>
</dd>
@@ -69478,41 +69276,27 @@
</dl></li>
- <li><p>Jump back to the step labeled "start of line". (That step
- jumps to the next, and last, step when the end of the file is
- reached.)</li>
+ <li><p>Jump back to the step labeled "start of line". (That step jumps to the next, and last,
+ step when the end of the file is reached.)</li>
- <li><p>Return the <var title="">explicit URLs</var> list, the <var title="">fallback URLs</var> mapping, the <var title="">online
- whitelist namespaces</var>, the <var title="">online whitelist
- wildcard flag</var>, and the <var title="">cache mode
- flag</var>.</li>
+ <li><p>Return the <var title="">explicit URLs</var> list, the <var title="">fallback URLs</var>
+ mapping, the <var title="">online whitelist namespaces</var>, the <var title="">online whitelist
+ wildcard flag</var>, and the <var title="">cache mode flag</var>.</li>
</ol><div class=note>
- <p>The resource that declares the manifest (with the <code title=attr-html-manifest><a href=#attr-html-manifest>manifest</a></code> attribute) will always
- get taken from the cache, whether it is listed in the cache or not,
- even if it is listed in an <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online whitelist
- namespace</a>.</p>
+ <p>The resource that declares the manifest (with the <code title=attr-html-manifest><a href=#attr-html-manifest>manifest</a></code> attribute) will always get taken from the cache,
+ whether it is listed in the cache or not, even if it is listed in an <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online whitelist namespace</a>.</p>
- <p>If a resource is listed in the <a href=#concept-appcache-manifest-explicit title=concept-appcache-manifest-explicit>explicit section</a>
- or as a <a href=#concept-appcache-fallback title=concept-appcache-fallback>fallback
- entry</a> in the <a href=#concept-appcache-manifest-fallback title=concept-appcache-manifest-fallback>fallback section</a>,
- the resource will always be taken from the cache, regardless of any
- other matching entries in the <a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>fallback namespaces</a> or
- <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online whitelist
- namespaces</a>.</p>
+ <p>If a resource is listed in the <a href=#concept-appcache-manifest-explicit title=concept-appcache-manifest-explicit>explicit
+ section</a> or as a <a href=#concept-appcache-fallback title=concept-appcache-fallback>fallback entry</a> in the <a href=#concept-appcache-manifest-fallback title=concept-appcache-manifest-fallback>fallback section</a>, the resource will always be
+ taken from the cache, regardless of any other matching entries in the <a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>fallback namespaces</a> or <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online whitelist namespaces</a>.</p>
- <p>When a <a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>fallback
- namespace</a> and an <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online whitelist
- namespace</a> overlap, the <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online whitelist
- namespace</a> has priority.</p>
+ <p>When a <a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>fallback namespace</a> and an <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online whitelist namespace</a> overlap, the <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online whitelist namespace</a> has priority.</p>
- <p>The <a href=#concept-appcache-onlinewhitelist-wildcard title=concept-appcache-onlinewhitelist-wildcard>online whitelist
- wildcard flag</a> is applied last, only for URLs that match
- neither the <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online
- whitelist namespace</a> nor the <a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>fallback namespace</a> and
- that are not listed in the <a href=#concept-appcache-manifest-explicit title=concept-appcache-manifest-explicit>explicit
- section</a>.</p>
+ <p>The <a href=#concept-appcache-onlinewhitelist-wildcard title=concept-appcache-onlinewhitelist-wildcard>online whitelist wildcard
+ flag</a> is applied last, only for URLs that match neither the <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online whitelist namespace</a> nor the <a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>fallback namespace</a> and that are not listed in the
+ <a href=#concept-appcache-manifest-explicit title=concept-appcache-manifest-explicit>explicit section</a>.</p>
</div>
@@ -69735,12 +69519,14 @@
<a href=#shows-caching-progress>shows caching progress</a>, the display of some sort of user interface indicating to
the user that the user agent failed to save the application for offline use.</p>
-<!--CLEANUP-->
<p>Otherwise, associate the <code><a href=#document>Document</a></code> for this entry with <var title="">cache</var>; store the resource for this entry in <var title="">cache</var>, if it
- isn't already there, and categorize its entry as a <a href=#concept-appcache-master title=concept-appcache-master>master entry</a>. If applying the <a href=#url-parser>URL parser</a> algorithm to the resource's <a href=#url>URL</a> results in a <a href=#parsed-url>parsed URL</a> that has a non-null
- <a href=#concept-url-fragment title=concept-url-fragment>fragment</a> component, the <a href=#url>URL</a> used for the
- entry in <var title="">cache</var> must instead be the <a href=#absolute-url>absolute URL</a> obtained from applying the <a href=#url-serializer>URL serializer</a> algorith, to the <a href=#parsed-url>parsed URL</a> with the <i>exclude fragment flag</i> set (application caches never include fragment
- identifiers).</p>
+ isn't already there, and categorize its entry as a <a href=#concept-appcache-master title=concept-appcache-master>master entry</a>. If applying the <a href=#url-parser>URL parser</a>
+ algorithm to the resource's <a href=#url>URL</a> results in a <a href=#parsed-url>parsed URL</a> that has a
+ non-null <a href=#concept-url-fragment title=concept-url-fragment>fragment</a> component, the <a href=#url>URL</a>
+ used for the entry in <var title="">cache</var> must instead be the <a href=#absolute-url>absolute URL</a>
+ obtained from applying the <a href=#url-serializer>URL serializer</a> algorith, to the <a href=#parsed-url>parsed
+ URL</a> with the <i>exclude fragment flag</i> set (application caches never include
+ fragment identifiers).</p>
</li>
@@ -70760,7 +70546,6 @@
</div>
-<!--CLEANUP-->
<div class=impl>
@@ -70769,15 +70554,15 @@
<h5 id=definitions-0><span class=secno>7.1.3.1 </span>Definitions</h5>
- <p>This specification describes three kinds of <a href=#javascript-global-environment title="JavaScript global environment">JavaScript global
- environments</a>: the <dfn id=document-environment>document environment</dfn>, the
- <dfn id=dedicated-worker-environment>dedicated worker environment</dfn>, and the <dfn id=shared-worker-environment>shared worker
- environment</dfn>. The <a href=#dedicated-worker-environment>dedicated worker environment</a> and
- the <a href=#shared-worker-environment>shared worker environment</a> are both types of <dfn id=worker-environment title="worker environment">worker environments</dfn>.</p>
+ <p>This specification describes three kinds of <a href=#javascript-global-environment title="JavaScript global
+ environment">JavaScript global environments</a>: the <dfn id=document-environment>document environment</dfn>, the
+ <dfn id=dedicated-worker-environment>dedicated worker environment</dfn>, and the <dfn id=shared-worker-environment>shared worker environment</dfn>. The
+ <a href=#dedicated-worker-environment>dedicated worker environment</a> and the <a href=#shared-worker-environment>shared worker environment</a> are both
+ types of <dfn id=worker-environment title="worker environment">worker environments</dfn>.</p>
- <p>Except where otherwise specified, a <a href=#javascript-global-environment>JavaScript global
- environment</a> is a <a href=#document-environment>document environment</a>.</p> <!--
- note that we never actually say where one of these is created... -->
+ <p>Except where otherwise specified, a <a href=#javascript-global-environment>JavaScript global environment</a> is a
+ <a href=#document-environment>document environment</a>.</p> <!-- note that we never actually say where one of these is
+ created... -->
<hr><p>A <dfn id=concept-script title=concept-script>script</dfn> has:</p>
@@ -70785,13 +70570,12 @@
<dd>
- <p>The characteristics of the script execution environment depend
- on the language, and are not defined by this specification.</p>
+ <p>The characteristics of the script execution environment depend on the language, and are not
+ defined by this specification.</p>
- <p class=example>In JavaScript, the script execution environment
- consists of the interpreter, the stack of <i>execution
- contexts</i>, the <i>global code</i> and <i>function code</i> and
- the <code>Function</code> objects resulting, and so forth.</p>
+ <p class=example>In JavaScript, the script execution environment consists of the interpreter,
+ the stack of <i>execution contexts</i>, the <i>global code</i> and <i>function code</i> and the
+ <code>Function</code> objects resulting, and so forth.</p>
</dd>
@@ -70799,21 +70583,18 @@
<dd>
- <p>Each code entry-point represents a block of executable code
- that the script exposes to other scripts and to the user
- agent.</p>
+ <p>Each code entry-point represents a block of executable code that the script exposes to other
+ scripts and to the user agent.</p>
- <p class=example>Each <code>Function</code> object in a
- JavaScript <a href=#script-execution-environment>script execution environment</a> has a
- corresponding code entry-point, for instance.</p>
+ <p class=example>Each <code>Function</code> object in a JavaScript <a href=#script-execution-environment>script execution
+ environment</a> has a corresponding code entry-point, for instance.</p>
- <p>The main program code of the script, if any, is the
- <dfn id=initial-code-entry-point><i>initial code entry-point</i></dfn>. Typically, the code
- corresponding to this entry-point is executed immediately after
- the script is parsed.</p>
+ <p>The main program code of the script, if any, is the <dfn id=initial-code-entry-point><i>initial code
+ entry-point</i></dfn>. Typically, the code corresponding to this entry-point is executed
+ immediately after the script is parsed.</p>
- <p class=example>In JavaScript, this corresponds to the
- execution context of the global code.</p>
+ <p class=example>In JavaScript, this corresponds to the execution context of the global
+ code.</p>
</dd>
@@ -70823,28 +70604,20 @@
<p>An object that provides the APIs that the code can use.</p>
- <p class=example>This is typically a <code><a href=#window>Window</a></code>
- object. In JavaScript, this corresponds to the <i>global
- object</i>.</p>
+ <p class=example>This is typically a <code><a href=#window>Window</a></code> object. In JavaScript, this
+ corresponds to the <i>global object</i>.</p>
- <p class=note>When a <a href="#script's-global-object">script's global object</a> is an
- empty object, it can't do anything that interacts with the
- environment.</p>
+ <p class=note>When a <a href="#script's-global-object">script's global object</a> is an empty object, it can't do
+ anything that interacts with the environment.</p>
- <p>If the <a href="#script's-global-object">script's global object</a> is a
- <code><a href=#window>Window</a></code> object, then in JavaScript, the ThisBinding of
- the global execution context for this script must be the
- <code><a href=#window>Window</a></code> object's <code><a href=#windowproxy>WindowProxy</a></code> object,
- rather than the global object. <a href=#refsECMA262>[ECMA262]</a></p>
+ <p>If the <a href="#script's-global-object">script's global object</a> is a <code><a href=#window>Window</a></code> object, then in
+ JavaScript, the ThisBinding of the global execution context for this script must be the
+ <code><a href=#window>Window</a></code> object's <code><a href=#windowproxy>WindowProxy</a></code> object, rather than the global object. <a href=#refsECMA262>[ECMA262]</a></p>
- <p class=note>This is a <a href=#willful-violation>willful violation</a> of the
- JavaScript specification current at the time of writing
- (ECMAScript edition 5, as defined in section 10.4.1.1 Initial
- Global Execution Context, step 3). The JavaScript specification
- requires that the <code title="">this</code> keyword in the global
- scope return the global object, but this is not compatible with
- the security design prevalent in implementations as specified
- herein. <a href=#refsECMA262>[ECMA262]</a></p>
+ <p class=note>This is a <a href=#willful-violation>willful violation</a> of the JavaScript specification current
+ at the time of writing (ECMAScript edition 5, as defined in section 10.4.1.1 Initial Global
+ Execution Context, step 3). The JavaScript specification requires that the <code title="">this</code> keyword in the global scope return the global object, but this is not
+ compatible with the security design prevalent in implementations as specified herein. <a href=#refsECMA262>[ECMA262]</a></p>
</dd>
@@ -70852,14 +70625,13 @@
<dd>
- <p>A <a href=#browsing-context>browsing context</a> that is assigned responsibility
- for actions taken by the script.</p>
+ <p>A <a href=#browsing-context>browsing context</a> that is assigned responsibility for actions taken by the
+ script.</p>
- <p class=example>When a script creates and <a href=#navigate title=navigate>navigates</a> a new <a href=#top-level-browsing-context>top-level browsing
- context</a>, the <code title=dom-opener><a href=#dom-opener>opener</a></code>
- attribute of the new <a href=#browsing-context>browsing context</a>'s
- <code><a href=#window>Window</a></code> object will be set to the <a href="#script's-browsing-context">script's
- browsing context</a>'s <code><a href=#windowproxy>WindowProxy</a></code> object.</p>
+ <p class=example>When a script creates and <a href=#navigate title=navigate>navigates</a> a new
+ <a href=#top-level-browsing-context>top-level browsing context</a>, the <code title=dom-opener><a href=#dom-opener>opener</a></code> attribute of
+ the new <a href=#browsing-context>browsing context</a>'s <code><a href=#window>Window</a></code> object will be set to the
+ <a href="#script's-browsing-context">script's browsing context</a>'s <code><a href=#windowproxy>WindowProxy</a></code> object.</p>
</dd>
@@ -70867,14 +70639,11 @@
<dd>
- <p>A <code><a href=#document>Document</a></code> that is assigned responsibility for
- actions taken by the script.</p>
+ <p>A <code><a href=#document>Document</a></code> that is assigned responsibility for actions taken by the script.</p>
- <p class=example>For example, the <a href="#the-document's-address" title="the document's
- address">address</a> of the <a href="#script's-document">script's document</a> is
- used to set the <a href="#the-document's-address" title="the document's
- address">address</a> of any <code><a href=#document>Document</a></code> elements
- created using <code title=dom-DOMImplementation-createDocument><a href=#dom-domimplementation-createdocument>createDocument()</a></code>.</p>
+ <p class=example>For example, the <a href="#the-document's-address" title="the document's address">address</a> of the
+ <a href="#script's-document">script's document</a> is used to set the <a href="#the-document's-address" title="the document's
+ address">address</a> of any <code><a href=#document>Document</a></code> elements created using <code title=dom-DOMImplementation-createDocument><a href=#dom-domimplementation-createdocument>createDocument()</a></code>.</p>
</dd>
@@ -70882,10 +70651,8 @@
<dd>
- <p>Either a <code><a href=#document>Document</a></code> (specifically, the
- <a href="#script's-document">script's document</a>), or a <a href=#url>URL</a>, which is
- used by some APIs to determine what value to use for the <code title=http-referer>Referer</code> (sic) header in calls to the
- <a href=#fetch title=fetch>fetching</a> algorithm.</p>
+ <p>Either a <code><a href=#document>Document</a></code> (specifically, the <a href="#script's-document">script's document</a>), or a
+ <a href=#url>URL</a>, which is used by some APIs to determine what value to use for the <code title=http-referer>Referer</code> (sic) header in calls to the <a href=#fetch title=fetch>fetching</a> algorithm.</p>
</dd>
@@ -70893,12 +70660,10 @@
<dd>
- <p>A character encoding, set when the script is created, used to
- encode URLs. <span id=sce-not-copy title="">If the character
- encoding is set from another source, e.g. a <a href="#document's-character-encoding">document's
- character encoding</a>, then the <a href="#script's-url-character-encoding">script's URL character
- encoding</a> must follow the source, so that if the source's
- changes, so does the script's.</span></p>
+ <p>A character encoding, set when the script is created, used to encode URLs. <span id=sce-not-copy title="">If the character encoding is set from another source, e.g. a
+ <a href="#document's-character-encoding">document's character encoding</a>, then the <a href="#script's-url-character-encoding">script's URL character
+ encoding</a> must follow the source, so that if the source's changes, so does the
+ script's.</span></p>
</dd>
@@ -70906,12 +70671,10 @@
<dd>
- <p>A <a href=#url>URL</a>, set when the script is created, used to
- resolve <a href=#relative-url title="relative url">relative URLs</a>. <span id=sbu-not-copy title="">If the
- base URL is set from another source, e.g. a <a href=#document-base-url>document base
- URL</a>, then the <a href="#script's-base-url">script's base URL</a> must follow
- the source, so that if the source's changes, so does the
- script's.</span></p>
+ <p>A <a href=#url>URL</a>, set when the script is created, used to resolve <a href=#relative-url title="relative
+ url">relative URLs</a>. <span id=sbu-not-copy title="">If the base URL is set from another
+ source, e.g. a <a href=#document-base-url>document base URL</a>, then the <a href="#script's-base-url">script's base URL</a> must
+ follow the source, so that if the source's changes, so does the script's.</span></p>
</dd>
@@ -73387,8 +73150,8 @@
</div>
-<!--CLEANUP-->
+
<h5 id=custom-handlers><span class=secno>7.5.1.3 </span>Custom scheme and content handlers</h5>
<pre class=idl>[NoInterfaceObject]
@@ -73402,20 +73165,16 @@
void <a href=#dom-navigator-unregistercontenthandler title=dom-navigator-unregisterContentHandler>unregisterContentHandler</a>(DOMString mimeType, DOMString url);
};</pre>
- <p>The <dfn id=dom-navigator-registerprotocolhandler title=dom-navigator-registerProtocolHandler><code>registerProtocolHandler()</code></dfn>
- method allows Web sites to register themselves as possible handlers
- for particular schemes. For example, an online telephone messaging
- service could register itself as a handler of the <code>sms:</code>
- scheme, so that if the user clicks on such a link, he is given the
- opportunity to use that Web site. Analogously, the <dfn id=dom-navigator-registercontenthandler title=dom-navigator-registerContentHandler><code>registerContentHandler()</code></dfn>
- method allows Web sites to register themselves as possible handlers
- for content in a particular <a href=#mime-type>MIME type</a>. For example, the
- same online telephone messaging service could register itself as a
- handler for <code>text/vcard</code> files, so that if the user has
- no native application capable of handling vCards, his Web browser
- can instead suggest he use that site to view contact information
- stored on vCards that he opens. <a href=#refsRFC5724>[RFC5724]</a>
- <a href=#refsRFC6350>RFC6350</a></p>
+ <p>The <dfn id=dom-navigator-registerprotocolhandler title=dom-navigator-registerProtocolHandler><code>registerProtocolHandler()</code></dfn> method
+ allows Web sites to register themselves as possible handlers for particular schemes. For example,
+ an online telephone messaging service could register itself as a handler of the <code>sms:</code>
+ scheme, so that if the user clicks on such a link, he is given the opportunity to use that Web
+ site. Analogously, the <dfn id=dom-navigator-registercontenthandler title=dom-navigator-registerContentHandler><code>registerContentHandler()</code></dfn> method
+ allows Web sites to register themselves as possible handlers for content in a particular
+ <a href=#mime-type>MIME type</a>. For example, the same online telephone messaging service could register
+ itself as a handler for <code>text/vcard</code> files, so that if the user has no native
+ application capable of handling vCards, his Web browser can instead suggest he use that site to
+ view contact information stored on vCards that he opens. <a href=#refsRFC5724>[RFC5724]</a> <a href=#refsRFC6350>RFC6350</a></p>
<dl class=domintro><dt><var title="">window</var> . <code title=dom-navigator><a href=#dom-navigator>navigator</a></code> . <code title=dom-navigator-registerProtocolHandler><a href=#dom-navigator-registerprotocolhandler>registerProtocolHandler</a></code>(<var title="">scheme</var>, <var title="">url</var>, <var title="">title</var>)</dt>
<dt><var title="">window</var> . <code title=dom-navigator><a href=#dom-navigator>navigator</a></code> . <code title=dom-navigator-registerContentHandler><a href=#dom-navigator-registercontenthandler>registerContentHandler</a></code>(<var title="">mimeType</var>, <var title="">url</var>, <var title="">title</var>)</dt>
@@ -73438,39 +73197,32 @@
</dl><div class=impl>
- <p>User agents may, within the constraints described in this
- section, do whatever they like when the methods are called. A UA
- could, for instance, prompt the user and offer the user the
- opportunity to add the site to a shortlist of handlers, or make the
- handlers his default, or cancel the request. UAs could provide such
- a UI through modal UI or through a non-modal transient notification
- interface. UAs could also simply silently collect the information,
- providing it only when relevant to the user.</p>
+ <p>User agents may, within the constraints described in this section, do whatever they like when
+ the methods are called. A UA could, for instance, prompt the user and offer the user the
+ opportunity to add the site to a shortlist of handlers, or make the handlers his default, or
+ cancel the request. UAs could provide such a UI through modal UI or through a non-modal transient
+ notification interface. UAs could also simply silently collect the information, providing it only
+ when relevant to the user.</p>
- <p>User agents should keep track of which sites have registered
- handlers (even if the user has declined such registrations) so that
- the user is not repeatedly prompted with the same request.</p>
+ <p>User agents should keep track of which sites have registered handlers (even if the user has
+ declined such registrations) so that the user is not repeatedly prompted with the same
+ request.</p>
- <p>The arguments to the methods have the following meanings and
- corresponding implementation requirements. The requirements that
- involve throwing exceptions must be processed in the order given
- below, stopping at the first exception thrown. (So the exceptions
- for the first argument take precedence over the exceptions for the
- second argument.)</p>
+ <p>The arguments to the methods have the following meanings and corresponding implementation
+ requirements. The requirements that involve throwing exceptions must be processed in the order
+ given below, stopping at the first exception thrown. (So the exceptions for the first argument
+ take precedence over the exceptions for the second argument.)</p>
<dl><dt><var title="">scheme</var> (<code title=dom-navigator-registerProtocolHandler><a href=#dom-navigator-registerprotocolhandler>registerProtocolHandler()</a></code> only)</dt>
<dd>
- <p>A scheme, such as <code>mailto</code> or <code>web+auth</code>.
- The scheme must be compared in an <a href=#ascii-case-insensitive>ASCII
- case-insensitive</a> manner by user agents for the purposes of
- comparing with the scheme part of URLs that they consider against
- the list of registered handlers.</p>
+ <p>A scheme, such as <code>mailto</code> or <code>web+auth</code>. The scheme must be compared
+ in an <a href=#ascii-case-insensitive>ASCII case-insensitive</a> manner by user agents for the purposes of comparing
+ with the scheme part of URLs that they consider against the list of registered handlers.</p>
- <p>The <var title="">scheme</var> value, if it contains a colon
- (as in "<code>mailto:</code>"), will never match anything, since
- schemes don't contain colons.</p>
+ <p>The <var title="">scheme</var> value, if it contains a colon (as in "<code>mailto:</code>"),
+ will never match anything, since schemes don't contain colons.</p>
<p>If the <code title=dom-navigator-registerProtocolHandler><a href=#dom-navigator-registerprotocolhandler>registerProtocolHandler()</a></code>
method is invoked with a scheme that is neither a <a href=#whitelisted-scheme>whitelisted scheme</a> nor a scheme
@@ -73479,8 +73231,7 @@
the "<code title="">web+</code>" prefix), the user agent must throw a <code><a href=#securityerror>SecurityError</a></code>
exception.</p>
- <p>The following schemes are the <dfn id=whitelisted-scheme title="whitelisted
- scheme">whitelisted schemes</dfn>:</p>
+ <p>The following schemes are the <dfn id=whitelisted-scheme title="whitelisted scheme">whitelisted schemes</dfn>:</p>
<ul class=brief><li><code title="">irc</code></li>
<li><code title="">geo</code></li>
@@ -73497,18 +73248,15 @@
<li><code title="">urn</code></li>
<li><code title="">webcal</code></li>
<li><code title="">xmpp</code></li>
- </ul><p class=note>This list can be changed. If there are schemes
- that should be added, please send feedback.</p>
+ </ul><p class=note>This list can be changed. If there are schemes that should be added, please send
+ feedback.</p>
- <p class=note>This list excludes any schemes that could
- reasonably be expected to be supported inline, e.g. in an
- <code><a href=#the-iframe-element>iframe</a></code>, such as <code title="">http</code> or (more
- theoretically) <code title="">gopher</code>. If those were
- supported, they could potentially be used in man-in-the-middle
- attacks, by replacing pages that have frames with such content
- with content under the control of the protocol handler. If the
- user agent has native support for the schemes, this could further
- be used for cookie-theft attacks.</p>
+ <p class=note>This list excludes any schemes that could reasonably be expected to be supported
+ inline, e.g. in an <code><a href=#the-iframe-element>iframe</a></code>, such as <code title="">http</code> or (more
+ theoretically) <code title="">gopher</code>. If those were supported, they could potentially be
+ used in man-in-the-middle attacks, by replacing pages that have frames with such content with
+ content under the control of the protocol handler. If the user agent has native support for the
+ schemes, this could further be used for cookie-theft attacks.</p>
</dd>
@@ -73516,33 +73264,26 @@
<dd>
- <p>A <a href=#mime-type>MIME type</a>, such as
- <code>model/vnd.flatland.3dml</code> or
- <code>application/vnd.google-earth.kml+xml</code>. The <a href=#mime-type>MIME
- type</a> must be compared in an <a href=#ascii-case-insensitive>ASCII
- case-insensitive</a> manner by user agents for the purposes of
- comparing with MIME types of documents that they consider against
- the list of registered handlers.</p>
+ <p>A <a href=#mime-type>MIME type</a>, such as <code>model/vnd.flatland.3dml</code> or
+ <code>application/vnd.google-earth.kml+xml</code>. The <a href=#mime-type>MIME type</a> must be compared
+ in an <a href=#ascii-case-insensitive>ASCII case-insensitive</a> manner by user agents for the purposes of comparing
+ with MIME types of documents that they consider against the list of registered handlers.</p>
- <p>User agents must compare the given values only to the MIME
- type/subtype parts of content types, not to the complete type
- including parameters. Thus, if <var title="">mimeType</var> values
- passed to this method include characters such as commas or
- whitespace, or include MIME parameters, then the handler being
- registered will never be used.</p>
+ <p>User agents must compare the given values only to the MIME type/subtype parts of content
+ types, not to the complete type including parameters. Thus, if <var title="">mimeType</var>
+ values passed to this method include characters such as commas or whitespace, or include MIME
+ parameters, then the handler being registered will never be used.</p>
- <p class=note>The type is compared to the <a href=#mime-type>MIME type</a>
- used by the user agent <em>after</em> the sniffing algorithms have
- been applied.</p>
+ <p class=note>The type is compared to the <a href=#mime-type>MIME type</a> used by the user agent
+ <em>after</em> the sniffing algorithms have been applied.</p>
<p>If the <code title=dom-navigator-registerContentHandler><a href=#dom-navigator-registercontenthandler>registerContentHandler()</a></code>
- method is invoked with a <a href=#mime-type>MIME type</a> that is in the
- <a href=#type-blacklist>type blacklist</a> or that the user agent has deemed a
- privileged type, the user agent must throw a
+ method is invoked with a <a href=#mime-type>MIME type</a> that is in the <a href=#type-blacklist>type blacklist</a> or
+ that the user agent has deemed a privileged type, the user agent must throw a
<code><a href=#securityerror>SecurityError</a></code> exception.</p>
- <p>The following <a href=#mime-type title="MIME type">MIME types</a> are in
- the <dfn id=type-blacklist>type blacklist</dfn>:</p>
+ <p>The following <a href=#mime-type title="MIME type">MIME types</a> are in the <dfn id=type-blacklist>type
+ blacklist</dfn>:</p>
<ul class=brief><li><code><a href=#application/x-www-form-urlencoded>application/x-www-form-urlencoded</a></code></li>
<li><code><a href=#application/xhtml+xml>application/xhtml+xml</a></code></li>
@@ -73560,8 +73301,8 @@
<li><code>text/xml</code></li>
<li>All types that the user agent supports displaying natively in a <a href=#browsing-context>browsing context</a> during <a href=#navigate title=navigate>navigation</a>, except for <code>application/rss+xml</code> and <code>application/atom+xml</code></li>
- </ul><p class=note>This list can be changed. If there are MIME types
- that should be added, please send feedback.</p>
+ </ul><p class=note>This list can be changed. If there are MIME types that should be added, please
+ send feedback.</p>
</dd>
@@ -73570,73 +73311,62 @@
<dd>
- <p>A string used to build the <a href=#url>URL</a> of the page that
- will handle the requests.</p>
+ <p>A string used to build the <a href=#url>URL</a> of the page that will handle the requests.</p>
- <p>User agents must throw a <code><a href=#syntaxerror>SyntaxError</a></code> exception if
- the <var title="">url</var> argument passed to one of these
- methods does not contain the exact literal string
+ <p>User agents must throw a <code><a href=#syntaxerror>SyntaxError</a></code> exception if the <var title="">url</var>
+ argument passed to one of these methods does not contain the exact literal string
"<code>%s</code>".</p>
- <p>User agents must throw a <code><a href=#syntaxerror>SyntaxError</a></code> if <a href=#resolve-a-url title="resolve a url">resolving</a> the <var title="">url</var>
- argument relative to the <a href=#entry-script>entry script</a>'s <a href="#script's-base-url" title="script's base URL">base URL</a>, is not successful.</p>
+ <p>User agents must throw a <code><a href=#syntaxerror>SyntaxError</a></code> if <a href=#resolve-a-url title="resolve a
+ url">resolving</a> the <var title="">url</var> argument relative to the <a href=#entry-script>entry
+ script</a>'s <a href="#script's-base-url" title="script's base URL">base URL</a>, is not successful.</p>
- <p class=note>The resulting <a href=#absolute-url>absolute URL</a> would by
- definition not be a <a href=#valid-url>valid URL</a> as it would include the
- string "<code title="">%s</code>" which is not a valid component
- in a URL.</p>
+ <p class=note>The resulting <a href=#absolute-url>absolute URL</a> would by definition not be a <a href=#valid-url>valid
+ URL</a> as it would include the string "<code title="">%s</code>" which is not a valid
+ component in a URL.</p>
- <p>User agents must throw a <code><a href=#securityerror>SecurityError</a></code> exception if
- the resulting <a href=#absolute-url>absolute URL</a> has an <a href=#origin>origin</a>
- that differs from the <a href=#origin>origin</a> of the <a href=#entry-script>entry
- script</a>.</p>
+ <p>User agents must throw a <code><a href=#securityerror>SecurityError</a></code> exception if the resulting <a href=#absolute-url>absolute
+ URL</a> has an <a href=#origin>origin</a> that differs from the <a href=#origin>origin</a> of the
+ <a href=#entry-script>entry script</a>.</p>
- <p class=note>This is forcibly the case if the <code title="">%s</code> placeholder is in the scheme, host, or port
- parts of the URL.</p>
+ <p class=note>This is forcibly the case if the <code title="">%s</code> placeholder is in the
+ scheme, host, or port parts of the URL.</p>
- <p>The resulting <a href=#absolute-url>absolute URL</a> is the
- <dfn id=proto-url>proto-URL</dfn>. It identifies the handler for the purposes
- of the methods described below.</p>
+ <p>The resulting <a href=#absolute-url>absolute URL</a> is the <dfn id=proto-url>proto-URL</dfn>. It identifies the
+ handler for the purposes of the methods described below.</p>
- <p>When the user agent uses this handler, it must replace the
- first occurrence of the exact literal string "<code title="">%s</code>" in the <var title="">url</var> argument with
- an escaped version of the <a href=#absolute-url>absolute URL</a> of the content
- in question (as defined below), then <a href=#resolve-a-url title="resolve a
- url">resolve</a> the resulting URL, relative to the <a href="#script's-base-url" title="script's base URL">base URL</a> of the <a href=#entry-script>entry
- script</a> at the time the <code title=dom-navigator-registerContentHandler><a href=#dom-navigator-registercontenthandler>registerContentHandler()</a></code>
- or <code title=dom-navigator-registerProtocolHandler><a href=#dom-navigator-registerprotocolhandler>registerProtocolHandler()</a></code>
- methods were invoked, and then <a href=#navigate>navigate</a><!--DONAV
- user--> an appropriate <a href=#browsing-context>browsing context</a> to the
- resulting URL using the GET method (<a href=#concept-http-equivalent-get title=concept-http-equivalent-get>or equivalent</a> for
- non-HTTP URLs).</p>
+ <p>When the user agent uses this handler, it must replace the first occurrence of the exact
+ literal string "<code title="">%s</code>" in the <var title="">url</var> argument with an
+ escaped version of the <a href=#absolute-url>absolute URL</a> of the content in question (as defined below),
+ then <a href=#resolve-a-url title="resolve a url">resolve</a> the resulting URL, relative to the <a href="#script's-base-url" title="script's base URL">base URL</a> of the <a href=#entry-script>entry script</a> at the time the <code title=dom-navigator-registerContentHandler><a href=#dom-navigator-registercontenthandler>registerContentHandler()</a></code> or <code title=dom-navigator-registerProtocolHandler><a href=#dom-navigator-registerprotocolhandler>registerProtocolHandler()</a></code> methods were
+ invoked, and then <a href=#navigate>navigate</a><!--DONAV user--> an appropriate <a href=#browsing-context>browsing
+ context</a> to the resulting URL using the GET method (<a href=#concept-http-equivalent-get title=concept-http-equivalent-get>or equivalent</a> for non-HTTP URLs).</p>
<p>To get the escaped version of the <a href=#absolute-url>absolute URL</a> of the content in question, the
user agent must replace every character in that <a href=#absolute-url>absolute URL</a> that is not a
- character in the URL <a href=#default-encode-set>default encode set</a> with the result of <a href=#utf-8-percent-encode title="UTF-8 percent
- encode">UTF-8 percent encoding</a> that character.</p>
+ character in the URL <a href=#default-encode-set>default encode set</a> with the result of <a href=#utf-8-percent-encode title="UTF-8
+ percent encode">UTF-8 percent encoding</a> that character.</p>
<div class=example>
- <p>If the user had visited a site at <code title="">http://example.com/</code> that made the following
- call:</p>
+ <p>If the user had visited a site at <code title="">http://example.com/</code> that made the
+ following call:</p>
<pre>navigator.registerContentHandler('application/x-soup', 'soup?url=%s', 'SoupWeb™')</pre>
- <p>...and then, much later, while visiting <code title="">http://www.example.net/</code>, clicked on a link such
- as:</p>
+ <p>...and then, much later, while visiting <code title="">http://www.example.net/</code>,
+ clicked on a link such as:</p>
<pre><a href="chickenkïwi.soup">Download our Chicken Kïwi soup!</a></pre>
- <p>...then, assuming this <code>chickenkïwi.soup</code> file
- was served with the <a href=#mime-type>MIME type</a>
- <code>application/x-soup</code>, the UA might navigate to the
- following URL:</p>
+ <p>...then, assuming this <code>chickenkïwi.soup</code> file was served with the
+ <a href=#mime-type>MIME type</a> <code>application/x-soup</code>, the UA might navigate to the following
+ URL:</p>
<pre>http://example.com/soup?url=http://www.example.net/chickenk%C3%AFwi.soup</pre>
- <p>This site could then fetch the <code>chickenkïwi.soup</code>
- file and do whatever it is that it does with soup (synthesize it
- and ship it to the user, or whatever).</p>
+ <p>This site could then fetch the <code>chickenkïwi.soup</code> file and do whatever it is
+ that it does with soup (synthesize it and ship it to the user, or whatever).</p>
</div>
@@ -73646,53 +73376,50 @@
<dd>
- <p>A descriptive title of the handler, which the UA might use to
- remind the user what the site in question is.</p>
+ <p>A descriptive title of the handler, which the UA might use to remind the user what the site
+ in question is.</p>
</dd>
- </dl><p>This section does not define how the pages registered by these
- methods are used, beyond the requirements on how to process the <var title="">url</var> value (see above). To some extent, the <a href=#navigate title=navigate>processing model for navigating across
- documents</a> defines some cases where these methods are
- relevant, but in general UAs may use this information wherever they
- would otherwise consider handing content to native plugins or helper
- applications.</p>
+ </dl><p>This section does not define how the pages registered by these methods are used, beyond the
+ requirements on how to process the <var title="">url</var> value (see above). To some extent, the
+ <a href=#navigate title=navigate>processing model for navigating across documents</a> defines some cases
+ where these methods are relevant, but in general UAs may use this information wherever they would
+ otherwise consider handing content to native plugins or helper applications.</p>
- <p>UAs must not use registered content handlers to handle content
- that was returned as part of a non-GET transaction (or rather, as
- part of any non-idempotent transaction), as the remote site would
- not be able to fetch the same data.</p>
+ <p>UAs must not use registered content handlers to handle content that was returned as part of a
+ non-GET transaction (or rather, as part of any non-idempotent transaction), as the remote site
+ would not be able to fetch the same data.</p>
<hr></div>
- <p>In addition to the registration methods, there are also methods
- for determining if particular handlers have been registered, and for
- unregistering handlers.</p>
+ <p>In addition to the registration methods, there are also methods for determining if particular
+ handlers have been registered, and for unregistering handlers.</p>
<dl class=domintro><dt><var title="">state</var> = <var title="">window</var> . <code title=dom-navigator><a href=#dom-navigator>navigator</a></code> . <code title=dom-navigator-isProtocolHandlerRegistered><a href=#dom-navigator-isprotocolhandlerregistered>isProtocolHandlerRegistered</a></code>(<var title="">scheme</var>, <var title="">url</var>)</dt>
<dt><var title="">state</var> = <var title="">window</var> . <code title=dom-navigator><a href=#dom-navigator>navigator</a></code> . <code title=dom-navigator-isContentHandlerRegistered><a href=#dom-navigator-iscontenthandlerregistered>isContentHandlerRegistered</a></code>(<var title="">mimeType</var>, <var title="">url</var>)</dt>
<dd>
- <p>Returns one of the following strings describing the state of
- the handler given by the arguments:</p>
+ <p>Returns one of the following strings describing the state of the handler given by the
+ arguments:</p>
<dl><dt><code title="">new</code>
- <dd>Indicates that no attempt has been made to register the given
- handler (or that the handler has been unregistered). It would be
- appropriate to promote the availability of the handler or to just
- automatically register the handler.
+ <dd>Indicates that no attempt has been made to register the given handler (or that the handler
+ has been unregistered). It would be appropriate to promote the availability of the handler or
+ to just automatically register the handler.
+
<dt><code title="">registered</code>
- <dd>Indicates that the given handler has been registered or that
- the site is blocked from registering the handler. Trying to
- register the handler again would have no effect.
+ <dd>Indicates that the given handler has been registered or that the site is blocked from
+ registering the handler. Trying to register the handler again would have no effect.
+
<dt><code title="">declined</code>
- <dd>Indicates that the given handler has been offered but was
- rejected. Trying to register the handler again may prompt the
- user again.
+ <dd>Indicates that the given handler has been offered but was rejected. Trying to register the
+ handler again may prompt the user again.
+
</dl></dd>
<dt><var title="">state</var> = <var title="">window</var> . <code title=dom-navigator><a href=#dom-navigator>navigator</a></code> . <code title=dom-navigator-unregisterProtocolHandler><a href=#dom-navigator-unregisterprotocolhandler>unregisterProtocolHandler</a></code>(<var title="">scheme</var>, <var title="">url</var>)</dt>
@@ -73707,153 +73434,129 @@
</dl><div class=impl>
<p>The <dfn id=dom-navigator-isprotocolhandlerregistered title=dom-navigator-isProtocolHandlerRegistered><code>isProtocolHandlerRegistered()</code></dfn>
- method must return the <a href=#handler-state-string>handler state string</a> that most
- closely describes the current state of the handler described by the
- two arguments to the method, where the first argument gives the
- scheme and the second gives the string used to build the
- <a href=#url>URL</a> of the page that will handle the requests.
+ method must return the <a href=#handler-state-string>handler state string</a> that most closely describes the current
+ state of the handler described by the two arguments to the method, where the first argument gives
+ the scheme and the second gives the string used to build the <a href=#url>URL</a> of the page that
+ will handle the requests.
<a class=fingerprint href=#fingerprint><img alt="(This is a fingerprinting vector.)" src=http://images.whatwg.org/fingerprint.png></a>
</p>
- <p>The first argument must be compared to the schemes for which
- custom protocol handlers are registered in an <a href=#ascii-case-insensitive>ASCII
- case-insensitive</a> manner to find the relevant handlers.</p>
+ <p>The first argument must be compared to the schemes for which custom protocol handlers are
+ registered in an <a href=#ascii-case-insensitive>ASCII case-insensitive</a> manner to find the relevant handlers.</p>
- <p>The second argument must be preprocessed as described below, and
- if that is successful, must then be matched against the <a href=#proto-url title=proto-URL>proto-URLs</a> of the relevant handlers to find
- the described handler.</p>
+ <p>The second argument must be preprocessed as described below, and if that is successful, must
+ then be matched against the <a href=#proto-url title=proto-URL>proto-URLs</a> of the relevant handlers to
+ find the described handler.</p>
<hr><p>The <dfn id=dom-navigator-iscontenthandlerregistered title=dom-navigator-isContentHandlerRegistered><code>isContentHandlerRegistered()</code></dfn>
- method must return the <a href=#handler-state-string>handler state string</a> that most
- closely describes the current state of the handler described by the
- two arguments to the method, where the first argument gives the
- <a href=#mime-type>MIME type</a> and the second gives the string used to build
- the <a href=#url>URL</a> of the page that will handle the requests.
+ method must return the <a href=#handler-state-string>handler state string</a> that most closely describes the current
+ state of the handler described by the two arguments to the method, where the first argument gives
+ the <a href=#mime-type>MIME type</a> and the second gives the string used to build the <a href=#url>URL</a> of
+ the page that will handle the requests.
<a class=fingerprint href=#fingerprint><img alt="(This is a fingerprinting vector.)" src=http://images.whatwg.org/fingerprint.png></a>
</p>
- <p>The first argument must be compared to the <a href=#mime-type title="MIME
- type">MIME types</a> for which custom content handlers are
- registered in an <a href=#ascii-case-insensitive>ASCII case-insensitive</a> manner to find
+ <p>The first argument must be compared to the <a href=#mime-type title="MIME type">MIME types</a> for which
+ custom content handlers are registered in an <a href=#ascii-case-insensitive>ASCII case-insensitive</a> manner to find
the relevant handlers.</p>
- <p>The second argument must be preprocessed as described below, and
- if that is successful, must then be matched against the
- <a href=#proto-url title=proto-URL>proto-URLs</a> of the relevant handlers to
+ <p>The second argument must be preprocessed as described below, and if that is successful, must
+ then be matched against the <a href=#proto-url title=proto-URL>proto-URLs</a> of the relevant handlers to
find the described handler.</p>
- <hr><p>The <dfn id=handler-state-string title="handler state string">handler state strings</dfn>
- are the following strings. Each string describes several situations,
- as given by the following list.</p>
+ <hr><p>The <dfn id=handler-state-string title="handler state string">handler state strings</dfn> are the following strings.
+ Each string describes several situations, as given by the following list.</p>
<dl><dt><code title="">new</code>
- <dd>The described handler has never been registered for the given
- scheme or type.
+ <dd>The described handler has never been registered for the given scheme or type.
- <dd>The described handler was once registered for the given scheme
- or type, but the site has since unregistered it. If the handler
- were to be reregistered, the user would be notified accordingly.
+ <dd>The described handler was once registered for the given scheme or type, but the site has
+ since unregistered it. If the handler were to be reregistered, the user would be notified
+ accordingly.
- <dd>The described handler was once registered for the given scheme
- or type, but the site has since unregistered it, but the user has
- indicated that the site is to be blocked from registering the type
- again, so the user agent would ignore further registration attempts.
+ <dd>The described handler was once registered for the given scheme or type, but the site has
+ since unregistered it, but the user has indicated that the site is to be blocked from registering
+ the type again, so the user agent would ignore further registration attempts.
<dt><code title="">registered</code>
- <dd>An attempt was made to register the described handler for the
- given scheme or type, but the user has not yet been notified, and
- the user agent would ignore further registration attempts. (Maybe
- the user agent batches registration requests to display them when
- the user requests to be notified about them, and the user has not
- yet requested that the user agent notify it of the previous
- registration attempt.)
+ <dd>An attempt was made to register the described handler for the given scheme or type, but the
+ user has not yet been notified, and the user agent would ignore further registration attempts.
+ (Maybe the user agent batches registration requests to display them when the user requests to be
+ notified about them, and the user has not yet requested that the user agent notify it of the
+ previous registration attempt.)
- <dd>The described handler is registered for the given scheme or
- type (maybe, or maybe not, as the default handler).
+ <dd>The described handler is registered for the given scheme or type (maybe, or maybe not, as the
+ default handler).
- <dd>The described handler is permanently blocked from being
- (re)registered. (Maybe the user marked the registration attempt as
- spam, or blocked the site for other reasons.)
+ <dd>The described handler is permanently blocked from being (re)registered. (Maybe the user
+ marked the registration attempt as spam, or blocked the site for other reasons.)
<dt><code title="">declined</code>
- <dd>An attempt was made to register the described handler for the
- given scheme or type, but the user has not yet been notified;
- however, the user might be notified if another registration attempt
- were to be made. (Maybe the last registration attempt was made
- while the page was in the background and the user closed the page
- without looking at it, and the user agent requires confirmation for
- this registration attempt.)
+ <dd>An attempt was made to register the described handler for the given scheme or type, but the
+ user has not yet been notified; however, the user might be notified if another registration
+ attempt were to be made. (Maybe the last registration attempt was made while the page was in the
+ background and the user closed the page without looking at it, and the user agent requires
+ confirmation for this registration attempt.)
- <dd>An attempt was made to register the described handler for the
- given scheme or type, but the user has not yet responded.
+ <dd>An attempt was made to register the described handler for the given scheme or type, but the
+ user has not yet responded.
- <dd>An attempt was made to register the described handler for the
- given scheme or type, but the user declined the offer. The user has
- not indicated that the handler is to be permanently blocked,
- however, so another attempt to register the described handler might
- result in the user being prompted again.
+ <dd>An attempt was made to register the described handler for the given scheme or type, but the
+ user declined the offer. The user has not indicated that the handler is to be permanently
+ blocked, however, so another attempt to register the described handler might result in the user
+ being prompted again.
- <dd>The described handler was once registered for the given scheme
- or type, but the user has since removed it. The user has not
- indicated that the handler is to be permanently blocked, however,
- so another attempt to register the described handler might result
- in the user being prompted again.
+ <dd>The described handler was once registered for the given scheme or type, but the user has
+ since removed it. The user has not indicated that the handler is to be permanently blocked,
+ however, so another attempt to register the described handler might result in the user being
+ prompted again.
</dl><hr><p>The <dfn id=dom-navigator-unregisterprotocolhandler title=dom-navigator-unregisterProtocolHandler><code>unregisterProtocolHandler()</code></dfn>
- method must unregister the handler described by the two arguments to
- the method, where the first argument gives the scheme and the second
- gives the string used to build the <a href=#url>URL</a> of the page that
- will handle the requests.</p>
+ method must unregister the handler described by the two arguments to the method, where the first
+ argument gives the scheme and the second gives the string used to build the <a href=#url>URL</a> of
+ the page that will handle the requests.</p>
- <p>The first argument must be compared to the schemes for which
- custom protocol handlers are registered in an <a href=#ascii-case-insensitive>ASCII
- case-insensitive</a> manner to find the relevant handlers.</p>
+ <p>The first argument must be compared to the schemes for which custom protocol handlers are
+ registered in an <a href=#ascii-case-insensitive>ASCII case-insensitive</a> manner to find the relevant handlers.</p>
- <p>The second argument must be preprocessed as described below, and
- if that is successful, must then be matched against the <a href=#proto-url title=proto-URL>proto-URLs</a> of the relevant handlers to find
- the described handler.</p>
+ <p>The second argument must be preprocessed as described below, and if that is successful, must
+ then be matched against the <a href=#proto-url title=proto-URL>proto-URLs</a> of the relevant handlers to
+ find the described handler.</p>
<hr><p>The <dfn id=dom-navigator-unregistercontenthandler title=dom-navigator-unregisterContentHandler><code>unregisterContentHandler()</code></dfn>
- method must unregister the handler described by the two arguments to
- the method, where the first argument gives the <a href=#mime-type>MIME
- type</a> and the second gives the string used to build the
+ method must unregister the handler described by the two arguments to the method, where the first
+ argument gives the <a href=#mime-type>MIME type</a> and the second gives the string used to build the
<a href=#url>URL</a> of the page that will handle the requests.</p>
- <p>The first argument must be compared to the <a href=#mime-type title="MIME
- type">MIME types</a> for which custom content handlers are
- registered in an <a href=#ascii-case-insensitive>ASCII case-insensitive</a> manner to find
+ <p>The first argument must be compared to the <a href=#mime-type title="MIME type">MIME types</a> for which
+ custom content handlers are registered in an <a href=#ascii-case-insensitive>ASCII case-insensitive</a> manner to find
the relevant handlers.</p>
- <p>The second argument must be preprocessed as described below, and
- if that is successful, must then be matched against the
- <a href=#proto-url title=proto-URL>proto-URLs</a> of the relevant handlers to
+ <p>The second argument must be preprocessed as described below, and if that is successful, must
+ then be matched against the <a href=#proto-url title=proto-URL>proto-URLs</a> of the relevant handlers to
find the described handler.</p>
- <hr><p>The second argument of the four methods described above must be
- preprocessed as follows:</p>
+ <hr><p>The second argument of the four methods described above must be preprocessed as follows:</p>
- <ol><li><p>If the string does not contain the substring "<code title="">%s</code>", abort these steps. There's no matching
- handler.</li>
+ <ol><li><p>If the string does not contain the substring "<code title="">%s</code>", abort these
+ steps. There's no matching handler.</li>
- <li><p><a href=#resolve-a-url title="resolve a URL">Resolve</a> the string
- relative to the <a href="#script's-base-url" title="script's base URL">base URL</a> of
- the <a href=#entry-script>entry script</a>.</li>
+ <li><p><a href=#resolve-a-url title="resolve a URL">Resolve</a> the string relative to the <a href="#script's-base-url" title="script's base URL">base URL</a> of the <a href=#entry-script>entry script</a>.</li>
- <li><p>If this fails, then throw a <code><a href=#syntaxerror>SyntaxError</a></code>
- exception, aborting the method.</li>
+ <li><p>If this fails, then throw a <code><a href=#syntaxerror>SyntaxError</a></code> exception, aborting the
+ method.</li>
- <li><p>If the resoluting <a href=#absolute-url>absolute URL</a>'s
- <a href=#origin>origin</a> is not the <a href=#same-origin>same origin</a> as that of
- the <a href=#entry-script>entry script</a> throw a <a href=#securityerror>SecurityError</a>
+ <li><p>If the resoluting <a href=#absolute-url>absolute URL</a>'s <a href=#origin>origin</a> is not the <a href=#same-origin>same
+ origin</a> as that of the <a href=#entry-script>entry script</a> throw a <a href=#securityerror>SecurityError</a>
exception, aborting the method.</li>
- <li><p>Return the resulting <a href=#absolute-url>absolute URL</a> as the result
- of preprocessing the argument.</li>
+ <li><p>Return the resulting <a href=#absolute-url>absolute URL</a> as the result of preprocessing the
+ argument.</li>
</ol></div>
@@ -73864,82 +73567,66 @@
<h6 id=security-and-privacy><span class=secno>7.5.1.3.1 </span>Security and privacy</h6>
- <p>These mechanisms can introduce a number of concerns, in
- particular privacy concerns.</p>
+ <p>These mechanisms can introduce a number of concerns, in particular privacy concerns.</p>
- <p><strong>Hijacking all Web usage.</strong> User agents should not
- allow schemes that are key to its normal operation, such as
- <code>http</code> or <code>https</code>, to be rerouted through
- third-party sites. This would allow a user's activities to be
- trivially tracked, and would allow user information, even in secure
- connections, to be collected.</p>
+ <p><strong>Hijacking all Web usage.</strong> User agents should not allow schemes that are key to
+ its normal operation, such as <code>http</code> or <code>https</code>, to be rerouted through
+ third-party sites. This would allow a user's activities to be trivially tracked, and would allow
+ user information, even in secure connections, to be collected.</p>
<p><strong>Hijacking defaults.</strong> User agents are strongly urged to not automatically change
any defaults, as this could lead the user to send data to remote hosts that the user is not
expecting. New handlers registering themselves should never automatically cause those sites to be
used.</p>
- <p><strong>Registration spamming.</strong> User agents should
- consider the possibility that a site will attempt to register a
- large number of handlers, possibly from multiple domains (e.g. by
- redirecting through a series of pages each on a different domain,
- and each registering a handler for <code>video/mpeg</code> —
- analogous practices abusing other Web browser features have been
- used by pornography Web sites for many years). User agents should
- gracefully handle such hostile attempts, protecting the user.</p>
+ <p><strong>Registration spamming.</strong> User agents should consider the possibility that a site
+ will attempt to register a large number of handlers, possibly from multiple domains (e.g. by
+ redirecting through a series of pages each on a different domain, and each registering a handler
+ for <code>video/mpeg</code> — analogous practices abusing other Web browser features have
+ been used by pornography Web sites for many years). User agents should gracefully handle such
+ hostile attempts, protecting the user.</p>
- <p><strong>Misleading titles.</strong> User agents should not rely
- wholly on the <var title="">title</var> argument to the methods when
- presenting the registered handlers to the user, since sites could
- easily lie. For example, a site <code>hostile.example.net</code>
- could claim that it was registering the "Cuddly Bear Happy Content
- Handler". User agents should therefore use the handler's domain in
- any UI along with any title.</p>
+ <p><strong>Misleading titles.</strong> User agents should not rely wholly on the <var title="">title</var> argument to the methods when presenting the registered handlers to the user,
+ since sites could easily lie. For example, a site <code>hostile.example.net</code> could claim
+ that it was registering the "Cuddly Bear Happy Content Handler". User agents should therefore use
+ the handler's domain in any UI along with any title.</p>
- <p><strong>Hostile handler metadata.</strong> User agents should
- protect against typical attacks against strings embedded in their
- interface, for example ensuring that markup or escape characters in
- such strings are not executed, that null bytes are properly handled,
- that over-long strings do not cause crashes or buffer overruns, and
- so forth.</p>
+ <p><strong>Hostile handler metadata.</strong> User agents should protect against typical attacks
+ against strings embedded in their interface, for example ensuring that markup or escape characters
+ in such strings are not executed, that null bytes are properly handled, that over-long strings do
+ not cause crashes or buffer overruns, and so forth.</p>
- <p><strong>Leaking Intranet URLs.</strong> The mechanism described
- in this section can result in secret Intranet URLs being leaked, in
- the following manner:</p>
+ <p><strong>Leaking Intranet URLs.</strong> The mechanism described in this section can result in
+ secret Intranet URLs being leaked, in the following manner:</p>
- <ol><li>The user registers a third-party content handler as the default
- handler for a content type.</li>
+ <ol><li>The user registers a third-party content handler as the default handler for a content
+ type.</li>
- <li>The user then browses his corporate Intranet site and accesses
- a document that uses that content type.</li>
+ <li>The user then browses his corporate Intranet site and accesses a document that uses that
+ content type.</li>
- <li>The user agent contacts the third party and hands the third
- party the URL to the Intranet content.</li>
+ <li>The user agent contacts the third party and hands the third party the URL to the Intranet
+ content.</li>
- </ol><p>No actual confidential file data is leaked in this manner, but
- the URLs themselves could contain confidential information. For
- example, the URL could be
- <code>http://www.corp.example.com/upcoming-aquisitions/the-sample-company.egf</code>,
- which might tell the third party that Example Corporation is
- intending to merge with The Sample Company. Implementors might wish
- to consider allowing administrators to disable this feature for
- certain subdomains, content types, or schemes.</p>
+ </ol><p>No actual confidential file data is leaked in this manner, but the URLs themselves could
+ contain confidential information. For example, the URL could be
+ <code>http://www.corp.example.com/upcoming-aquisitions/the-sample-company.egf</code>, which might
+ tell the third party that Example Corporation is intending to merge with The Sample Company.
+ Implementors might wish to consider allowing administrators to disable this feature for certain
+ subdomains, content types, or schemes.</p>
- <p><strong>Leaking secure URLs.</strong> User agents should not send
- HTTPS URLs to third-party sites registered as content handlers
- without the user's informed consent, for the same reason that user
- agents sometimes avoid sending <code title=http-referer>Referer</code> (sic) HTTP headers from secure
- sites to third-party sites.</p>
+ <p><strong>Leaking secure URLs.</strong> User agents should not send HTTPS URLs to third-party
+ sites registered as content handlers without the user's informed consent, for the same reason that
+ user agents sometimes avoid sending <code title=http-referer>Referer</code> (sic) HTTP headers
+ from secure sites to third-party sites.</p>
- <p><strong>Leaking credentials.</strong> User agents must never send
- username or password information in the URLs that are escaped and
- included sent to the handler sites. User agents may even avoid
- attempting to pass to Web-based handlers the URLs of resources
- that are known to require authentication to access, as such sites
- would be unable to access the resources in question without
- prompting the user for credentials themselves (a practice that would
- require the user to know whether to trust the third-party handler, a
- decision many users are unable to make or even understand).</p>
+ <p><strong>Leaking credentials.</strong> User agents must never send username or password
+ information in the URLs that are escaped and included sent to the handler sites. User agents may
+ even avoid attempting to pass to Web-based handlers the URLs of resources that are known to
+ require authentication to access, as such sites would be unable to access the resources in
+ question without prompting the user for credentials themselves (a practice that would require the
+ user to know whether to trust the third-party handler, a decision many users are unable to make or
+ even understand).</p>
<p><strong>Interface interference.</strong> User agents should be prepared to handle intentionally
long arguments to the methods. For example, if the user interface exposed consists of an "accept"
@@ -73962,43 +73649,36 @@
<p><i>This section is non-normative.</i></p>
- <p>A simple implementation of this feature for a desktop Web browser
- might work as follows.</p>
+ <p>A simple implementation of this feature for a desktop Web browser might work as follows.</p>
- <p>The <code title=dom-navigator-registerContentHandler><a href=#dom-navigator-registercontenthandler>registerContentHandler()</a></code>
- method could display a modal dialog box:</p>
+ <p>The <code title=dom-navigator-registerContentHandler><a href=#dom-navigator-registercontenthandler>registerContentHandler()</a></code> method
+ could display a modal dialog box:</p>
<p><img alt="The modal dialog box could have the title 'Content Handler Registration', and could say 'This Web page: Kittens at work http://kittens.example.org/ ...would like permission to handle files of type: application/x-meowmeow using the following Web-based application: Kittens-at-work displayer http://kittens.example.org/?show=%s Do you trust the administrators of the "kittens.example.org" domain?' with two buttons, 'Trust kittens.example.org' and 'Cancel'." height=374 src=http://images.whatwg.org/sample-content-handler-registration.png width=534></p>
- <p>In this dialog box, "Kittens at work" is the title of the page
- that invoked the method, "http://kittens.example.org/" is the URL of
- that page, "application/x-meowmeow" is the string that was passed to
- the <code title=dom-navigator-registerContentHandler><a href=#dom-navigator-registercontenthandler>registerContentHandler()</a></code>
- method as its first argument (<var title="">mimeType</var>),
- "http://kittens.example.org/?show=%s" was the second argument (<var title="">url</var>), and "Kittens-at-work displayer" was the third
- argument (<var title="">title</var>).</p>
+ <p>In this dialog box, "Kittens at work" is the title of the page that invoked the method,
+ "http://kittens.example.org/" is the URL of that page, "application/x-meowmeow" is the string that
+ was passed to the <code title=dom-navigator-registerContentHandler><a href=#dom-navigator-registercontenthandler>registerContentHandler()</a></code> method as its first
+ argument (<var title="">mimeType</var>), "http://kittens.example.org/?show=%s" was the second
+ argument (<var title="">url</var>), and "Kittens-at-work displayer" was the third argument (<var title="">title</var>).</p>
- <p>If the user clicks the Cancel button, then nothing further
- happens. If the user clicks the "Trust" button, then the handler is
- remembered.</p>
+ <p>If the user clicks the Cancel button, then nothing further happens. If the user clicks the
+ "Trust" button, then the handler is remembered.</p>
- <p>When the user then attempts to fetch a URL that uses the
- "application/x-meowmeow" <a href=#mime-type>MIME type</a>, then it might
- display a dialog as follows:</p>
+ <p>When the user then attempts to fetch a URL that uses the "application/x-meowmeow" <a href=#mime-type>MIME
+ type</a>, then it might display a dialog as follows:</p>
<p><img alt="The dialog box could have the title 'Unknown File Type' and could say 'You have attempted to access:' followed by a URL, followed by a prompt such as 'How would you like FerretBrowser to handle this resource?' with three radio buttons, one saying 'Contact the FerretBrowser plugin registry to see if there is an official way to handle this resource.', one saying 'Pass this URL to a local application' with an application selector, and one saying 'Pass this URL to the "Kittens-at-work displayer" application at "kittens.example.org"', with a checkbox labeled 'Always do this for resources using the "application/x-meowmeow" type in future.', and with two buttons, 'Ok' and 'Cancel'." height=428 src=http://images.whatwg.org/sample-content-handler.png width=577></p>
- <p>In this dialog, the third option is the one that was primed by
- the site registering itself earlier.</p>
+ <p>In this dialog, the third option is the one that was primed by the site registering itself
+ earlier.</p>
- <p>If the user does select that option, then the browser, in
- accordance with the requirements described in the previous two
- sections, will redirect the user to
+ <p>If the user does select that option, then the browser, in accordance with the requirements
+ described in the previous two sections, will redirect the user to
"http://kittens.example.org/?show=data%3Aapplication/x-meowmeow;base64,S2l0dGVucyBhcmUgdGhlIGN1dGVzdCE%253D".</p>
- <p>The <code title=dom-navigator-registerProtocolHandler><a href=#dom-navigator-registerprotocolhandler>registerProtocolHandler()</a></code>
- method would work equivalently, but for schemes instead of unknown
- content types.</p>
+ <p>The <code title=dom-navigator-registerProtocolHandler><a href=#dom-navigator-registerprotocolhandler>registerProtocolHandler()</a></code> method
+ would work equivalently, but for schemes instead of unknown content types.</p>
</div>
@@ -78198,50 +77878,40 @@
</div>
-->
-<!--CLEANUP-->
<!--ADD-TOPIC:Security-->
<div class=impl>
<h4 id=security-risks-in-the-drag-and-drop-model><span class=secno>8.7.9 </span>Security risks in the drag-and-drop model</h4>
- <p>User agents must not make the data added to the
- <code><a href=#datatransfer>DataTransfer</a></code> object during the <code title=event-dragstart><a href=#event-dragstart>dragstart</a></code> event available to scripts
- until the <code title=event-drop><a href=#event-drop>drop</a></code> event, because
- otherwise, if a user were to drag sensitive information from one
- document to a second document, crossing a hostile third document in
- the process, the hostile document could intercept the data.</p>
+ <p>User agents must not make the data added to the <code><a href=#datatransfer>DataTransfer</a></code> object during the
+ <code title=event-dragstart><a href=#event-dragstart>dragstart</a></code> event available to scripts until the <code title=event-drop><a href=#event-drop>drop</a></code> event, because otherwise, if a user were to drag sensitive
+ information from one document to a second document, crossing a hostile third document in the
+ process, the hostile document could intercept the data.</p>
- <p>For the same reason, user agents must consider a drop to be
- successful only if the user specifically ended the drag operation
- — if any scripts end the drag operation, it must be considered
- unsuccessful (canceled) and the <code title=event-drop><a href=#event-drop>drop</a></code>
- event must not be fired.</p>
+ <p>For the same reason, user agents must consider a drop to be successful only if the user
+ specifically ended the drag operation — if any scripts end the drag operation, it must be
+ considered unsuccessful (canceled) and the <code title=event-drop><a href=#event-drop>drop</a></code> event must not be
+ fired.</p>
- <p>User agents should take care to not start drag-and-drop
- operations in response to script actions. For example, in a
- mouse-and-window environment, if a script moves a window while the
- user has his mouse button depressed, the UA would not consider that
- to start a drag. This is important because otherwise UAs could cause
- data to be dragged from sensitive sources and dropped into hostile
- documents without the user's consent.</p>
+ <p>User agents should take care to not start drag-and-drop operations in response to script
+ actions. For example, in a mouse-and-window environment, if a script moves a window while the user
+ has his mouse button depressed, the UA would not consider that to start a drag. This is important
+ because otherwise UAs could cause data to be dragged from sensitive sources and dropped into
+ hostile documents without the user's consent.</p>
- <p>User agents should filter potentially active (scripted) content
- (e.g. HTML) when it is dragged and when it is dropped, using a
- whitelist of known-safe features. Similarly, <a href=#relative-url title="relative url">relative URLs</a> should be
- turned into absolute URLs to avoid references changing in unexpected
- ways. This specification does not specify how this is performed.</p>
+ <p>User agents should filter potentially active (scripted) content (e.g. HTML) when it is dragged
+ and when it is dropped, using a whitelist of known-safe features. Similarly, <a href=#relative-url title="relative
+ url">relative URLs</a> should be turned into absolute URLs to avoid references changing in
+ unexpected ways. This specification does not specify how this is performed.</p>
<div class=example>
- <p>Consider a hostile page providing some content and getting the
- user to select and drag and drop (or indeed, copy and paste) that
- content to a victim page's <code title=attr-contenteditable><a href=#attr-contenteditable>contenteditable</a></code> region. If the
- browser does not ensure that only safe content is dragged,
- potentially unsafe content such as scripts and event handlers in
- the selection, once dropped (or pasted) into the victim site, get
- the privileges of the victim site. This would thus enable a
- cross-site scripting attack.</p>
+ <p>Consider a hostile page providing some content and getting the user to select and drag and
+ drop (or indeed, copy and paste) that content to a victim page's <code title=attr-contenteditable><a href=#attr-contenteditable>contenteditable</a></code> region. If the browser does not ensure that
+ only safe content is dragged, potentially unsafe content such as scripts and event handlers in
+ the selection, once dropped (or pasted) into the victim site, get the privileges of the victim
+ site. This would thus enable a cross-site scripting attack.</p>
</div>
@@ -79849,7 +79519,7 @@
<table><thead><tr><th><a href=#event-handlers title="event handlers">Event handler</a> <th><a href=#event-handler-event-type>Event handler event type</a>
<tbody><tr><td><dfn id=handler-abstractworker-onerror title=handler-AbstractWorker-onerror><code>onerror</code></dfn> <td> <code title=event-error>error</code>
<!-- v2-onclose <tr><td><dfn title="handler-AbstractWorker-onclose"><code>onclose</code></dfn> <td> <code title="event-worker-close">close</code> -->
- </table><!--CLEANUP--><h5 id=dedicated-workers-and-the-worker-interface><span class=secno>9.2.6.2 </span>Dedicated workers and the <code><a href=#worker>Worker</a></code> interface</h5>
+ </table><h5 id=dedicated-workers-and-the-worker-interface><span class=secno>9.2.6.2 </span>Dedicated workers and the <code><a href=#worker>Worker</a></code> interface</h5>
<pre class=idl>[<a href=#dom-worker title=dom-Worker>Constructor</a>(DOMString scriptURL)]
interface <dfn id=worker>Worker</dfn> : <a href=#eventtarget>EventTarget</a> {
@@ -79861,19 +79531,16 @@
};
<a href=#worker>Worker</a> implements <a href=#abstractworker>AbstractWorker</a>;</pre>
- <p>The <dfn id=dom-worker-terminate title=dom-Worker-terminate><code>terminate()</code></dfn> method,
- when invoked, must cause the "<a href=#terminate-a-worker>terminate a worker</a>"
- algorithm to be run on the worker with with the object is
- associated.</p>
+ <p>The <dfn id=dom-worker-terminate title=dom-Worker-terminate><code>terminate()</code></dfn> method, when invoked, must
+ cause the "<a href=#terminate-a-worker>terminate a worker</a>" algorithm to be run on the worker with with the object
+ is associated.</p>
- <p><code><a href=#worker>Worker</a></code> objects act as if they had an implicit
- <code><a href=#messageport>MessagePort</a></code> associated with them. This port is part of
- a channel that is set up when the worker is created, but it is not
- exposed. This object must never be garbage collected before the
- <code><a href=#worker>Worker</a></code> object.</p>
+ <p><code><a href=#worker>Worker</a></code> objects act as if they had an implicit <code><a href=#messageport>MessagePort</a></code> associated
+ with them. This port is part of a channel that is set up when the worker is created, but it is not
+ exposed. This object must never be garbage collected before the <code><a href=#worker>Worker</a></code> object.</p>
- <p>All messages received by that port must immediately be retargeted
- at the <code><a href=#worker>Worker</a></code> object.</p>
+ <p>All messages received by that port must immediately be retargeted at the <code><a href=#worker>Worker</a></code>
+ object.</p>
<p>The <dfn id=dom-worker-postmessage title=dom-Worker-postMessage><code>postMessage()</code></dfn> method on
<code><a href=#worker>Worker</a></code> objects must act as if, when invoked, it immediately invoked <a href=#dom-messageport-postmessage title=dom-MessagePort-postMessage>the method of the same name</a> on the port, with the same
@@ -79895,10 +79562,9 @@
</div>
- <p>The following are the <a href=#event-handlers>event handlers</a> (and their
- corresponding <a href=#event-handler-event-type title="event handler event type">event handler
- event types</a>) that must be supported, as IDL attributes, by
- objects implementing the <code><a href=#worker>Worker</a></code> interface:</p>
+ <p>The following are the <a href=#event-handlers>event handlers</a> (and their corresponding <a href=#event-handler-event-type title="event
+ handler event type">event handler event types</a>) that must be supported, as IDL attributes,
+ by objects implementing the <code><a href=#worker>Worker</a></code> interface:</p>
<table><thead><tr><th><a href=#event-handlers title="event handlers">Event handler</a> <th><a href=#event-handler-event-type>Event handler event type</a>
<tbody><tr><td><dfn id=handler-worker-onmessage title=handler-Worker-onmessage><code>onmessage</code></dfn> <td> <code title=event-message><a href=#event-message>message</a></code>
@@ -79909,110 +79575,92 @@
the request violates a policy decision (e.g. if the user agent is configured to not allow the
page to start dedicated workers).</li>
- <li><p><a href=#resolve-a-url title="resolve a url">Resolve</a> the <var title="">scriptURL</var> argument relative to the <a href=#entry-script>entry
- script</a>'s <a href="#script's-base-url" title="script's base URL">base URL</a>,
- when the method is invoked.</li>
+ <li><p><a href=#resolve-a-url title="resolve a url">Resolve</a> the <var title="">scriptURL</var> argument
+ relative to the <a href=#entry-script>entry script</a>'s <a href="#script's-base-url" title="script's base URL">base URL</a>, when
+ the method is invoked.</li>
- <li><p>If this fails, throw a <code><a href=#syntaxerror>SyntaxError</a></code>
- exception.</li>
+ <li><p>If this fails, throw a <code><a href=#syntaxerror>SyntaxError</a></code> exception.</li>
<li>
- <p>If the <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> component of
- the resulting <a href=#parsed-url>parsed URL</a> is not "<code title=data-protocol>data</code>", and the <a href=#origin>origin</a> of
- the resulting <a href=#absolute-url>absolute URL</a> is not the <a href=#same-origin title="same origin">same</a> as the origin of the <a href=#entry-script>entry
- script</a>, then throw a <code><a href=#securityerror>SecurityError</a></code> exception
- and abort these steps.</p>
+ <p>If the <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> component of the resulting <a href=#parsed-url>parsed
+ URL</a> is not "<code title=data-protocol>data</code>", and the <a href=#origin>origin</a> of the
+ resulting <a href=#absolute-url>absolute URL</a> is not the <a href=#same-origin title="same origin">same</a> as the
+ origin of the <a href=#entry-script>entry script</a>, then throw a <code><a href=#securityerror>SecurityError</a></code> exception and
+ abort these steps.</p>
- <p class=note>Thus, scripts must either be external files with
- the same scheme, host, and port as the original page, or <a href=#data-protocol title="data protocol"><code title="">data:</code> URLs</a>. For
- example, you can't load a script from a <a href=#javascript-protocol title="javascript
- protocol"><code title="">javascript:</code> URL</a>, and an
- <code>https:</code> page couldn't start workers using scripts with
- <code>http:</code> URLs.</p>
+ <p class=note>Thus, scripts must either be external files with the same scheme, host, and port
+ as the original page, or <a href=#data-protocol title="data protocol"><code title="">data:</code> URLs</a>.
+ For example, you can't load a script from a <a href=#javascript-protocol title="javascript protocol"><code title="">javascript:</code> URL</a>, and an <code>https:</code> page couldn't start workers
+ using scripts with <code>http:</code> URLs.</p>
</li>
- <li><p>Create a new <code><a href=#dedicatedworkerglobalscope>DedicatedWorkerGlobalScope</a></code> object
- whose <a href=#worker-origin>worker origin</a> is the origin of the <a href=#entry-script>entry
- script</a>. Let <var title="">worker global scope</var> be this
- new object.</li>
+ <li><p>Create a new <code><a href=#dedicatedworkerglobalscope>DedicatedWorkerGlobalScope</a></code> object whose <a href=#worker-origin>worker
+ origin</a> is the origin of the <a href=#entry-script>entry script</a>. Let <var title="">worker global
+ scope</var> be this new object.</li>
- <li><p>Create a new <code><a href=#worker>Worker</a></code> object, associated with
- <var title="">worker global scope</var>. Let <var title="">worker</var> be this new object.</li>
+ <li><p>Create a new <code><a href=#worker>Worker</a></code> object, associated with <var title="">worker global
+ scope</var>. Let <var title="">worker</var> be this new object.</li>
- <li><p><a href=#create-a-new-messageport-object>Create a new <code>MessagePort</code> object</a>
- owned by the <a href="#script's-global-object" title="script's global object">global
- object</a> of the <a href=#concept-script title=concept-script>script</a> that
- invoked the constructor. Let this be the <var title="">outside
- port</var>.</li>
+ <li><p><a href=#create-a-new-messageport-object>Create a new <code>MessagePort</code> object</a> owned by the <a href="#script's-global-object" title="script's global object">global object</a> of the <a href=#concept-script title=concept-script>script</a> that invoked the constructor. Let this be the <var title="">outside port</var>.</li>
<li><p>Associate the <var title="">outside port</var> with <var title="">worker</var>.</li>
- <li><p><a href=#create-a-new-messageport-object>Create a new <code>MessagePort</code> object</a>
- owned by <var title="">worker global scope</var>. Let <var title="">inside port</var> be this new object.</li>
+ <li><p><a href=#create-a-new-messageport-object>Create a new <code>MessagePort</code> object</a> owned by <var title="">worker
+ global scope</var>. Let <var title="">inside port</var> be this new object.</li>
- <li><p>Associate <var title="">inside port</var> with <var title="">worker global scope</var>.</li>
+ <li><p>Associate <var title="">inside port</var> with <var title="">worker global
+ scope</var>.</li>
- <li><p><a href=#entangle>Entangle</a> <var title="">outside port</var> and
- <var title="">inside port</var>.</li>
+ <li><p><a href=#entangle>Entangle</a> <var title="">outside port</var> and <var title="">inside
+ port</var>.</li>
- <li><p>Return <var title="">worker</var>, and run the following
- steps asynchronously.</li>
+ <li><p>Return <var title="">worker</var>, and run the following steps asynchronously.</li>
<!-- (this is done by the "run a worker" algorithm)
- <li><p>Enable <var title="">inside port</var>'s <span>port message
- queue</span>.</p></li>
+ <li><p>Enable <var title="">inside port</var>'s <span>port message queue</span>.</p></li>
-->
- <li><p>Enable <var title="">outside port</var>'s <a href=#port-message-queue>port message
- queue</a>.</li>
+ <li><p>Enable <var title="">outside port</var>'s <a href=#port-message-queue>port message queue</a>.</li>
<li>
- <p>Let <var title="">docs</var> be the <a href=#list-of-relevant-document-objects-to-add>list of relevant
- <code>Document</code> objects to add</a> given the <a href="#script's-global-object" title="script's global object">global object</a> of the <a href=#concept-script title=concept-script>script</a> that invoked the
- constructor.</p>
+ <p>Let <var title="">docs</var> be the <a href=#list-of-relevant-document-objects-to-add>list of relevant <code>Document</code> objects to
+ add</a> given the <a href="#script's-global-object" title="script's global object">global object</a> of the <a href=#concept-script title=concept-script>script</a> that invoked the constructor.</p>
</li>
<li>
- <p><a href="#add-a-document-to-the-worker's-documents" title="add a document to the worker's documents">Add to
- <var title="">worker global scope</var>'s list of <span>the
- worker's <code>Document</code>s</span></a> the
+ <p><a href="#add-a-document-to-the-worker's-documents" title="add a document to the worker's documents">Add to <var title="">worker global
+ scope</var>'s list of <span>the worker's <code>Document</code>s</span></a> the
<code><a href=#document>Document</a></code> objects in <var title="">docs</var>.</p>
</li>
<li>
- <p>If the <a href="#script's-global-object" title="script's global object">global object</a>
- of the <a href=#concept-script title=concept-script>script</a> that invoked the
- constructor is a <code><a href=#workerglobalscope>WorkerGlobalScope</a></code> object (i.e. we
- are creating a nested worker), add <var title="">worker global
- scope</var> to the list of <a href="#the-worker's-workers">the worker's workers</a> of the
- <code><a href=#workerglobalscope>WorkerGlobalScope</a></code> object that is the <a href="#script's-global-object" title="script's global object">global object</a> of the <a href=#concept-script title=concept-script>script</a> that invoked the
+ <p>If the <a href="#script's-global-object" title="script's global object">global object</a> of the <a href=#concept-script title=concept-script>script</a> that invoked the constructor is a
+ <code><a href=#workerglobalscope>WorkerGlobalScope</a></code> object (i.e. we are creating a nested worker), add <var title="">worker global scope</var> to the list of <a href="#the-worker's-workers">the worker's workers</a> of the
+ <code><a href=#workerglobalscope>WorkerGlobalScope</a></code> object that is the <a href="#script's-global-object" title="script's global object">global
+ object</a> of the <a href=#concept-script title=concept-script>script</a> that invoked the
constructor.</p>
</li>
<li>
- <p><a href=#run-a-worker>Run a worker</a> for the resulting <a href=#absolute-url>absolute
- URL</a>, with the <a href="#script's-browsing-context">script's browsing context</a> of the
- script that invoked the method as the <var title="">owner browsing
- context</var>, with the <a href="#script's-document">script's document</a> of the
- script that invoked the method as the <var title="">owner
- document</var>, with the <a href=#origin>origin</a> of the <a href=#entry-script>entry
- script</a> as the <var title="">owner origin</var>, and with
- <var title="">worker global scope</var> as the global scope.</p>
+ <p><a href=#run-a-worker>Run a worker</a> for the resulting <a href=#absolute-url>absolute URL</a>, with the
+ <a href="#script's-browsing-context">script's browsing context</a> of the script that invoked the method as the <var title="">owner browsing context</var>, with the <a href="#script's-document">script's document</a> of the script
+ that invoked the method as the <var title="">owner document</var>, with the <a href=#origin>origin</a>
+ of the <a href=#entry-script>entry script</a> as the <var title="">owner origin</var>, and with <var title="">worker global scope</var> as the global scope.</p>
</li>
- </ol><p>This constructor must be visible when the <a href="#script's-global-object">script's global
- object</a> is either a <code><a href=#window>Window</a></code> object or an object
- implementing the <code><a href=#workerglobalscope>WorkerGlobalScope</a></code> interface.</p>
+ </ol><p>This constructor must be visible when the <a href="#script's-global-object">script's global object</a> is either a
+ <code><a href=#window>Window</a></code> object or an object implementing the <code><a href=#workerglobalscope>WorkerGlobalScope</a></code>
+ interface.</p>
<h5 id=shared-workers-and-the-sharedworker-interface><span class=secno>9.2.6.3 </span>Shared workers and the <code><a href=#sharedworker>SharedWorker</a></code> interface</h5>
@@ -80023,55 +79671,47 @@
};
<a href=#sharedworker>SharedWorker</a> implements <a href=#abstractworker>AbstractWorker</a>;</pre>
- <p>The <dfn id=dom-sharedworker-port title=dom-SharedWorker-port><code>port</code></dfn>
- attribute must return the value it was assigned by the object's
- constructor. It represents the <code><a href=#messageport>MessagePort</a></code> for
+ <p>The <dfn id=dom-sharedworker-port title=dom-SharedWorker-port><code>port</code></dfn> attribute must return the value
+ it was assigned by the object's constructor. It represents the <code><a href=#messageport>MessagePort</a></code> for
communicating with the shared worker.</p>
- <p>When the <dfn id=dom-sharedworker title=dom-SharedWorker><code>SharedWorker(<var title="">scriptURL</var>, <var title="">name</var>)</code></dfn>
- constructor is invoked, the user agent must run the following
+ <p>When the <dfn id=dom-sharedworker title=dom-SharedWorker><code>SharedWorker(<var title="">scriptURL</var>, <var title="">name</var>)</code></dfn> constructor is invoked, the user agent must run the following
steps:</p>
<ol><li><p>The user agent may throw a <code><a href=#securityerror>SecurityError</a></code> exception and abort these steps if
the request violates a policy decision (e.g. if the user agent is configured to not allow the
page to start shared workers).</li>
- <li><p><a href=#resolve-a-url title="resolve a url">Resolve</a> the <var title="">scriptURL</var> argument.</li>
+ <li><p><a href=#resolve-a-url title="resolve a url">Resolve</a> the <var title="">scriptURL</var>
+ argument.</li>
- <li><p>If this fails, throw a <code><a href=#syntaxerror>SyntaxError</a></code>
- exception.</li>
+ <li><p>If this fails, throw a <code><a href=#syntaxerror>SyntaxError</a></code> exception.</li>
- <li><p>Otherwise, let <var title="">scriptURL</var> be the
- resulting <a href=#absolute-url>absolute URL</a> and <var title="">parsed scriptURL</var> be the
- resulting <a href=#parsed-url>parsed URL</a>.</li>
+ <li><p>Otherwise, let <var title="">scriptURL</var> be the resulting <a href=#absolute-url>absolute URL</a>
+ and <var title="">parsed scriptURL</var> be the resulting <a href=#parsed-url>parsed URL</a>.</li>
- <li><p>Let <var title="">name</var> be the value of the second
- argument, or the empty string if the second argument was
- omitted.</li>
+ <li><p>Let <var title="">name</var> be the value of the second argument, or the empty string if
+ the second argument was omitted.</li>
<li>
- <p>If the <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> component of
- <var title="">parsed scriptURL</var> is not "<code title=data-protocol>data</code>", and the <a href=#origin>origin</a> of
- <var title="">scriptURL</var> is not the <a href=#same-origin title="same
- origin">same</a> as the origin of the <a href=#entry-script>entry
- script</a>, then throw a <code><a href=#securityerror>SecurityError</a></code> exception
- and abort these steps.</p>
+ <p>If the <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> component of <var title="">parsed
+ scriptURL</var> is not "<code title=data-protocol>data</code>", and the <a href=#origin>origin</a> of
+ <var title="">scriptURL</var> is not the <a href=#same-origin title="same origin">same</a> as the origin of
+ the <a href=#entry-script>entry script</a>, then throw a <code><a href=#securityerror>SecurityError</a></code> exception and abort these
+ steps.</p>
- <p class=note>Thus, scripts must either be external files with
- the same scheme, host, and port as the original page, or <a href=#data-protocol title="data protocol"><code title="">data:</code> URLs</a>. For
- example, you can't load a script from a <a href=#javascript-protocol title="javascript
- protocol"><code title="">javascript:</code> URL</a>, and an
- <code>https:</code> page couldn't start workers using scripts with
- <code>http:</code> URLs.</p>
+ <p class=note>Thus, scripts must either be external files with the same scheme, host, and port
+ as the original page, or <a href=#data-protocol title="data protocol"><code title="">data:</code> URLs</a>.
+ For example, you can't load a script from a <a href=#javascript-protocol title="javascript protocol"><code title="">javascript:</code> URL</a>, and an <code>https:</code> page couldn't start workers
+ using scripts with <code>http:</code> URLs.</p>
</li>
<li>
- <p>Let <var title="">docs</var> be the <a href=#list-of-relevant-document-objects-to-add>list of relevant
- <code>Document</code> objects to add</a> given the <a href="#script's-global-object" title="script's global object">global object</a> of the <a href=#concept-script title=concept-script>script</a> that invoked the
- constructor.</p>
+ <p>Let <var title="">docs</var> be the <a href=#list-of-relevant-document-objects-to-add>list of relevant <code>Document</code> objects to
+ add</a> given the <a href="#script's-global-object" title="script's global object">global object</a> of the <a href=#concept-script title=concept-script>script</a> that invoked the constructor.</p>
</li>
@@ -80079,81 +79719,60 @@
<p>Execute the following substeps atomically:</p>
- <ol><li><p>Create a new <code><a href=#sharedworker>SharedWorker</a></code> object, which will
- shortly be associated with a <code><a href=#sharedworkerglobalscope>SharedWorkerGlobalScope</a></code>
- object. Let this <code><a href=#sharedworker>SharedWorker</a></code> object be <var title="">worker</var>.</li>
+ <ol><li><p>Create a new <code><a href=#sharedworker>SharedWorker</a></code> object, which will shortly be associated with a
+ <code><a href=#sharedworkerglobalscope>SharedWorkerGlobalScope</a></code> object. Let this <code><a href=#sharedworker>SharedWorker</a></code> object be <var title="">worker</var>.</li>
- <li><p><a href=#create-a-new-messageport-object>Create a new <code>MessagePort</code> object</a>
- owned by the <a href="#script's-global-object" title="script's global object">global
- object</a> of the script that invoked the method. Let this be
- the <var title="">outside port</var>.</li>
+ <li><p><a href=#create-a-new-messageport-object>Create a new <code>MessagePort</code> object</a> owned by the <a href="#script's-global-object" title="script's global object">global object</a> of the script that invoked the method. Let
+ this be the <var title="">outside port</var>.</li>
<li><p>Assign <var title="">outside port</var> to the <code title=dom-SharedWorker-port><a href=#dom-sharedworker-port>port</a></code> attribute of <var title="">worker</var>.</li>
- <li><p>Let <var title="">worker global scope</var> be
- null.</li>
+ <li><p>Let <var title="">worker global scope</var> be null.</li>
<li>
- <p>If <var title="">name</var> is not the empty string and there
- exists a <code><a href=#sharedworkerglobalscope>SharedWorkerGlobalScope</a></code> object whose <a href=#dom-workerglobalscope-closing title=dom-WorkerGlobalScope-closing>closing</a> flag is
- false, whose <code title=dom-WorkerGlobalScope-name>name</code> attribute is
- exactly equal to <var title="">name</var>, and whose
- <a href=#worker-origin>worker origin</a> is the <a href=#same-origin>same origin</a> as
- <var title="">scriptURL</var>, then let <var title="">worker
- global scope</var> be that <code><a href=#sharedworkerglobalscope>SharedWorkerGlobalScope</a></code>
- object.</p>
+ <p>If <var title="">name</var> is not the empty string and there exists a
+ <code><a href=#sharedworkerglobalscope>SharedWorkerGlobalScope</a></code> object whose <a href=#dom-workerglobalscope-closing title=dom-WorkerGlobalScope-closing>closing</a> flag is false, whose <code title=dom-WorkerGlobalScope-name>name</code> attribute is exactly equal to <var title="">name</var>, and whose <a href=#worker-origin>worker origin</a> is the <a href=#same-origin>same origin</a> as
+ <var title="">scriptURL</var>, then let <var title="">worker global scope</var> be that
+ <code><a href=#sharedworkerglobalscope>SharedWorkerGlobalScope</a></code> object.</p>
- <p>Otherwise, if <var title="">name</var> is the empty string
- and there exists a <code><a href=#sharedworkerglobalscope>SharedWorkerGlobalScope</a></code> object
- whose <a href=#dom-workerglobalscope-closing title=dom-WorkerGlobalScope-closing>closing</a>
- flag is false, whose <code title=dom-WorkerGlobalScope-name>name</code> attribute is the
- empty string, and whose <code title=dom-WorkerGlobalScope-location><a href=#dom-workerglobalscope-location>location</a></code> attribute
- represents an <a href=#absolute-url>absolute URL</a> that is exactly equal to
- <var title="">scriptURL</var>, then let <var title="">worker
- global scope</var> be that <code><a href=#sharedworkerglobalscope>SharedWorkerGlobalScope</a></code>
- object.</p>
+ <p>Otherwise, if <var title="">name</var> is the empty string and there exists a
+ <code><a href=#sharedworkerglobalscope>SharedWorkerGlobalScope</a></code> object whose <a href=#dom-workerglobalscope-closing title=dom-WorkerGlobalScope-closing>closing</a> flag is false, whose <code title=dom-WorkerGlobalScope-name>name</code> attribute is the empty string, and whose <code title=dom-WorkerGlobalScope-location><a href=#dom-workerglobalscope-location>location</a></code> attribute represents an <a href=#absolute-url>absolute
+ URL</a> that is exactly equal to <var title="">scriptURL</var>, then let <var title="">worker global scope</var> be that <code><a href=#sharedworkerglobalscope>SharedWorkerGlobalScope</a></code> object.</p>
</li>
<li>
- <p>If <var title="">worker global scope</var> is not null, but
- the user agent has been configured to disallow communication
- between the <a href=#concept-script title=concept-script>script</a> that
- invoked the constructor and the worker represented by the <var title="">worker global scope</var>, then set <var title="">worker global scope</var> to null.</p>
+ <p>If <var title="">worker global scope</var> is not null, but the user agent has been
+ configured to disallow communication between the <a href=#concept-script title=concept-script>script</a>
+ that invoked the constructor and the worker represented by the <var title="">worker global
+ scope</var>, then set <var title="">worker global scope</var> to null.</p>
- <p class=note>For example, a user agent could have a
- development mode that isolates a particular <a href=#top-level-browsing-context>top-level
- browsing context</a> from all other pages, and scripts in
- that development mode could be blocked from connecting to shared
- workers running in the normal browser mode.</p>
+ <p class=note>For example, a user agent could have a development mode that isolates a
+ particular <a href=#top-level-browsing-context>top-level browsing context</a> from all other pages, and scripts in that
+ development mode could be blocked from connecting to shared workers running in the normal
+ browser mode.</p>
</li>
<li>
- <p>If <var title="">worker global scope</var> is not null, then
- run these steps:</p>
+ <p>If <var title="">worker global scope</var> is not null, then run these steps:</p>
- <ol><li><p>If <var title="">worker global scope</var>'s <code title=dom-WorkerGlobalScope-location><a href=#dom-workerglobalscope-location>location</a></code>
- attribute represents an <a href=#absolute-url>absolute URL</a> that is not
- exactly equal to <var title="">scriptURL</var>, then throw a
- <code><a href=#urlmismatcherror>URLMismatchError</a></code> exception and abort all these
- steps.</li>
+ <ol><li><p>If <var title="">worker global scope</var>'s <code title=dom-WorkerGlobalScope-location><a href=#dom-workerglobalscope-location>location</a></code> attribute represents an <a href=#absolute-url>absolute
+ URL</a> that is not exactly equal to <var title="">scriptURL</var>, then throw a
+ <code><a href=#urlmismatcherror>URLMismatchError</a></code> exception and abort all these steps.</li>
- <li><p>Associate <var title="">worker</var> with <var title="">worker global scope</var>.</li>
+ <li><p>Associate <var title="">worker</var> with <var title="">worker global
+ scope</var>.</li>
- <li><p><a href=#create-a-new-messageport-object>Create a new <code>MessagePort</code>
- object</a> owned by <var title="">worker global
- scope</var>. Let this be the <var title="">inside
- port</var>.</li>
+ <li><p><a href=#create-a-new-messageport-object>Create a new <code>MessagePort</code> object</a> owned by <var title="">worker global scope</var>. Let this be the <var title="">inside port</var>.</li>
<li><p><a href=#entangle>Entangle</a> <var title="">outside port</var>
and <var title="">inside port</var>.</li>
- <li><p>Return <var title="">worker</var> and perform the next
- step asynchronously.</li>
+ <li><p>Return <var title="">worker</var> and perform the next step asynchronously.</li>
<li><p>Create a <a href=#concept-events-trusted title=concept-events-trusted>trusted</a> event that uses the
<code><a href=#messageevent>MessageEvent</a></code> interface, with the name <code title=event-connect>connect</code>, which does not bubble, is not cancelable, has no
@@ -80166,23 +79785,18 @@
<li>
- <p><a href="#add-a-document-to-the-worker's-documents" title="add a document to the worker's documents">Add to
- <var title="">worker global scope</var>'s list of <span>the
- worker's <code>Document</code>s</span></a> the
+ <p><a href="#add-a-document-to-the-worker's-documents" title="add a document to the worker's documents">Add to <var title="">worker global
+ scope</var>'s list of <span>the worker's <code>Document</code>s</span></a> the
<code><a href=#document>Document</a></code> objects in <var title="">docs</var>.</p>
</li>
<li>
- <p>If the <a href="#script's-global-object" title="script's global object">global
- object</a> of the <a href=#concept-script title=concept-script>script</a>
- that invoked the constructor is a
- <code><a href=#workerglobalscope>WorkerGlobalScope</a></code> object, add <var title="">worker global scope</var> to the list of <a href="#the-worker's-workers">the
- worker's workers</a> of the <code><a href=#workerglobalscope>WorkerGlobalScope</a></code>
- object that is the <a href="#script's-global-object" title="script's global object">global
- object</a> of the <a href=#concept-script title=concept-script>script</a>
- that invoked the constructor.</p>
+ <p>If the <a href="#script's-global-object" title="script's global object">global object</a> of the <a href=#concept-script title=concept-script>script</a> that invoked the constructor is a
+ <code><a href=#workerglobalscope>WorkerGlobalScope</a></code> object, add <var title="">worker global scope</var> to the
+ list of <a href="#the-worker's-workers">the worker's workers</a> of the <code><a href=#workerglobalscope>WorkerGlobalScope</a></code> object that
+ is the <a href="#script's-global-object" title="script's global object">global object</a> of the <a href=#concept-script title=concept-script>script</a> that invoked the constructor.</p>
</li>
@@ -80190,26 +79804,24 @@
</ol></li>
- <li><p>Create a new <code><a href=#sharedworkerglobalscope>SharedWorkerGlobalScope</a></code> object
- whose <a href=#worker-origin>worker origin</a> is the origin of the <a href=#entry-script>entry
- script</a>. Let <var title="">worker global scope</var> be
- this new object.</li>
+ <li><p>Create a new <code><a href=#sharedworkerglobalscope>SharedWorkerGlobalScope</a></code> object whose <a href=#worker-origin>worker
+ origin</a> is the origin of the <a href=#entry-script>entry script</a>. Let <var title="">worker global
+ scope</var> be this new object.</li>
- <li><p>Associate <var title="">worker</var> with <var title="">worker global scope</var>.</li>
+ <li><p>Associate <var title="">worker</var> with <var title="">worker global
+ scope</var>.</li>
- <li><p>Set the <code title=dom-SharedWorkerGlobalScope-name><a href=#dom-sharedworkerglobalscope-name>name</a></code> attribute of
- <var title="">worker global scope</var> to <var title="">name</var>.</li>
+ <li><p>Set the <code title=dom-SharedWorkerGlobalScope-name><a href=#dom-sharedworkerglobalscope-name>name</a></code> attribute of <var title="">worker global scope</var> to <var title="">name</var>.</li>
- <li><p><a href=#create-a-new-messageport-object>Create a new <code>MessagePort</code> object</a>
- owned by <var title="">worker global scope</var>. Let <var title="">inside port</var> be this new object.</li>
+ <li><p><a href=#create-a-new-messageport-object>Create a new <code>MessagePort</code> object</a> owned by <var title="">worker
+ global scope</var>. Let <var title="">inside port</var> be this new object.</li>
- <li><p><a href=#entangle>Entangle</a> <var title="">outside port</var> and
- <var title="">inside port</var>.</li>
+ <li><p><a href=#entangle>Entangle</a> <var title="">outside port</var> and <var title="">inside
+ port</var>.</li>
</ol></li>
- <li><p>Return <var title="">worker</var> and perform the remaining
- steps asynchronously.</li>
+ <li><p>Return <var title="">worker</var> and perform the remaining steps asynchronously.</li>
<li><p>Create a <a href=#concept-events-trusted title=concept-events-trusted>trusted</a> event that uses the
<code><a href=#messageevent>MessageEvent</a></code> interface, with the name <code title=event-connect>connect</code>,
@@ -80222,44 +79834,38 @@
<li>
- <p><a href="#add-a-document-to-the-worker's-documents" title="add a document to the worker's documents">Add to
- <var title="">worker global scope</var>'s list of <span>the
- worker's <code>Document</code>s</span></a> the
+ <p><a href="#add-a-document-to-the-worker's-documents" title="add a document to the worker's documents">Add to <var title="">worker global
+ scope</var>'s list of <span>the worker's <code>Document</code>s</span></a> the
<code><a href=#document>Document</a></code> objects in <var title="">docs</var>.</p>
</li>
<li>
- <p>If the <a href="#script's-global-object" title="script's global object">global object</a>
- of the <a href=#concept-script title=concept-script>script</a> that invoked the
- constructor is a <code><a href=#workerglobalscope>WorkerGlobalScope</a></code> object, add <var title="">worker global scope</var> to the list of <a href="#the-worker's-workers">the
- worker's workers</a> of the <code><a href=#workerglobalscope>WorkerGlobalScope</a></code>
- object that is the <a href="#script's-global-object" title="script's global object">global
- object</a> of the <a href=#concept-script title=concept-script>script</a>
- that invoked the constructor.</p>
+ <p>If the <a href="#script's-global-object" title="script's global object">global object</a> of the <a href=#concept-script title=concept-script>script</a> that invoked the constructor is a
+ <code><a href=#workerglobalscope>WorkerGlobalScope</a></code> object, add <var title="">worker global scope</var> to the list
+ of <a href="#the-worker's-workers">the worker's workers</a> of the <code><a href=#workerglobalscope>WorkerGlobalScope</a></code> object that is the
+ <a href="#script's-global-object" title="script's global object">global object</a> of the <a href=#concept-script title=concept-script>script</a> that invoked the constructor.</p>
</li>
<li>
- <p><a href=#run-a-worker>Run a worker</a> for <var title="">scriptURL</var>,
- with the <a href="#script's-browsing-context">script's browsing context</a> of the script that
- invoked the method as the <var title="">owner browsing
- context</var>, with the <a href="#script's-document">script's document</a> of the
- script that invoked the method as the <var title="">owner
- document</var>, with the <a href=#origin>origin</a> of the <a href=#entry-script>entry
- script</a> as the <var title="">owner origin</var>, and with
- <var title="">worker global scope</var> as the global scope.</p>
+ <p><a href=#run-a-worker>Run a worker</a> for <var title="">scriptURL</var>, with the <a href="#script's-browsing-context">script's browsing
+ context</a> of the script that invoked the method as the <var title="">owner browsing
+ context</var>, with the <a href="#script's-document">script's document</a> of the script that invoked the method as
+ the <var title="">owner document</var>, with the <a href=#origin>origin</a> of the <a href=#entry-script>entry
+ script</a> as the <var title="">owner origin</var>, and with <var title="">worker global
+ scope</var> as the global scope.</p>
</li>
- </ol><p>This constructor must be visible when the <a href="#script's-global-object">script's global
- object</a> is either a <code><a href=#window>Window</a></code> object or an object
- implementing the <code><a href=#workerglobalscope>WorkerGlobalScope</a></code> interface.</p>
+ </ol><p>This constructor must be visible when the <a href="#script's-global-object">script's global object</a> is either a
+ <code><a href=#window>Window</a></code> object or an object implementing the <code><a href=#workerglobalscope>WorkerGlobalScope</a></code>
+ interface.</p>
- <p>The <a href=#task-source>task source</a> for the tasks mentioned above is the
- <a href=#dom-manipulation-task-source>DOM manipulation task source</a>.</p>
+ <p>The <a href=#task-source>task source</a> for the tasks mentioned above is the <a href=#dom-manipulation-task-source>DOM manipulation task
+ source</a>.</p>
@@ -82030,7 +81636,6 @@
https://www.w3.org/Bugs/Public/show_bug.cgi?id=17264 -->
-<!--CLEANUP-->
<h4 id=parsing-websocket-urls><span class=secno>10.3.5 </span>Parsing WebSocket URLs</h4>
<p>The steps to <dfn id="parse-a-websocket-url's-components">parse a WebSocket URL's components</dfn> from a string <var title="">url</var> are as follows. These steps return either a <var title="">host</var>, a <var title="">port</var>, a <var title="">resource name</var>, and a <var title="">secure</var> flag,
@@ -82050,34 +81655,37 @@
</li>
- <li><p>If the resulting <a href=#parsed-url>parsed URL</a> does not have a <a href=#concept-url-scheme title=concept-url-scheme>scheme</a>
- component whose value, when <a href=#converted-to-ascii-lowercase>converted to ASCII lowercase</a>, is either "<code title="">ws</code>" or "<code title="">wss</code>", then fail this algorithm.</li>
+ <li><p>If the resulting <a href=#parsed-url>parsed URL</a> does not have a <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> component whose value, when <a href=#converted-to-ascii-lowercase>converted to ASCII
+ lowercase</a>, is either "<code title="">ws</code>" or "<code title="">wss</code>", then fail
+ this algorithm.</li>
- <li><p>If the resulting <a href=#parsed-url>parsed URL</a> has a non-null <a href=#concept-url-fragment title=concept-url-fragment>fragment</a>
- component, then fail this algorithm.</li>
+ <li><p>If the resulting <a href=#parsed-url>parsed URL</a> has a non-null <a href=#concept-url-fragment title=concept-url-fragment>fragment</a> component, then fail this algorithm.</li>
- <li><p>If the <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> component of the resulting <a href=#parsed-url>parsed URL</a>
- is "<code title="">ws</code>", set <var title="">secure</var> to false; otherwise, the <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> component is "<code title="">wss</code>", set <var title="">secure</var> to true.</li>
+ <li><p>If the <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> component of the resulting
+ <a href=#parsed-url>parsed URL</a> is "<code title="">ws</code>", set <var title="">secure</var> to false;
+ otherwise, the <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> component is "<code title="">wss</code>", set <var title="">secure</var> to true.</li>
- <li><p>Let <var title="">host</var> be the value of the resulting <a href=#parsed-url>parsed URL</a>'s <a href=#concept-url-host title=concept-url-host>host</a> component, <a href=#converted-to-ascii-lowercase>converted to
- ASCII lowercase</a>.</li> <!-- at this point this is Punycode-encoded already -->
+ <li><p>Let <var title="">host</var> be the value of the resulting <a href=#parsed-url>parsed URL</a>'s <a href=#concept-url-host title=concept-url-host>host</a> component, <a href=#converted-to-ascii-lowercase>converted to ASCII
+ lowercase</a>.</li> <!-- at this point this is Punycode-encoded already -->
- <li><p>If the resulting <a href=#parsed-url>parsed URL</a> has a <a href=#concept-url-port title=concept-url-port>port</a> component that is not the empty string,
- then let <var title="">port</var> be that component's value; otherwise, there is no explicit <var title="">port</var>.</li>
+ <li><p>If the resulting <a href=#parsed-url>parsed URL</a> has a <a href=#concept-url-port title=concept-url-port>port</a>
+ component that is not the empty string, then let <var title="">port</var> be that component's
+ value; otherwise, there is no explicit <var title="">port</var>.</li>
<li><p>If there is no explicit <var title="">port</var>, then: if <var title="">secure</var> is
false, let <var title="">port</var> be 80, otherwise let <var title="">port</var> be
443.</li>
- <li><p>Let <var title="">resource name</var> be the value of the resulting <a href=#parsed-url>parsed URL</a>'s <a href=#concept-url-path title=concept-url-path>path</a> component (which might be empty).</li> <!-- at this point this is UTF-8 encoded and percent encoded -->
+ <li><p>Let <var title="">resource name</var> be the value of the resulting <a href=#parsed-url>parsed
+ URL</a>'s <a href=#concept-url-path title=concept-url-path>path</a> component (which might be
+ empty).</li> <!-- at this point this is UTF-8 encoded and percent encoded -->
<li><p>If <var title="">resource name</var> is the empty string, set it to a single character
U+002F SOLIDUS (/).</li>
- <li><p>If the resulting <a href=#parsed-url>parsed URL</a> has a non-null <a href=#concept-url-query title=concept-url-query>query</a> component,
- then append a single U+003F QUESTION MARK character (?) to <var title="">resource name</var>,
- followed by the value of the <a href=#concept-url-query title=concept-url-query>query</a> component.</li>
- <!-- at this point this is UTF-8 encoded and percent encoded -->
+ <li><p>If the resulting <a href=#parsed-url>parsed URL</a> has a non-null <a href=#concept-url-query title=concept-url-query>query</a> component, then append a single U+003F QUESTION MARK
+ character (?) to <var title="">resource name</var>, followed by the value of the <a href=#concept-url-query title=concept-url-query>query</a> component.</li> <!-- at this point this is UTF-8
+ encoded and percent encoded -->
<li><p>Return <var title="">host</var>, <var title="">port</var>, <var title="">resource
name</var>, and <var title="">secure</var>.</li>
Modified: index
===================================================================
--- index 2013-02-09 02:07:29 UTC (rev 7710)
+++ index 2013-02-09 04:06:15 UTC (rev 7711)
@@ -6625,36 +6625,28 @@
</dl></div>
-<!--CLEANUP-->
<div class=impl>
<h3 id=fetching-resources><span class=secno>2.6 </span>Fetching resources</h3>
<h4 id=terminology-1><span class=secno>2.6.1 </span>Terminology</h4>
- <p id=concept-http-equivalent>User agents can implement a variety
- of transfer protocols, but this specification mostly defines
- behavior in terms of HTTP. <a href=#refsHTTP>[HTTP]</a></p>
+ <p id=concept-http-equivalent>User agents can implement a variety of transfer protocols, but
+ this specification mostly defines behavior in terms of HTTP. <a href=#refsHTTP>[HTTP]</a></p>
- <p>The <dfn id=concept-http-equivalent-get title=concept-http-equivalent-get>HTTP GET
- method</dfn> is equivalent to the default retrieval action of the
- protocol. For example, RETR in FTP. Such actions are idempotent and
- safe, in HTTP terms.</p>
+ <p>The <dfn id=concept-http-equivalent-get title=concept-http-equivalent-get>HTTP GET method</dfn> is equivalent to the default
+ retrieval action of the protocol. For example, RETR in FTP. Such actions are idempotent and safe,
+ in HTTP terms.</p>
- <p>The <dfn id=concept-http-equivalent-codes title=concept-http-equivalent-codes>HTTP response
- codes</dfn> are equivalent to statuses in other protocols that have
- the same basic meanings. For example, a "file not found" error is
- equivalent to a 404 code, a server error is equivalent to a 5xx
- code, and so on.</p>
+ <p>The <dfn id=concept-http-equivalent-codes title=concept-http-equivalent-codes>HTTP response codes</dfn> are equivalent to
+ statuses in other protocols that have the same basic meanings. For example, a "file not found"
+ error is equivalent to a 404 code, a server error is equivalent to a 5xx code, and so on.</p>
- <p>The <dfn id=concept-http-equivalent-headers title=concept-http-equivalent-headers>HTTP
- headers</dfn> are equivalent to fields in other protocols that have
- the same basic meaning. For example, the HTTP authentication
- headers are equivalent to the authentication aspects of the FTP
- protocol.</p>
+ <p>The <dfn id=concept-http-equivalent-headers title=concept-http-equivalent-headers>HTTP headers</dfn> are equivalent to fields in
+ other protocols that have the same basic meaning. For example, the HTTP authentication headers are
+ equivalent to the authentication aspects of the FTP protocol.</p>
- <hr><p>A <dfn id=referrer-source>referrer source</dfn> is either a <code><a href=#document>Document</a></code> or
- a <a href=#url>URL</a>.</p>
+ <p>A <dfn id=referrer-source>referrer source</dfn> is either a <code><a href=#document>Document</a></code> or a <a href=#url>URL</a>.</p>
<h4 id=processing-model><span class=secno>2.6.2 </span>Processing model</h4>
@@ -6937,29 +6929,23 @@
<h4 id=content-type-sniffing><span class=secno>2.6.4 </span>Determining the type of a resource</h4>
- <p>The <dfn id=content-type title=Content-Type>Content-Type metadata</dfn> of a
- resource must be obtained and interpreted in a manner consistent
- with the requirements of the Media Type Sniffing
- specification. <a href=#refsMIMESNIFF>[MIMESNIFF]</a></p>
+ <p>The <dfn id=content-type title=Content-Type>Content-Type metadata</dfn> of a resource must be obtained and
+ interpreted in a manner consistent with the requirements of the Media Type Sniffing specification.
+ <a href=#refsMIMESNIFF>[MIMESNIFF]</a></p>
- <p>The <dfn id=content-type-sniffing-0 title="Content-Type sniffing">sniffed type of a
- resource</dfn> must be found in a manner consistent with the
- requirements given in the Media Type Sniffing
- specification for finding the <i>sniffed-type</i> of the relevant
- sequence of octets. <a href=#refsMIMESNIFF>[MIMESNIFF]</a></p>
+ <p>The <dfn id=content-type-sniffing-0 title="Content-Type sniffing">sniffed type of a resource</dfn> must be found in a
+ manner consistent with the requirements given in the Media Type Sniffing specification for finding
+ the <i>sniffed-type</i> of the relevant sequence of octets. <a href=#refsMIMESNIFF>[MIMESNIFF]</a></p>
- <p>The <dfn id=content-type-sniffing:-image title="Content-Type sniffing: image">rules for sniffing
- images specifically</dfn> and the <dfn id=content-type-sniffing:-text-or-binary title="Content-Type sniffing:
- text or binary">rules for distinguishing if a resource is text or
- binary</dfn> are also defined in the Media Type Sniffing
- specification. Both sets of rules return a <a href=#mime-type>MIME type</a> as
- their result. <a href=#refsMIMESNIFF>[MIMESNIFF]</a></p>
+ <p>The <dfn id=content-type-sniffing:-image title="Content-Type sniffing: image">rules for sniffing images specifically</dfn> and
+ the <dfn id=content-type-sniffing:-text-or-binary title="Content-Type sniffing: text or binary">rules for distinguishing if a resource is
+ text or binary</dfn> are also defined in the Media Type Sniffing specification. Both sets of rules
+ return a <a href=#mime-type>MIME type</a> as their result. <a href=#refsMIMESNIFF>[MIMESNIFF]</a></p>
- <p class=warning>It is imperative that the rules in the Media Type
- Sniffing specification be followed exactly. When a user agent uses
- different heuristics for content type detection than the server
- expects, security problems can occur. For more details, see the
- Media Type Sniffing specification. <a href=#refsMIMESNIFF>[MIMESNIFF]</a></p>
+ <p class=warning>It is imperative that the rules in the Media Type Sniffing specification be
+ followed exactly. When a user agent uses different heuristics for content type detection than the
+ server expects, security problems can occur. For more details, see the Media Type Sniffing
+ specification. <a href=#refsMIMESNIFF>[MIMESNIFF]</a></p>
<h4 id=extracting-character-encodings-from-meta-elements><span class=secno>2.6.5 </span>Extracting character encodings from <code><a href=#the-meta-element>meta</a></code> elements</h4>
@@ -8381,16 +8367,13 @@
<dl class=domintro><dt><var title="">document</var> . <code title=dom-document-referrer><a href=#dom-document-referrer>referrer</a></code></dt>
<dd>
-<!--CLEANUP-->
+ <p>Returns <a href="#the-document's-address" title="the document's address">the address</a> of the <code><a href=#document>Document</a></code>
+ from which the user navigated to this one, unless it was blocked or there was no such document,
+ in which case it returns the empty string.</p>
- <p>Returns <a href="#the-document's-address" title="the document's address">the address</a>
- of the <code><a href=#document>Document</a></code> from which the user navigated to this
- one, unless it was blocked or there was no such document, in which
- case it returns the empty string.</p>
+ <p>The <code title=rel-noreferrer><a href=#link-type-noreferrer>noreferrer</a></code> link type can be used to block the
+ referrer.</p>
- <p>The <code title=rel-noreferrer><a href=#link-type-noreferrer>noreferrer</a></code> link
- type can be used to block the referrer.</p>
-
</dd>
</dl><div class=impl>
@@ -8507,8 +8490,10 @@
<dl class=domintro><dt><var title="">document</var> . <code title=dom-document-readyState><a href=#dom-document-readystate>readyState</a></code></dt>
<dd>
- <p>Returns "<code title="">loading</code>" while the <code><a href=#document>Document</a></code> is loading, "<code title="">interactive</code>" once it is finished parsing but still loading sub-resources, and "<code title="">complete</code>" once it has loaded.</p>
- <p>The <code title=event-readystatechange><a href=#event-readystatechange>readystatechange</a></code> event fires on the <code><a href=#document>Document</a></code> object when this value changes.</p>
+ <p>Returns "<code title="">loading</code>" while the <code><a href=#document>Document</a></code> is loading, "<code title="">interactive</code>" once it is finished parsing but still loading sub-resources, and
+ "<code title="">complete</code>" once it has loaded.</p>
+ <p>The <code title=event-readystatechange><a href=#event-readystatechange>readystatechange</a></code> event fires on the
+ <code><a href=#document>Document</a></code> object when this value changes.</p>
</dd>
</dl><div class=impl>
@@ -18925,7 +18910,7 @@
</dd>
- </dl><!-- CLEANUP --><div class=impl>
+ </dl><div class=impl>
<p>The IDL attributes <dfn id=dom-a-href title=dom-a-href><code>href</code></dfn>, <dfn id=dom-a-download title=dom-a-download><code>download</code></dfn>, <dfn id=dom-a-ping title=dom-a-ping><code>ping</code></dfn>, <dfn id=dom-a-target title=dom-a-target><code>target</code></dfn>,
<dfn id=dom-a-rel title=dom-a-rel><code>rel</code></dfn>, <dfn id=dom-a-hreflang title=dom-a-hreflang><code>hreflang</code></dfn>, and <dfn id=dom-a-type title=dom-a-type><code>type</code></dfn>, must <a href=#reflect>reflect</a> the respective content
@@ -18938,12 +18923,12 @@
same value as the <code><a href=#textcontent>textContent</a></code> IDL attribute on the element, and on setting, must act
as if the <code><a href=#textcontent>textContent</a></code> IDL attribute on the element had been set to the new value.</p>
- <p>The <code><a href=#the-a-element>a</a></code> element also supports the <code><a href=#urlutils>URLUtils</a></code> interface. The <a href=#concept-uu-input title=concept-uu-input>input</a> is
- the value of the element's <code title=attr-hyperlink-href><a href=#attr-hyperlink-href>href</a></code> content attribute, if there is such an
- attribute, or the empty string otherwise; the <a href=#concept-uu-base title=concept-uu-base>base</a>
- is <a href="#the-element's-base-url">the element's base URL</a>; the <a href=#concept-uu-query-encoding title=concept-uu-query-encoding>query encoding</a>
- being the <a href="#document's-character-encoding">document's character encoding</a>; and the <a href=#concept-uu-update title=concept-uu-update>update steps</a> being the same as setting the element's
- <code title=attr-hyperlink-href><a href=#attr-hyperlink-href>href</a></code> content attribute to the new output value.</p>
+ <p>The <code><a href=#the-a-element>a</a></code> element also supports the <code><a href=#urlutils>URLUtils</a></code> interface. The <a href=#concept-uu-input title=concept-uu-input>input</a> is the value of the element's <code title=attr-hyperlink-href><a href=#attr-hyperlink-href>href</a></code> content attribute, if there is such an attribute, or the
+ empty string otherwise; the <a href=#concept-uu-base title=concept-uu-base>base</a> is <a href="#the-element's-base-url">the element's base
+ URL</a>; the <a href=#concept-uu-query-encoding title=concept-uu-query-encoding>query encoding</a> being the
+ <a href="#document's-character-encoding">document's character encoding</a>; and the <a href=#concept-uu-update title=concept-uu-update>update
+ steps</a> being the same as setting the element's <code title=attr-hyperlink-href><a href=#attr-hyperlink-href>href</a></code>
+ content attribute to the new output value.</p>
</div>
<!--TOPIC:HTML-->
@@ -24759,12 +24744,10 @@
<!-- if we get to this point we know we can successfully parsed the URL, since this algorithm is
only used after fetching the resource in the steps above -->
-<!--CLEANUP-->
- <p>Otherwise, if applying the <a href=#url-parser>URL parser</a> algorithm to the
- <a href=#url>URL</a> of the specified resource (after any redirects) results in a <a href=#parsed-url>parsed URL</a>
- whose <a href=#concept-url-path title=concept-url-path>path</a> component matches a pattern that a
- <a href=#plugin>plugin</a> supports, then the <a href=#concept-embed-type title=concept-embed-type>content's type</a> is
- the type that that plugin can handle.</p>
+ <p>Otherwise, if applying the <a href=#url-parser>URL parser</a> algorithm to the <a href=#url>URL</a> of the
+ specified resource (after any redirects) results in a <a href=#parsed-url>parsed URL</a> whose <a href=#concept-url-path title=concept-url-path>path</a> component matches a pattern that a <a href=#plugin>plugin</a>
+ supports, then the <a href=#concept-embed-type title=concept-embed-type>content's type</a> is the type that that
+ plugin can handle.</p>
<p class=example>For example, a plugin might say that it can handle resources with <a href=#concept-url-path title=concept-url-path>path</a> components that end with the four character string "<code title="">.swf</code>".</p>
@@ -25295,10 +25278,8 @@
<!-- if we get to this point we know we can successfully parsed the URL, since this
algorithm is only used after fetching the resource in the steps above -->
-<!--CLEANUP-->
- <p>If applying the <a href=#url-parser>URL parser</a> algorithm to the
- <a href=#url>URL</a> of the specified resource (after any redirects) results in a <a href=#parsed-url>parsed URL</a>
- whose <a href=#concept-url-path title=concept-url-path>path</a> component matches a pattern that a <a href=#plugin>plugin</a>
+ <p>If applying the <a href=#url-parser>URL parser</a> algorithm to the <a href=#url>URL</a> of the
+ specified resource (after any redirects) results in a <a href=#parsed-url>parsed URL</a> whose <a href=#concept-url-path title=concept-url-path>path</a> component matches a pattern that a <a href=#plugin>plugin</a>
supports, then let <var title="">resource type</var> be the type that that plugin can
handle.</p>
@@ -54973,36 +54954,32 @@
</div>
-<!--CLEANUP-->
<div class=impl>
<h5 id=form-submission-algorithm><span class=secno>4.10.22.3 </span>Form submission algorithm</h5>
- <p>When a <code><a href=#the-form-element>form</a></code> element <var title="">form</var> is <dfn id=concept-form-submit title=concept-form-submit>submitted</dfn> from an element <var title="">submitter</var> (typically a button), optionally with a
- <var title="">submitted from <code title=dom-form-submit><a href=#dom-form-submit>submit()</a></code> method</var> flag set, the
- user agent must run the following steps:</p>
+ <p>When a <code><a href=#the-form-element>form</a></code> element <var title="">form</var> is <dfn id=concept-form-submit title=concept-form-submit>submitted</dfn> from an element <var title="">submitter</var>
+ (typically a button), optionally with a <var title="">submitted from <code title=dom-form-submit><a href=#dom-form-submit>submit()</a></code> method</var> flag set, the user agent must run the
+ following steps:</p>
- <ol><li><p>Let <var title="">form document</var> be the <var title="">form</var>'s <code><a href=#document>Document</a></code>.</li>
+ <ol><li><p>Let <var title="">form document</var> be the <var title="">form</var>'s
+ <code><a href=#document>Document</a></code>.</li>
- <li id=sandboxSubmitBlocked><p>If <var title="">form
- document</var> has no associated <a href=#browsing-context>browsing context</a> or
- its <a href=#active-sandboxing-flag-set>active sandboxing flag set</a> has its
- <a href=#sandboxed-forms-browsing-context-flag>sandboxed forms browsing context flag</a> set, then abort
- these steps without doing anything.</li>
+ <li id=sandboxSubmitBlocked><p>If <var title="">form document</var> has no associated
+ <a href=#browsing-context>browsing context</a> or its <a href=#active-sandboxing-flag-set>active sandboxing flag set</a> has its
+ <a href=#sandboxed-forms-browsing-context-flag>sandboxed forms browsing context flag</a> set, then abort these steps without doing
+ anything.</li>
- <li><p>Let <var title="">form browsing context</var> be the
- <a href=#browsing-context>browsing context</a> of <var title="">form
- document</var>.</li>
+ <li><p>Let <var title="">form browsing context</var> be the <a href=#browsing-context>browsing context</a> of <var title="">form document</var>.</li>
<!-- lock (all the following steps are skipped if called from submit() - see unlock step below) -->
- <li><p>If the <var title="">submitted from <code title=dom-form-submit><a href=#dom-form-submit>submit()</a></code> method</var> flag is not
- set, and the <var title="">submitter</var> element's <a href=#concept-fs-novalidate title=concept-fs-novalidate>no-validate state</a> is false,
- then <a href=#interactively-validate-the-constraints>interactively validate the constraints</a> of <var title="">form</var> and examine the result: if the result is
- negative (the constraint validation concluded that there were
- invalid fields and probably informed the user of this) then abort
- these steps.</li>
+ <li><p>If the <var title="">submitted from <code title=dom-form-submit><a href=#dom-form-submit>submit()</a></code>
+ method</var> flag is not set, and the <var title="">submitter</var> element's <a href=#concept-fs-novalidate title=concept-fs-novalidate>no-validate state</a> is false, then <a href=#interactively-validate-the-constraints>interactively
+ validate the constraints</a> of <var title="">form</var> and examine the result: if the result
+ is negative (the constraint validation concluded that there were invalid fields and probably
+ informed the user of this) then abort these steps.</li>
<li><p>If the <var title="">submitted from <code title=dom-form-submit><a href=#dom-form-submit>submit()</a></code>
method</var> flag is not set, then <a href=#fire-a-simple-event>fire a simple event</a> that bubbles and is
@@ -55010,43 +54987,40 @@
event's default action is prevented (i.e. if the event is canceled) then abort these steps.
Otherwise, continue (effectively the default action is to perform the submission).</li>
- <!-- if you add any steps between the "lock" and "unlock" lines,
- make sure to update the step immediately before the "lock" line -->
+ <!-- if you add any steps between the "lock" and "unlock" lines, make sure to update the step
+ immediately before the "lock" line -->
<!-- unlock -->
- <li><p>Let <var title="">form data set</var> be the result of
- <a href=#constructing-the-form-data-set>constructing the form data set</a> for <var title="">form</var> in the context of <var title="">submitter</var>.</li>
+ <li><p>Let <var title="">form data set</var> be the result of <a href=#constructing-the-form-data-set>constructing the form data
+ set</a> for <var title="">form</var> in the context of <var title="">submitter</var>.</li>
<li><p>Let <var title="">action</var> be the <var title="">submitter</var> element's <a href=#concept-fs-action title=concept-fs-action>action</a>.</li>
<li>
- <p>If <var title="">action</var> is the empty string, let <var title="">action</var> be <a href="#the-document's-address">the document's address</a> of
- the <var title="">form document</var>.</p>
+ <p>If <var title="">action</var> is the empty string, let <var title="">action</var> be
+ <a href="#the-document's-address">the document's address</a> of the <var title="">form document</var>.</p>
- <!-- Don't ask me why. But that's what IE does. It even treats
- action="" differently from action=" " or action="#" (the latter
- two resolve to the base URL, the first one resolves to the doc
- URL). And other browsers concur. It is even required, see e.g.
+ <!-- Don't ask me why. But that's what IE does. It even treats action="" differently from
+ action=" " or action="#" (the latter two resolve to the base URL, the first one resolves to the
+ doc URL). And other browsers concur. It is even required, see e.g.
http://bugs.webkit.org/show_bug.cgi?id=7763
https://bugzilla.mozilla.org/show_bug.cgi?id=297761
-->
</li>
- <li><p><a href=#resolve-a-url title="resolve a url">Resolve</a> the
- <a href=#url>URL</a> <var title="">action</var>, relative to the <var title="">submitter</var> element. If this fails, abort these
- steps.</li>
+ <li><p><a href=#resolve-a-url title="resolve a url">Resolve</a> the <a href=#url>URL</a> <var title="">action</var>, relative to the <var title="">submitter</var> element. If this fails,
+ abort these steps.</li>
- <li><p>Let <var title="">action</var> be the resulting
- <a href=#absolute-url>absolute URL</a>.</li>
+ <li><p>Let <var title="">action</var> be the resulting <a href=#absolute-url>absolute URL</a>.</li>
<li><p>Let <var title="">action components</var> be the resulting <a href=#parsed-url>parsed
URL</a>.</li>
- <li><p>Let <var title="">scheme</var> be the <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> of the resulting
- <a href=#parsed-url>parsed URL</a>.</li>
+ <li><p>Let <var title="">scheme</var> be the <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> of
+ the resulting <a href=#parsed-url>parsed URL</a>.</li>
<li><p>Let <var title="">enctype</var> be the <var title="">submitter</var> element's <a href=#concept-fs-enctype title=concept-fs-enctype>enctype</a>.</li>
@@ -55054,13 +55028,12 @@
<li><p>Let <var title="">target</var> be the <var title="">submitter</var> element's <a href=#concept-fs-target title=concept-fs-target>target</a>.</li>
- <li><p>If the user indicated a specific <a href=#browsing-context>browsing
- context</a> to use when submitting the form, then let <var title="">target browsing context</var> be that <a href=#browsing-context>browsing
- context</a>. Otherwise, apply <a href=#the-rules-for-choosing-a-browsing-context-given-a-browsing-context-name>the rules for choosing a
- browsing context given a browsing context name</a> using <var title="">target</var> as the name and <var title="">form browsing
- context</var> as the context in which the algorithm is executed,
- and let <var title="">target browsing context</var> be the
- resulting <a href=#browsing-context>browsing context</a>.</li>
+ <li><p>If the user indicated a specific <a href=#browsing-context>browsing context</a> to use when submitting the
+ form, then let <var title="">target browsing context</var> be that <a href=#browsing-context>browsing context</a>.
+ Otherwise, apply <a href=#the-rules-for-choosing-a-browsing-context-given-a-browsing-context-name>the rules for choosing a browsing context given a browsing context
+ name</a> using <var title="">target</var> as the name and <var title="">form browsing
+ context</var> as the context in which the algorithm is executed, and let <var title="">target
+ browsing context</var> be the resulting <a href=#browsing-context>browsing context</a>.</li>
<li><p>If <var title="">target browsing context</var> was created in the previous step, or,
alternatively, if the <var title="">form document</var> has not yet <a href=#completely-loaded>completely
@@ -55070,14 +55043,12 @@
<li>
- <p>If the value of <var title="">method</var> is <a href=#attr-fs-method-dialog title=attr-fs-method-dialog>dialog</a> then jump to the <a href=#submit-dialog title=submit-dialog>submit dialog</a> steps.</p>
+ <p>If the value of <var title="">method</var> is <a href=#attr-fs-method-dialog title=attr-fs-method-dialog>dialog</a> then jump to the <a href=#submit-dialog title=submit-dialog>submit
+ dialog</a> steps.</p>
- <p>Otherwise, select the appropriate row in the table below based
- on the value of <var title="">scheme</var> as given by the first
- cell of each row. Then, select the appropriate cell on that row
- based on the value of <var title="">method</var> as given in the
- first cell of each column. Then, jump to the steps named in that
- cell and defined below the table.</p>
+ <p>Otherwise, select the appropriate row in the table below based on the value of <var title="">scheme</var> as given by the first cell of each row. Then, select the appropriate cell
+ on that row based on the value of <var title="">method</var> as given in the first cell of each
+ column. Then, jump to the steps named in that cell and defined below the table.</p>
<table><thead><tr><td>
<th> <a href=#attr-fs-method-get title=attr-fs-method-GET>GET</a>
@@ -55100,47 +55071,40 @@
<tr><th> <code title="">mailto</code>
<td> <a href=#submit-mailto-headers title=submit-mailto-headers>Mail with headers</a>
<td> <a href=#submit-mailto-body title=submit-mailto-body>Mail as body</a>
- </table><p>If <var title="">scheme</var> is not one of those listed in
- this table, then the behavior is not defined by this
- specification. User agents should, in the absence of another
- specification defining this, act in a manner analogous to that
- defined in this specification for similar schemes.</p>
+ </table><p>If <var title="">scheme</var> is not one of those listed in this table, then the behavior is
+ not defined by this specification. User agents should, in the absence of another specification
+ defining this, act in a manner analogous to that defined in this specification for similar
+ schemes.</p>
<p>The behaviors are as follows:</p>
<dl><dt><dfn id=submit-mutate-action title=submit-mutate-action>Mutate action URL</dfn>
<dd>
- <p>Let <var title="">query</var> be the result of encoding the
- <var title="">form data set</var> using the <a href=#application/x-www-form-urlencoded-encoding-algorithm><code title="">application/x-www-form-urlencoded</code> encoding
+ <p>Let <var title="">query</var> be the result of encoding the <var title="">form data
+ set</var> using the <a href=#application/x-www-form-urlencoded-encoding-algorithm><code title="">application/x-www-form-urlencoded</code> encoding
algorithm</a>, interpreted as a US-ASCII string.</p>
- <!-- by this point we've already tried to resolve the URL, so we
- know we can parse it -->
+ <!-- by this point we've already tried to resolve the URL, so we know we can parse it -->
<p>Set <var title="">parsed action</var>'s <a href=#concept-url-query title=concept-url-query>query</a>
component to <var title="">query</var>.</p>
- <p>Let <var title="">destination</var> be a new <a href=#url>URL</a>
- formed by applying the <a href=#url-serializer>URL serializer</a> algorithm to <var title="">parsed action</var>.</p>
+ <p>Let <var title="">destination</var> be a new <a href=#url>URL</a> formed by applying the
+ <a href=#url-serializer>URL serializer</a> algorithm to <var title="">parsed action</var>.</p>
- <p><a href=#navigate>Navigate</a><!--DONAV form--> <var title="">target
- browsing context</var> to <var title="">destination</var>. If
- <var title="">replace</var> is true, then <var title="">target
- browsing context</var> must be navigated with <a href=#replacement-enabled>replacement
- enabled</a>.</p>
+ <p><a href=#navigate>Navigate</a><!--DONAV form--> <var title="">target browsing context</var> to <var title="">destination</var>. If <var title="">replace</var> is true, then <var title="">target
+ browsing context</var> must be navigated with <a href=#replacement-enabled>replacement enabled</a>.</p>
</dd>
<dt><dfn id=submit-body title=submit-body>Submit as entity body</dfn>
<dd>
- <p>Let <var title="">entity body</var> be the result of encoding
- the <var title="">form data set</var> using the
- <a href=#appropriate-form-encoding-algorithm>appropriate form encoding algorithm</a>.</p>
+ <p>Let <var title="">entity body</var> be the result of encoding the <var title="">form data
+ set</var> using the <a href=#appropriate-form-encoding-algorithm>appropriate form encoding algorithm</a>.</p>
- <p>Let <var title="">MIME type</var> be determined as
- follows:</p>
+ <p>Let <var title="">MIME type</var> be determined as follows:</p>
<dl><dt>If <var title="">enctype</var> is <code title=attr-fs-enctype-urlencoded><a href=#attr-fs-enctype-urlencoded>application/x-www-form-urlencoded</a></code></dt>
@@ -55148,25 +55112,20 @@
<dt>If <var title="">enctype</var> is <code title=attr-fs-enctype-formdata><a href=#attr-fs-enctype-formdata>multipart/form-data</a></code></dt>
- <dd>Let <var title="">MIME type</var> be the concatenation of
- the string "<code title="">multipart/form-data;</code>", a
- U+0020 SPACE character, the string "<code title="">boundary=</code>", and the <a href=#multipart/form-data-boundary-string><code title="">multipart/form-data</code> boundary string</a>
- generated by the <a href=#multipart/form-data-encoding-algorithm><code title="">multipart/form-data</code> encoding
+ <dd>Let <var title="">MIME type</var> be the concatenation of the string "<code title="">multipart/form-data;</code>", a U+0020 SPACE character, the string "<code title="">boundary=</code>", and the <a href=#multipart/form-data-boundary-string><code title="">multipart/form-data</code> boundary
+ string</a> generated by the <a href=#multipart/form-data-encoding-algorithm><code title="">multipart/form-data</code> encoding
algorithm</a>.</dd>
<dt>If <var title="">enctype</var> is <code title=attr-fs-enctype-text><a href=#attr-fs-enctype-text>text/plain</a></code></dt>
<dd>Let <var title="">MIME type</var> be "<code title="">text/plain</code>".</dd>
- </dl><!--<p>If <var title="">method</var> is anything but (GET or)
- POST, and the <span>origin</span> of <var title="">action</var>
- is not the <span>same origin</span> as that of <var
- title="">form document</var>, then abort these steps.</p> [or do
- CORS] (this is commented out since only POST can trigger this
- now, and that's historically unrestricted)--><p>Otherwise, <a href=#navigate>navigate</a><!--DONAV form--> <var title="">target browsing context</var> to <var title="">action</var> using the HTTP method given by <var title="">method</var> and with <var title="">entity body</var>
- as the entity body, of type <var title="">MIME type</var>. If
- <var title="">replace</var> is true, then <var title="">target
- browsing context</var> must be navigated with <a href=#replacement-enabled>replacement
+ </dl><!--<p>If <var title="">method</var> is anything but (GET or) POST, and the
+ <span>origin</span> of <var title="">action</var> is not the <span>same origin</span> as that
+ of <var title="">form document</var>, then abort these steps.</p> [or do CORS] (this is
+ commented out since only POST can trigger this now, and that's historically unrestricted)--><p>Otherwise, <a href=#navigate>navigate</a><!--DONAV form--> <var title="">target browsing
+ context</var> to <var title="">action</var> using the HTTP method given by <var title="">method</var> and with <var title="">entity body</var> as the entity body, of type
+ <var title="">MIME type</var>. If <var title="">replace</var> is true, then <var title="">target browsing context</var> must be navigated with <a href=#replacement-enabled>replacement
enabled</a>.</p>
</dd>
@@ -55174,10 +55133,8 @@
<dt><dfn id=submit-get-action title=submit-get-action>Get action URL</dfn>
<dd>
- <p><a href=#navigate>Navigate</a><!--DONAV form--> <var title="">target
- browsing context</var> to <var title="">action</var>. If <var title="">replace</var> is true, then <var title="">target
- browsing context</var> must be navigated with <a href=#replacement-enabled>replacement
- enabled</a>.</p>
+ <p><a href=#navigate>Navigate</a><!--DONAV form--> <var title="">target browsing context</var> to <var title="">action</var>. If <var title="">replace</var> is true, then <var title="">target
+ browsing context</var> must be navigated with <a href=#replacement-enabled>replacement enabled</a>.</p>
<p class=note>The <var title="">form data set</var> is discarded.</p>
@@ -55186,29 +55143,25 @@
<dt><dfn id=submit-data-post title=submit-data-post>Post to data:</dfn>
<dd>
- <p>Let <var title="">data</var> be the result of encoding the
- <var title="">form data set</var> using the <a href=#appropriate-form-encoding-algorithm>appropriate
- form encoding algorithm</a>.</p>
+ <p>Let <var title="">data</var> be the result of encoding the <var title="">form data
+ set</var> using the <a href=#appropriate-form-encoding-algorithm>appropriate form encoding algorithm</a>.</p>
- <p>If <var title="">action</var> contains the string "<code title="">%%%%</code>" (four U+0025 PERCENT SIGN characters),
- then <a href=#percent-encode>percent encode</a> all bytes in <var title="">data</var> that, if
- interpreted as US-ASCII, are not characters in the URL <a href=#default-encode-set>default encode set</a>,
- and then, treating the result as a US-ASCII string,
+ <p>If <var title="">action</var> contains the string "<code title="">%%%%</code>" (four U+0025
+ PERCENT SIGN characters), then <a href=#percent-encode>percent encode</a> all bytes in <var title="">data</var> that, if interpreted as US-ASCII, are not characters in the URL
+ <a href=#default-encode-set>default encode set</a>, and then, treating the result as a US-ASCII string,
<a href=#utf-8-percent-encode>UTF-8 percent encode</a> all the U+0025 PERCENT SIGN characters in the resulting
- string and replace the first occurrence of "<code title="">%%%%</code>" in <var title="">action</var> with the
- resulting doubly-escaped string. <a href=#refsURL>[URL]</a></p>
+ string and replace the first occurrence of "<code title="">%%%%</code>" in <var title="">action</var> with the resulting doubly-escaped string. <a href=#refsURL>[URL]</a></p>
- <p>Otherwise, if <var title="">action</var> contains the string
- "<code title="">%%</code>" (two U+0025 PERCENT SIGN characters
- in a row, but not four), then <a href=#utf-8-percent-encode>UTF-8 percent encode</a> all characters in <var title="">data</var> that, if interpreted as US-ASCII,
- are not characters in the URL <a href=#default-encode-set>default encode set</a>, and then, treating the result as a US-ASCII
- string, replace the first occurrence of "<code title="">%%</code>" in <var title="">action</var> with the
- resulting escaped string. <a href=#refsURL>[URL]</a></p>
+ <p>Otherwise, if <var title="">action</var> contains the string "<code title="">%%</code>"
+ (two U+0025 PERCENT SIGN characters in a row, but not four), then <a href=#utf-8-percent-encode>UTF-8 percent
+ encode</a> all characters in <var title="">data</var> that, if interpreted as US-ASCII, are
+ not characters in the URL <a href=#default-encode-set>default encode set</a>, and then, treating the result as a
+ US-ASCII string, replace the first occurrence of "<code title="">%%</code>" in <var title="">action</var> with the resulting escaped string. <a href=#refsURL>[URL]</a></p>
- <p><a href=#navigate>Navigate</a><!--DONAV form--> <var title="">target
- browsing context</var> to the potentially modified <var title="">action</var> (which will be a <a href=#data-protocol title="data
- protocol"><code title="">data:</code> URL</a>). If <var title="">replace</var> is true, then <var title="">target
- browsing context</var> must be navigated with <a href=#replacement-enabled>replacement
+ <p><a href=#navigate>Navigate</a><!--DONAV form--> <var title="">target browsing context</var> to the
+ potentially modified <var title="">action</var> (which will be a <a href=#data-protocol title="data
+ protocol"><code title="">data:</code> URL</a>). If <var title="">replace</var> is true,
+ then <var title="">target browsing context</var> must be navigated with <a href=#replacement-enabled>replacement
enabled</a>.</p>
</dd>
@@ -55216,57 +55169,46 @@
<dt><dfn id=submit-mailto-headers title=submit-mailto-headers>Mail with headers</dfn>
<dd>
- <p>Let <var title="">headers</var> be the resulting encoding the
- <var title="">form data set</var> using the <a href=#application/x-www-form-urlencoded-encoding-algorithm><code title="">application/x-www-form-urlencoded</code> encoding
+ <p>Let <var title="">headers</var> be the resulting encoding the <var title="">form data
+ set</var> using the <a href=#application/x-www-form-urlencoded-encoding-algorithm><code title="">application/x-www-form-urlencoded</code> encoding
algorithm</a>, interpreted as a US-ASCII string.</p>
- <p>Replace occurrences of U+002B PLUS SIGN characters (+) in
- <var title="">headers</var> with the string "<code title="">%20</code>".</p>
+ <p>Replace occurrences of U+002B PLUS SIGN characters (+) in <var title="">headers</var> with
+ the string "<code title="">%20</code>".</p>
- <p>Let <var title="">destination</var> consist of all the
- characters from the first character in <var title="">action</var> to the character immediately before the
- first U+003F QUESTION MARK character (?), if any, or the end of
- the string if there are none.</p>
+ <p>Let <var title="">destination</var> consist of all the characters from the first character
+ in <var title="">action</var> to the character immediately before the first U+003F QUESTION
+ MARK character (?), if any, or the end of the string if there are none.</p>
<p>Append a single U+003F QUESTION MARK character (?) to <var title="">destination</var>.</p>
<p>Append <var title="">headers</var> to <var title="">destination</var>.</p>
- <p><a href=#navigate>Navigate</a><!--DONAV form--> <var title="">target
- browsing context</var> to <var title="">destination</var>. If
- <var title="">replace</var> is true, then <var title="">target
- browsing context</var> must be navigated with <a href=#replacement-enabled>replacement
- enabled</a>.</p>
+ <p><a href=#navigate>Navigate</a><!--DONAV form--> <var title="">target browsing context</var> to <var title="">destination</var>. If <var title="">replace</var> is true, then <var title="">target
+ browsing context</var> must be navigated with <a href=#replacement-enabled>replacement enabled</a>.</p>
</dd>
<dt><dfn id=submit-mailto-body title=submit-mailto-body>Mail as body</dfn>
<dd>
- <p>Let <var title="">body</var> be the resulting of encoding the
- <var title="">form data set</var> using the <a href=#appropriate-form-encoding-algorithm>appropriate
- form encoding algorithm</a> and then <a href=#percent-encode title="percent encode">percent encoding</a> all the bytes
- in the resulting byte string that, when interpreted as US-ASCII,
- are not characters in the URL <a href=#default-encode-set>default encode set</a>. <a href=#refsURL>[URL]</a></p>
+ <p>Let <var title="">body</var> be the resulting of encoding the <var title="">form data
+ set</var> using the <a href=#appropriate-form-encoding-algorithm>appropriate form encoding algorithm</a> and then <a href=#percent-encode title="percent encode">percent encoding</a> all the bytes in the resulting byte string
+ that, when interpreted as US-ASCII, are not characters in the URL <a href=#default-encode-set>default encode
+ set</a>. <a href=#refsURL>[URL]</a></p>
- <p>Let <var title="">destination</var> have the same value as
- <var title="">action</var>.</p>
+ <p>Let <var title="">destination</var> have the same value as <var title="">action</var>.</p>
- <p>If <var title="">destination</var> does not contain a U+003F
- QUESTION MARK character (?), append a single U+003F QUESTION
- MARK character (?) to <var title="">destination</var>. Otherwise, append a single U+0026
- AMPERSAND character (&).</p>
+ <p>If <var title="">destination</var> does not contain a U+003F QUESTION MARK character (?),
+ append a single U+003F QUESTION MARK character (?) to <var title="">destination</var>.
+ Otherwise, append a single U+0026 AMPERSAND character (&).</p>
<p>Append the string "<code title="">body=</code>" to <var title="">destination</var>.</p>
- <p>Append <var title="">body</var>, interpreted as a US-ASCII
- string, to <var title="">destination</var>.</p>
+ <p>Append <var title="">body</var>, interpreted as a US-ASCII string, to <var title="">destination</var>.</p>
- <p><a href=#navigate>Navigate</a><!--DONAV form--> <var title="">target
- browsing context</var> to <var title="">destination</var>. If
- <var title="">replace</var> is true, then <var title="">target
- browsing context</var> must be navigated with <a href=#replacement-enabled>replacement
- enabled</a>.</p>
+ <p><a href=#navigate>Navigate</a><!--DONAV form--> <var title="">target browsing context</var> to <var title="">destination</var>. If <var title="">replace</var> is true, then <var title="">target
+ browsing context</var> must be navigated with <a href=#replacement-enabled>replacement enabled</a>.</p>
</dd>
@@ -55274,12 +55216,9 @@
<dt><dfn id=submit-dialog title=submit-dialog>Submit dialog</dfn>
<dd>
- <p>Let <var title="">dialog</var> be the nearest ancestor
- <code><a href=#the-dialog-element>dialog</a></code> element of <var title="">form</var>, if
- any.</p>
+ <p>Let <var title="">dialog</var> be the nearest ancestor <code><a href=#the-dialog-element>dialog</a></code> element of <var title="">form</var>, if any.</p>
- <p>If there isn't one, do nothing. Otherwise, proceed as
- follows:</p>
+ <p>If there isn't one, do nothing. Otherwise, proceed as follows:</p>
<p>If <var title="">submitter</var> is an <code><a href=#the-input-element>input</a></code> element whose <code title=attr-input-type><a href=#attr-input-type>type</a></code> attribute is in the <a href="#image-button-state-(type=image)" title=attr-input-type-image>Image Button</a> state, then let <var title="">result</var>
be the string formed by concatenating the <a href=#concept-input-type-image-coordinate title=concept-input-type-image-coordinate>selected coordinate</a>'s <var title="">x</var>-component, expressed as a base-ten number using <a href=#ascii-digits>ASCII digits</a>, a
@@ -55290,8 +55229,7 @@
<p>Otherwise, there is no <var title="">result</var>.</p>
- <p>Then, <a href=#close-the-dialog>close the dialog</a> <var title="">dialog</var>. If there is a <var title="">result</var>,
- let that be the return value.</p>
+ <p>Then, <a href=#close-the-dialog>close the dialog</a> <var title="">dialog</var>. If there is a <var title="">result</var>, let that be the return value.</p>
</dd>
@@ -55305,189 +55243,148 @@
<dt>If <var title="">enctype</var> is <code title=attr-fs-enctype-formdata><a href=#attr-fs-enctype-formdata>multipart/form-data</a></code></dt>
- <dd>Use the <a href=#multipart/form-data-encoding-algorithm><code title="">multipart/form-data</code> encoding
- algorithm</a>.</dd>
+ <dd>Use the <a href=#multipart/form-data-encoding-algorithm><code title="">multipart/form-data</code> encoding algorithm</a>.</dd>
<dt>If <var title="">enctype</var> is <code title=attr-fs-enctype-text><a href=#attr-fs-enctype-text>text/plain</a></code></dt>
- <dd>Use the <a href=#text/plain-encoding-algorithm><code title="">text/plain</code> encoding
- algorithm</a>.</dd>
+ <dd>Use the <a href=#text/plain-encoding-algorithm><code title="">text/plain</code> encoding algorithm</a>.</dd>
</dl></li>
</ol><h5 id=constructing-form-data-set><span class=secno>4.10.22.4 </span>Constructing the form data set</h5>
- <p>The algorithm to <dfn id=constructing-the-form-data-set title="constructing the form data
- set">construct the form data set</dfn> for a form <var title="">form</var> optionally in the context of a submitter <var title="">submitter</var> is as follows. If not specified otherwise,
- <var title="">submitter</var> is null.</p>
+ <p>The algorithm to <dfn id=constructing-the-form-data-set title="constructing the form data set">construct the form data set</dfn>
+ for a form <var title="">form</var> optionally in the context of a submitter <var title="">submitter</var> is as follows. If not specified otherwise, <var title="">submitter</var>
+ is null.</p>
- <ol><li><p>Let <var title="">controls</var> be a list of all the <a href=#category-submit title=category-submit>submittable elements</a> whose
- <a href=#form-owner>form owner</a> is <var title="">form</var>, in <a href=#tree-order>tree
- order</a>.</li>
+ <ol><li><p>Let <var title="">controls</var> be a list of all the <a href=#category-submit title=category-submit>submittable elements</a> whose <a href=#form-owner>form owner</a> is <var title="">form</var>, in <a href=#tree-order>tree order</a>.</li>
- <li><p>Let the <var title="">form data set</var> be a list of
- name-value-type tuples, initially empty.</li>
+ <li><p>Let the <var title="">form data set</var> be a list of name-value-type tuples, initially
+ empty.</li>
<li>
- <p><i>Loop</i>: For each element <var title="">field</var> in <var title="">controls</var>, in <a href=#tree-order>tree order</a>, run the
- following substeps:</p>
+ <p><i>Loop</i>: For each element <var title="">field</var> in <var title="">controls</var>, in
+ <a href=#tree-order>tree order</a>, run the following substeps:</p>
<ol><li>
- <p>If any of the following conditions are met, then skip these
- substeps for this element:</p>
+ <p>If any of the following conditions are met, then skip these substeps for this element:</p>
- <ul><li>The <var title="">field</var> element has a
- <code><a href=#the-datalist-element>datalist</a></code> element ancestor.</li>
+ <ul><li>The <var title="">field</var> element has a <code><a href=#the-datalist-element>datalist</a></code> element ancestor.</li>
<li>The <var title="">field</var> element is <a href=#concept-fe-disabled title=concept-fe-disabled>disabled</a>.</li>
- <li>The <var title="">field</var> element is a <a href=#concept-button title=concept-button>button</a> but it is not <var title="">submitter</var>.</li>
+ <li>The <var title="">field</var> element is a <a href=#concept-button title=concept-button>button</a> but
+ it is not <var title="">submitter</var>.</li>
- <li>The <var title="">field</var> element is an
- <code><a href=#the-input-element>input</a></code> element whose <code title=attr-input-type><a href=#attr-input-type>type</a></code> attribute is in the <a href="#checkbox-state-(type=checkbox)" title=attr-input-type-checkbox>Checkbox</a> state and
- whose <a href=#concept-fe-checked title=concept-fe-checked>checkedness</a> is
- false.</li>
+ <li>The <var title="">field</var> element is an <code><a href=#the-input-element>input</a></code> element whose <code title=attr-input-type><a href=#attr-input-type>type</a></code> attribute is in the <a href="#checkbox-state-(type=checkbox)" title=attr-input-type-checkbox>Checkbox</a> state and whose <a href=#concept-fe-checked title=concept-fe-checked>checkedness</a> is false.</li>
- <li>The <var title="">field</var> element is an
- <code><a href=#the-input-element>input</a></code> element whose <code title=attr-input-type><a href=#attr-input-type>type</a></code> attribute is in the <a href="#radio-button-state-(type=radio)" title=attr-input-type-radio>Radio Button</a> state and
- whose <a href=#concept-fe-checked title=concept-fe-checked>checkedness</a> is
- false.</li>
+ <li>The <var title="">field</var> element is an <code><a href=#the-input-element>input</a></code> element whose <code title=attr-input-type><a href=#attr-input-type>type</a></code> attribute is in the <a href="#radio-button-state-(type=radio)" title=attr-input-type-radio>Radio Button</a> state and whose <a href=#concept-fe-checked title=concept-fe-checked>checkedness</a> is false.</li>
- <li>The <var title="">field</var> element is not an
- <code><a href=#the-input-element>input</a></code> element whose <code title=attr-input-type><a href=#attr-input-type>type</a></code> attribute is in the <a href="#image-button-state-(type=image)" title=attr-input-type-image>Image Button</a> state, and
- either the <var title="">field</var> element does not have a
- <code title=attr-fe-name><a href=#attr-fe-name>name</a></code> attribute specified, or
- its <code title=attr-fe-name><a href=#attr-fe-name>name</a></code> attribute's value is
- the empty string.</li>
+ <li>The <var title="">field</var> element is not an <code><a href=#the-input-element>input</a></code> element whose <code title=attr-input-type><a href=#attr-input-type>type</a></code> attribute is in the <a href="#image-button-state-(type=image)" title=attr-input-type-image>Image Button</a> state, and either the <var title="">field</var> element does not have a <code title=attr-fe-name><a href=#attr-fe-name>name</a></code> attribute
+ specified, or its <code title=attr-fe-name><a href=#attr-fe-name>name</a></code> attribute's value is the empty
+ string.</li>
- <li>The <var title="">field</var> element is an
- <code><a href=#the-object-element>object</a></code> element that is not using a
- <a href=#plugin>plugin</a>.</li>
+ <li>The <var title="">field</var> element is an <code><a href=#the-object-element>object</a></code> element that is not using
+ a <a href=#plugin>plugin</a>.</li>
</ul><p>Otherwise, process <var title="">field</var> as follows:</p>
</li>
- <li><p>Let <var title="">type</var> be the value of the <code title="">type</code> IDL attribute of <var title="">field</var>.</li> <!-- if the field is an <object>
- element, this will get ignored. -->
+ <li><p>Let <var title="">type</var> be the value of the <code title="">type</code> IDL
+ attribute of <var title="">field</var>.</li> <!-- if the field is an <object> element, this
+ will get ignored. -->
<li>
- <p>If the <var title="">field</var> element is an
- <code><a href=#the-input-element>input</a></code> element whose <code title=attr-input-type><a href=#attr-input-type>type</a></code> attribute is in the <a href="#image-button-state-(type=image)" title=attr-input-type-image>Image Button</a> state,
- then run these further nested substeps:</p>
+ <p>If the <var title="">field</var> element is an <code><a href=#the-input-element>input</a></code> element whose <code title=attr-input-type><a href=#attr-input-type>type</a></code> attribute is in the <a href="#image-button-state-(type=image)" title=attr-input-type-image>Image Button</a> state, then run these further nested
+ substeps:</p>
- <ol><li><p>If the <var title="">field</var> element has a <code title=attr-fe-name><a href=#attr-fe-name>name</a></code> attribute specified and its
- value is not the empty string, let <var title="">name</var> be
- that value followed by a single U+002E FULL STOP character (.).
- Otherwise, let <var title="">name</var> be the empty
- string.</li>
+ <ol><li><p>If the <var title="">field</var> element has a <code title=attr-fe-name><a href=#attr-fe-name>name</a></code>
+ attribute specified and its value is not the empty string, let <var title="">name</var> be
+ that value followed by a single U+002E FULL STOP character (.). Otherwise, let <var title="">name</var> be the empty string.</li>
- <li><p>Let <var title="">name<sub title="">x</sub></var> be the
- string consisting of the concatenation of <var title="">name</var> and a single U+0078 LATIN SMALL LETTER X
- character (x).</li>
+ <li><p>Let <var title="">name<sub title="">x</sub></var> be the string consisting of the
+ concatenation of <var title="">name</var> and a single U+0078 LATIN SMALL LETTER X character
+ (x).</li>
- <li><p>Let <var title="">name<sub title="">y</sub></var> be the
- string consisting of the concatenation of <var title="">name</var> and a single U+0079 LATIN SMALL LETTER Y
- character (y).</li>
+ <li><p>Let <var title="">name<sub title="">y</sub></var> be the string consisting of the
+ concatenation of <var title="">name</var> and a single U+0079 LATIN SMALL LETTER Y character
+ (y).</li>
- <li><p>The <var title="">field</var> element is <var title="">submitter</var>, and before this algorithm was invoked
- the user <a href=#concept-input-type-image-coordinate title=concept-input-type-image-coordinate>indicated a
- coordinate</a>. Let <var title="">x</var> be the <var title="">x</var>-component of the coordinate selected by the
- user, and let <var title="">y</var> be the <var title="">y</var>-component of the coordinate selected by the
- user.</li>
+ <li><p>The <var title="">field</var> element is <var title="">submitter</var>, and before
+ this algorithm was invoked the user <a href=#concept-input-type-image-coordinate title=concept-input-type-image-coordinate>indicated a coordinate</a>. Let <var title="">x</var> be the <var title="">x</var>-component of the coordinate selected by the
+ user, and let <var title="">y</var> be the <var title="">y</var>-component of the coordinate
+ selected by the user.</li>
- <li><p>Append an entry to the <var title="">form data set</var>
- with the name <var title="">name<sub title="">x</sub></var>,
- the value <var title="">x</var>, and the type <var title="">type</var>.</li>
+ <li><p>Append an entry to the <var title="">form data set</var> with the name <var title="">name<sub title="">x</sub></var>, the value <var title="">x</var>, and the type <var title="">type</var>.</li>
- <li><p>Append an entry to the <var title="">form data set</var>
- with the name <var title="">name<sub title="">y</sub></var> and
- the value <var title="">y</var>, and the type <var title="">type</var>.</li>
+ <li><p>Append an entry to the <var title="">form data set</var> with the name <var title="">name<sub title="">y</sub></var> and the value <var title="">y</var>, and the type
+ <var title="">type</var>.</li>
- <li><p>Skip the remaining substeps for this element: if there
- are any more elements in <var title="">controls</var>, return
- to the top of the <i>loop</i> step, otherwise, jump to the
+ <li><p>Skip the remaining substeps for this element: if there are any more elements in <var title="">controls</var>, return to the top of the <i>loop</i> step, otherwise, jump to the
<i>end</i> step below.</li>
</ol></li>
- <li><p>Let <var title="">name</var> be the value of the <var title="">field</var> element's <code title=attr-fe-name><a href=#attr-fe-name>name</a></code> attribute.</li>
+ <li><p>Let <var title="">name</var> be the value of the <var title="">field</var> element's
+ <code title=attr-fe-name><a href=#attr-fe-name>name</a></code> attribute.</li>
- <li><p>If the <var title="">field</var> element is a
- <code><a href=#the-select-element>select</a></code> element, then for each <code><a href=#the-option-element>option</a></code>
- element in the <code><a href=#the-select-element>select</a></code> element whose <a href=#concept-option-selectedness title=concept-option-selectedness>selectedness</a> is true and that is not <a href=#concept-option-disabled title=concept-option-disabled>disabled</a>,
- append an entry to the <var title="">form data set</var> with the
- <var title="">name</var> as the name, the <a href=#concept-option-value title=concept-option-value>value</a> of the
- <code><a href=#the-option-element>option</a></code> element as the value, and <var title="">type</var> as the type.</li>
+ <li><p>If the <var title="">field</var> element is a <code><a href=#the-select-element>select</a></code> element, then for each
+ <code><a href=#the-option-element>option</a></code> element in the <code><a href=#the-select-element>select</a></code> element whose <a href=#concept-option-selectedness title=concept-option-selectedness>selectedness</a> is true and that is not <a href=#concept-option-disabled title=concept-option-disabled>disabled</a>, append an entry to the <var title="">form data
+ set</var> with the <var title="">name</var> as the name, the <a href=#concept-option-value title=concept-option-value>value</a> of the <code><a href=#the-option-element>option</a></code> element as the value, and
+ <var title="">type</var> as the type.</li>
<li>
- <p>Otherwise, if the <var title="">field</var> element is an
- <code><a href=#the-input-element>input</a></code> element whose <code title=attr-input-type><a href=#attr-input-type>type</a></code> attribute is in the <a href="#checkbox-state-(type=checkbox)" title=attr-input-type-checkbox>Checkbox</a> state or the
- <a href="#radio-button-state-(type=radio)" title=attr-input-type-radio>Radio Button</a> state,
- then run these further nested substeps:</p>
+ <p>Otherwise, if the <var title="">field</var> element is an <code><a href=#the-input-element>input</a></code> element whose
+ <code title=attr-input-type><a href=#attr-input-type>type</a></code> attribute is in the <a href="#checkbox-state-(type=checkbox)" title=attr-input-type-checkbox>Checkbox</a> state or the <a href="#radio-button-state-(type=radio)" title=attr-input-type-radio>Radio Button</a> state, then run these further nested
+ substeps:</p>
- <ol><li><p>If the <var title="">field</var> element has a <code title=attr-input-value><a href=#attr-input-value>value</a></code> attribute specified, then
- let <var title="">value</var> be the value of that attribute;
- otherwise, let <var title="">value</var> be the string
- "<code title="">on</code>".</li>
+ <ol><li><p>If the <var title="">field</var> element has a <code title=attr-input-value><a href=#attr-input-value>value</a></code> attribute specified, then let <var title="">value</var>
+ be the value of that attribute; otherwise, let <var title="">value</var> be the string "<code title="">on</code>".</li>
- <li><p>Append an entry to the <var title="">form data set</var>
- with <var title="">name</var> as the name, <var title="">value</var> as the value, and <var title="">type</var>
- as the type.</li>
+ <li><p>Append an entry to the <var title="">form data set</var> with <var title="">name</var>
+ as the name, <var title="">value</var> as the value, and <var title="">type</var> as the
+ type.</li>
</ol></li>
- <li><p>Otherwise, if the <var title="">field</var> element is an
- <code><a href=#the-input-element>input</a></code> element whose <code title=attr-input-type><a href=#attr-input-type>type</a></code> attribute is in the <a href="#file-upload-state-(type=file)" title=attr-input-type-file>File Upload</a> state, then for
- each file <a href=#concept-input-type-file-selected title=concept-input-type-file-selected>selected</a> in the
- <code><a href=#the-input-element>input</a></code> element, append an entry to the <var title="">form data set</var> with the <var title="">name</var> as
- the name, the file (consisting of the name, the type, and the
- body) as the value, and <var title="">type</var> as the type. If
- there are no <a href=#concept-input-type-file-selected title=concept-input-type-file-selected>selected files</a>,
- then append an entry to the <var title="">form data set</var>
- with the <var title="">name</var> as the name, the empty string
- as the value, and <code>application/octet-stream</code> as the
- type.</li>
- <!-- https://bugzilla.mozilla.org/show_bug.cgi?id=529859 -->
+ <li><p>Otherwise, if the <var title="">field</var> element is an <code><a href=#the-input-element>input</a></code> element
+ whose <code title=attr-input-type><a href=#attr-input-type>type</a></code> attribute is in the <a href="#file-upload-state-(type=file)" title=attr-input-type-file>File Upload</a> state, then for each file <a href=#concept-input-type-file-selected title=concept-input-type-file-selected>selected</a> in the <code><a href=#the-input-element>input</a></code> element,
+ append an entry to the <var title="">form data set</var> with the <var title="">name</var> as
+ the name, the file (consisting of the name, the type, and the body) as the value, and <var title="">type</var> as the type. If there are no <a href=#concept-input-type-file-selected title=concept-input-type-file-selected>selected files</a>, then append an entry to the
+ <var title="">form data set</var> with the <var title="">name</var> as the name, the empty
+ string as the value, and <code>application/octet-stream</code> as the type.</li> <!--
+ https://bugzilla.mozilla.org/show_bug.cgi?id=529859 -->
- <li><p>Otherwise, if the <var title="">field</var> element is an
- <code><a href=#the-object-element>object</a></code> element: try to obtain a form submission
- value from the <a href=#plugin>plugin</a><!-- using NPAPI's
- NPP_GetValue() entry point with the NPPVformValue variable -->,
- and if that is successful, append an entry to the <var title="">form data set</var> with <var title="">name</var> as the
- name, the returned form submission value as the value, and the
- string "<code title="">object</code>" as the type.</li>
+ <li><p>Otherwise, if the <var title="">field</var> element is an <code><a href=#the-object-element>object</a></code> element:
+ try to obtain a form submission value from the <a href=#plugin>plugin</a><!-- using NPAPI's
+ NPP_GetValue() entry point with the NPPVformValue variable -->, and if that is successful,
+ append an entry to the <var title="">form data set</var> with <var title="">name</var> as the
+ name, the returned form submission value as the value, and the string "<code title="">object</code>" as the type.</li>
- <li><p>Otherwise, append an entry to the <var title="">form data
- set</var> with <var title="">name</var> as the name, the <a href=#concept-fe-value title=concept-fe-value>value</a> of the <var title="">field</var> element as the value, and <var title="">type</var> as the type.</li>
+ <li><p>Otherwise, append an entry to the <var title="">form data set</var> with <var title="">name</var> as the name, the <a href=#concept-fe-value title=concept-fe-value>value</a> of the <var title="">field</var> element as the value, and <var title="">type</var> as the type.</li>
<li>
<p>If the element has a <code title=attr-fe-dirname><a href=#attr-fe-dirname>dirname</a></code> attribute, and that
- attribute's value is not the empty string, then run these
- substeps:</p>
+ attribute's value is not the empty string, then run these substeps:</p>
- <ol><li><p>Let <var title="">dirname</var> be the value of the
- element's <code title=attr-fe-dirname><a href=#attr-fe-dirname>dirname</a></code>
- attribute.</li>
+ <ol><li><p>Let <var title="">dirname</var> be the value of the element's <code title=attr-fe-dirname><a href=#attr-fe-dirname>dirname</a></code> attribute.</li>
- <li><p>Let <var title="">dir</var> be the string "<code title="">ltr</code>" if <a href=#the-directionality>the directionality</a> of the
- element is '<a href=#concept-ltr title=concept-ltr>ltr</a>', and "<code title="">rtl</code>" otherwise (i.e. when <a href=#the-directionality>the
- directionality</a> of the element is '<a href=#concept-rtl title=concept-rtl>rtl</a>').</li>
+ <li><p>Let <var title="">dir</var> be the string "<code title="">ltr</code>" if <a href=#the-directionality>the
+ directionality</a> of the element is '<a href=#concept-ltr title=concept-ltr>ltr</a>', and "<code title="">rtl</code>" otherwise (i.e. when <a href=#the-directionality>the directionality</a> of the element is
+ '<a href=#concept-rtl title=concept-rtl>rtl</a>').</li>
- <li><p>Append an entry to the <var title="">form data set</var>
- with <var title="">dirname</var> as the name, <var title="">dir</var> as the value, and the string "<code title="">direction</code>" as the type.</li>
+ <li><p>Append an entry to the <var title="">form data set</var> with <var title="">dirname</var> as the name, <var title="">dir</var> as the value, and the string
+ "<code title="">direction</code>" as the type.</li>
- </ol><p class=note>An element can only have a <code title=attr-fe-dirname><a href=#attr-fe-dirname>dirname</a></code> attribute if it is a
- <code><a href=#the-textarea-element>textarea</a></code> element or an <code><a href=#the-input-element>input</a></code> element
- whose <code title=attr-input-type><a href=#attr-input-type>type</a></code> attribute is in
- either the <a href="#text-(type=text)-state-and-search-state-(type=search)" title=attr-input-type-text>Text</a> state
- or the <a href="#text-(type=text)-state-and-search-state-(type=search)" title=attr-input-type-search>Search</a>
- state.</p>
+ </ol><p class=note>An element can only have a <code title=attr-fe-dirname><a href=#attr-fe-dirname>dirname</a></code>
+ attribute if it is a <code><a href=#the-textarea-element>textarea</a></code> element or an <code><a href=#the-input-element>input</a></code> element whose
+ <code title=attr-input-type><a href=#attr-input-type>type</a></code> attribute is in either the <a href="#text-(type=text)-state-and-search-state-(type=search)" title=attr-input-type-text>Text</a> state or the <a href="#text-(type=text)-state-and-search-state-(type=search)" title=attr-input-type-search>Search</a> state.</p>
</li>
@@ -55495,22 +55392,20 @@
<li>
- <p><i>End</i>: For the name of each entry in the <var title="">form data set</var>, and for the value of each entry in
- the <var title="">form data set</var> whose type is not "<code title="">file</code>" or "<code title="">textarea</code>", replace
- every occurrence of a U+000D CARRIAGE RETURN (CR) character not
- followed by a U+000A LINE FEED (LF) character, and every
- occurrence of a U+000A LINE FEED (LF) character not preceded by a
- U+000D CARRIAGE RETURN (CR) character, by a two-character string
- consisting of a U+000D CARRIAGE RETURN U+000A LINE FEED (CRLF)
- character pair.</p>
+ <p><i>End</i>: For the name of each entry in the <var title="">form data set</var>, and for the
+ value of each entry in the <var title="">form data set</var> whose type is not "<code title="">file</code>" or "<code title="">textarea</code>", replace every occurrence of a U+000D
+ CARRIAGE RETURN (CR) character not followed by a U+000A LINE FEED (LF) character, and every
+ occurrence of a U+000A LINE FEED (LF) character not preceded by a U+000D CARRIAGE RETURN (CR)
+ character, by a two-character string consisting of a U+000D CARRIAGE RETURN U+000A LINE FEED
+ (CRLF) character pair.</p>
- <p class=note>In the case of the <a href=#concept-fe-value title=concept-fe-value>value</a> of <code><a href=#the-textarea-element>textarea</a></code>
- elements, this newline normalization is already performed during
- the conversion of the control's <a href=#concept-textarea-raw-value title=concept-textarea-raw-value>raw value</a> into the
- control's <a href=#concept-fe-value title=concept-fe-value>value</a> (which also
- performs any necessary line wrapping). In the case of
- <code><a href=#the-input-element>input</a></code> elements <code title=attr-input-type><a href=#attr-input-type>type</a></code> attributes in the <a href="#file-upload-state-(type=file)" title=attr-input-type-file>File Upload</a> state, the value
- is not normalized.</p>
+ <p class=note>In the case of the <a href=#concept-fe-value title=concept-fe-value>value</a> of
+ <code><a href=#the-textarea-element>textarea</a></code> elements, this newline normalization is already performed during the
+ conversion of the control's <a href=#concept-textarea-raw-value title=concept-textarea-raw-value>raw value</a> into the
+ control's <a href=#concept-fe-value title=concept-fe-value>value</a> (which also performs any necessary line
+ wrapping). In the case of <code><a href=#the-input-element>input</a></code> elements <code title=attr-input-type><a href=#attr-input-type>type</a></code>
+ attributes in the <a href="#file-upload-state-(type=file)" title=attr-input-type-file>File Upload</a> state, the value is not
+ normalized.</p>
</li>
@@ -55563,19 +55458,16 @@
</ol><h5 id=url-encoded-form-data><span class=secno>4.10.22.6 </span>URL-encoded form data</h5>
- <p class=note>This form data set encoding is in many ways an
- aberrant monstrosity, the result of many years of implementation
- accidents and compromises leading to a set of requirements necessary
- for interoperability, but in no way representing good design
- practices. In particular, readers are cautioned to pay close
- attention to the twisted details involving repeated (and in some
- cases nested) conversions between character encodings and byte
- sequences.</p>
+ <p class=note>This form data set encoding is in many ways an aberrant monstrosity, the result of
+ many years of implementation accidents and compromises leading to a set of requirements necessary
+ for interoperability, but in no way representing good design practices. In particular, readers are
+ cautioned to pay close attention to the twisted details involving repeated (and in some cases
+ nested) conversions between character encodings and byte sequences.</p>
<div class=impl>
- <p>The <dfn id=application/x-www-form-urlencoded-encoding-algorithm><code title="">application/x-www-form-urlencoded</code> encoding
- algorithm</dfn> is as follows:</p>
+ <p>The <dfn id=application/x-www-form-urlencoded-encoding-algorithm><code title="">application/x-www-form-urlencoded</code> encoding algorithm</dfn> is as
+ follows:</p>
<ol><!-- the first few steps of this are the same as in the next section --><li><p>Let <var title="">result</var> be the empty string.</li>
@@ -55597,26 +55489,20 @@
<li>
- <p>For each entry in the <var title="">form data set</var>,
- perform these substeps:</p>
+ <p>For each entry in the <var title="">form data set</var>, perform these substeps:</p>
- <ol><li><p>If the entry's name is "<code title=attr-fe-name-charset><a href=#attr-fe-name-charset>_charset_</a></code>"
- and its type is "<code title="">hidden</code>", replace its value
- with <var title="">charset</var>.</li>
+ <ol><li><p>If the entry's name is "<code title=attr-fe-name-charset><a href=#attr-fe-name-charset>_charset_</a></code>" and its
+ type is "<code title="">hidden</code>", replace its value with <var title="">charset</var>.</li>
- <li><p>If the entry's type is "<code title="">file</code>",
- replace its value with the file's filename only.</li> <!--
- this is not present in the next section -->
+ <li><p>If the entry's type is "<code title="">file</code>", replace its value with the file's
+ filename only.</li> <!-- this is not present in the next section -->
- <li><p>For each character in the entry's name and value that
- cannot be expressed using the selected character encoding,
- replace the character by a string consisting of a U+0026
- AMPERSAND character (&), a U+0023 NUMBER SIGN character (#),
- one or more <a href=#ascii-digits>ASCII digits</a> representing the Unicode code point of the
- character in base ten, and finally a U+003B SEMICOLON character
- (;).</li><!-- we should say it should be the shortest
- possible string, no leading zeros. this whole step is asinine,
- though, so... -->
+ <li><p>For each character in the entry's name and value that cannot be expressed using the
+ selected character encoding, replace the character by a string consisting of a U+0026 AMPERSAND
+ character (&), a U+0023 NUMBER SIGN character (#), one or more <a href=#ascii-digits>ASCII digits</a>
+ representing the Unicode code point of the character in base ten, and finally a U+003B
+ SEMICOLON character (;).</li><!-- we should say it should be the shortest possible string,
+ no leading zeros. this whole step is asinine, though, so... -->
<!-- this is where the similarities with the next section end -->
@@ -55629,19 +55515,19 @@
<li>
- <p>For each byte in the entry's name and value, apply the
- appropriate subsubsteps from the following list:</p>
+ <p>For each byte in the entry's name and value, apply the appropriate subsubsteps from the
+ following list:</p>
<dl class=switch><dt>The byte is 0x20 (U+0020 SPACE if interpreted as ASCII)</dt>
- <dd>Replace the byte with a single 0x2B byte (U+002B PLUS SIGN
- character (+) if interpreted as ASCII).</dd>
+ <dd>Replace the byte with a single 0x2B byte (U+002B PLUS SIGN character (+) if interpreted
+ as ASCII).</dd>
<!-- * - . 0-9 a-z _ A-Z -->
- <dt>If the byte is in the range 0x2A, 0x2D, 0x2E, 0x30 to 0x39,
- 0x41 to 0x5A, 0x5F, 0x61 to 0x7A</dt>
+ <dt>If the byte is in the range 0x2A, 0x2D, 0x2E, 0x30 to 0x39, 0x41 to 0x5A, 0x5F, 0x61 to
+ 0x7A</dt>
<dd><p>Leave the byte as is.</dd>
@@ -55654,12 +55540,11 @@
(%) followed by <a href=#uppercase-ascii-hex-digits>uppercase ASCII hex digits</a> representing the hexadecimal value
of the byte in question (zero-padded if necessary).</li>
- <li><p>Encode the string <var title="">s</var> as US-ASCII,
- so that it is now a byte string.</p>
+ <li><p>Encode the string <var title="">s</var> as US-ASCII, so that it is now a byte
+ string.</p>
- <li><p>Replace the byte in question in the name or value
- being processed by the bytes in <var title="">s</var>,
- preserving their relative order.</li>
+ <li><p>Replace the byte in question in the name or value being processed by the bytes in
+ <var title="">s</var>, preserving their relative order.</li>
</ol></dd>
@@ -55667,19 +55552,20 @@
<li>
- <p>Interpret the entry's name and value as Unicode strings
- encoded in US-ASCII. (All of the bytes in the string will be in
- the range 0x00 to 0x7F; the high bit will be zero throughout.)
+ <p>Interpret the entry's name and value as Unicode strings encoded in US-ASCII. (All of the
+ bytes in the string will be in the range 0x00 to 0x7F; the high bit will be zero throughout.)
The entry's name and value are now Unicode strings again.</p>
</li>
- <li><p>If the entry's name is "<code title=attr-fe-name-isindex><a href=#attr-fe-name-isindex>isindex</a></code>", its type is "<code title="">text</code>", and this is the first entry in the <var title="">form data set</var>, then append the value to <var title="">result</var> and skip the rest of the substeps for this
- entry, moving on to the next entry, if any, or the next step in
- the overall algorithm otherwise.</li>
+ <li><p>If the entry's name is "<code title=attr-fe-name-isindex><a href=#attr-fe-name-isindex>isindex</a></code>", its type is
+ "<code title="">text</code>", and this is the first entry in the <var title="">form data
+ set</var>, then append the value to <var title="">result</var> and skip the rest of the
+ substeps for this entry, moving on to the next entry, if any, or the next step in the overall
+ algorithm otherwise.</li>
- <li><p>If this is not the first entry, append a single U+0026
- AMPERSAND character (&) to <var title="">result</var>.</li>
+ <li><p>If this is not the first entry, append a single U+0026 AMPERSAND character (&) to
+ <var title="">result</var>.</li>
<li><p>Append the entry's name to <var title="">result</var>.</li>
@@ -55689,105 +55575,95 @@
</ol></li>
- <li><p>Encode <var title="">result</var> as US-ASCII and return the
- resulting byte stream.</li>
+ <li><p>Encode <var title="">result</var> as US-ASCII and return the resulting byte
+ stream.</li>
</ol></div>
- <p>To <dfn id=application/x-www-form-urlencoded-decoding-algorithm title="application/x-www-form-urlencoded decoding
- algorithm">decode <code>application/x-www-form-urlencoded</code>
- payloads</dfn>, the following algorithm should be used. This
- algorithm uses as inputs the payload itself, <var title="">payload</var>, consisting of a Unicode string using only
- characters in the range U+0000 to U+007F; a default character
- encoding <var title="">encoding</var>; and optionally an <var title="">isindex</var> flag indicating that the payload is to be
- processed as if it had been generated for a form containing an <code title=attr-fe-name-isindex><a href=#attr-fe-name-isindex>isindex</a></code> control. The output of
- this algorithm is a sorted list of name-value pairs. If the <var title="">isindex</var> flag is set and the first control really was
- an <code title=attr-fe-name-isindex><a href=#attr-fe-name-isindex>isindex</a></code> control, then
- the first name-value pair will have as its name the empty
- string.</p>
+ <p>To <dfn id=application/x-www-form-urlencoded-decoding-algorithm title="application/x-www-form-urlencoded decoding algorithm">decode
+ <code>application/x-www-form-urlencoded</code> payloads</dfn>, the following algorithm should be
+ used. This algorithm uses as inputs the payload itself, <var title="">payload</var>, consisting of
+ a Unicode string using only characters in the range U+0000 to U+007F; a default character encoding
+ <var title="">encoding</var>; and optionally an <var title="">isindex</var> flag indicating that
+ the payload is to be processed as if it had been generated for a form containing an <code title=attr-fe-name-isindex><a href=#attr-fe-name-isindex>isindex</a></code> control. The output of this algorithm is a sorted list
+ of name-value pairs. If the <var title="">isindex</var> flag is set and the first control really
+ was an <code title=attr-fe-name-isindex><a href=#attr-fe-name-isindex>isindex</a></code> control, then the first name-value pair
+ will have as its name the empty string.</p>
<ol><li><p>Let <var title="">strings</var> be the result of <a href=#strictly-split-a-string title="strictly split a string">strictly splitting the
string</a> <var title="">payload</var> on U+0026 AMPERSAND
characters (&).</li>
- <li><p>If the <var title="">isindex</var> flag is set and the first
- string in <var title="">strings</var> does not contain a U+003D
- EQUALS SIGN character (=), insert a U+003D EQUALS SIGN character
- (=) at the start of the first string in <var title="">strings</var>.</li>
+ <li><p>If the <var title="">isindex</var> flag is set and the first string in <var title="">strings</var> does not contain a U+003D EQUALS SIGN character (=), insert a U+003D
+ EQUALS SIGN character (=) at the start of the first string in <var title="">strings</var>.</li>
- <li><p>Let <var title="">pairs</var> be an empty list of name-value
- pairs.</li>
+ <li><p>Let <var title="">pairs</var> be an empty list of name-value pairs.</li>
<li>
- <p>For each string <var title="">string</var> in <var title="">strings</var>, run these substeps:</p>
+ <p>For each string <var title="">string</var> in <var title="">strings</var>, run these
+ substeps:</p>
<ol><li>
- <p>If <var title="">string</var> contains a U+003D EQUALS SIGN
- character (=), then let <var title="">name</var> be the
- substring of <var title="">string</var> from the start of <var title="">string</var> up to but excluding its first U+003D
- EQUALS SIGN character (=), and let <var title="">value</var> be
- the substring from the first character, if any, after the first
- U+003D EQUALS SIGN character (=) up to the end of <var title="">string</var>. If the first U+003D EQUALS SIGN character
- (=) is the first character, then <var title="">name</var> will
- be the empty string. If it is the last character, then <var title="">value</var> will be the empty string.</p>
+ <p>If <var title="">string</var> contains a U+003D EQUALS SIGN character (=), then let <var title="">name</var> be the substring of <var title="">string</var> from the start of <var title="">string</var> up to but excluding its first U+003D EQUALS SIGN character (=), and let
+ <var title="">value</var> be the substring from the first character, if any, after the first
+ U+003D EQUALS SIGN character (=) up to the end of <var title="">string</var>. If the first
+ U+003D EQUALS SIGN character (=) is the first character, then <var title="">name</var> will be
+ the empty string. If it is the last character, then <var title="">value</var> will be the
+ empty string.</p>
- <p>Otherwise, <var title="">string</var> contains no U+003D
- EQUALS SIGN characters (=). Let <var title="">name</var> have
- the value of <var title="">string</var> and let <var title="">value</var> be the empty string.</p>
+ <p>Otherwise, <var title="">string</var> contains no U+003D EQUALS SIGN characters (=). Let
+ <var title="">name</var> have the value of <var title="">string</var> and let <var title="">value</var> be the empty string.</p>
</li>
<li>
- <p>Replace any U+002B PLUS SIGN characters (+) in <var title="">name</var> and <var title="">value</var> with U+0020
- SPACE characters.</p>
+ <p>Replace any U+002B PLUS SIGN characters (+) in <var title="">name</var> and <var title="">value</var> with U+0020 SPACE characters.</p>
</li>
<li>
- <p>Replace any escape in <var title="">name</var> and <var title="">value</var> with the character represented by the
- escape. This replacement must not be recursive.</p>
+ <p>Replace any escape in <var title="">name</var> and <var title="">value</var> with the
+ character represented by the escape. This replacement must not be recursive.</p>
- <p>An escape is a U+0025 PERCENT SIGN character (%) followed by
- two <a href=#ascii-hex-digits>ASCII hex digits</a>.</p>
+ <p>An escape is a U+0025 PERCENT SIGN character (%) followed by two <a href=#ascii-hex-digits>ASCII hex
+ digits</a>.</p>
- <p>The character represented by an escape is the Unicode
- character whose code point is equal to the value of the two
- characters after the U+0025 PERCENT SIGN character (%),
- interpreted as a hexadecimal number (in the range 0..255).</p>
+ <p>The character represented by an escape is the Unicode character whose code point is equal
+ to the value of the two characters after the U+0025 PERCENT SIGN character (%), interpreted as
+ a hexadecimal number (in the range 0..255).</p>
- <p class=example>So for instance the string "<code title="">A%2BC</code>" would become "<code title="">A+C</code>".
- Similarly, the string "<code title="">100%25AA%21</code>"
- becomes the string "<code title="">100%AA!</code>".</p>
+ <p class=example>So for instance the string "<code title="">A%2BC</code>" would become
+ "<code title="">A+C</code>". Similarly, the string "<code title="">100%25AA%21</code>" becomes
+ the string "<code title="">100%AA!</code>".</p>
</li>
- <li><p>Convert the <var title="">name</var> and <var title="">value</var> strings to their byte representation in
- ISO-8859-1 (i.e. convert the Unicode string to a byte string,
- mapping code points to byte values directly).</li>
+ <li><p>Convert the <var title="">name</var> and <var title="">value</var> strings to their byte
+ representation in ISO-8859-1 (i.e. convert the Unicode string to a byte string, mapping code
+ points to byte values directly).</li>
<li><p>Add a pair consisting of <var title="">name</var> and <var title="">value</var> to <var title="">pairs</var>.</li>
</ol></li>
- <li><p>If any of the name-value pairs in <var title="">pairs</var>
- have a name component consisting of the string "<code title="">_charset_</code>" encoded in US-ASCII, and the value
- component of the first such pair, when decoded as US-ASCII, is the
- name of a supported character encoding, then let <var title="">encoding</var> be that character encoding (replacing the
- default passed to the algorithm).</li> <!-- XXX -->
+ <li><p>If any of the name-value pairs in <var title="">pairs</var> have a name component
+ consisting of the string "<code title="">_charset_</code>" encoded in US-ASCII, and the value
+ component of the first such pair, when decoded as US-ASCII, is the name of a supported character
+ encoding, then let <var title="">encoding</var> be that character encoding (replacing the default
+ passed to the algorithm).</li> <!-- XXX -->
- <li><p>Convert the name and value components of each name-value
- pair in <var title="">pairs</var> to Unicode by interpreting the
- bytes according to the encoding <var title="">encoding</var>.</li>
+ <li><p>Convert the name and value components of each name-value pair in <var title="">pairs</var>
+ to Unicode by interpreting the bytes according to the encoding <var title="">encoding</var>.</li>
<li><p>Return <var title="">pairs</var>.</li>
- </ol><p class=note>Parameters on the
- <code><a href=#application/x-www-form-urlencoded>application/x-www-form-urlencoded</a></code> MIME type are
- ignored. In particular, this MIME type does not support the <code title="">charset</code> parameter.</p>
+ </ol><p class=note>Parameters on the <code><a href=#application/x-www-form-urlencoded>application/x-www-form-urlencoded</a></code> MIME type are
+ ignored. In particular, this MIME type does not support the <code title="">charset</code>
+ parameter.</p>
@@ -65922,12 +65798,11 @@
</dl><div class=impl>
-<!--CLEANUP-->
<p>The <dfn id=dom-document-domain title=dom-document-domain><code>domain</code></dfn> attribute on
<code><a href=#document>Document</a></code> objects must be initialized to <a href="#the-document's-domain">the document's domain</a>, if it has
one, and the empty string otherwise. If the value is an IPv6 address, then the square brackets
- from the <a href=#concept-url-host title=concept-url-host>host</a> component must be omitted
- from the attribute's value.</p>
+ from the <a href=#concept-url-host title=concept-url-host>host</a> component must be omitted from the attribute's
+ value.</p>
<p>On getting, the attribute must return its current value, unless the <code><a href=#document>Document</a></code> has
no <a href=#browsing-context>browsing context</a>, in which case it must return the empty string.</p>
@@ -66041,10 +65916,10 @@
protects two different sites on the same host will fail, as the ports are ignored when comparing
origins after the <code title=dom-document-domain><a href=#dom-document-domain>document.domain</a></code> attribute has been
used.</p>
-<!--TOPIC:HTML-->
+<!--TOPIC:HTML-->
<h3 id=sandboxing><span class=secno>6.4 </span>Sandboxing</h3>
@@ -66644,22 +66519,24 @@
<li>If that fails, throw a <code><a href=#securityerror>SecurityError</a></code> exception and abort these steps.</li>
-<!--CLEANUP-->
- <li>Compare the resulting <a href=#parsed-url>parsed URL</a> to the result of applying the <a href=#url-parser>URL parser</a> algorithm to <a href="#the-document's-address">the document's address</a>. If
- any component of these two <a href=#url title=URL>URLs</a> differ other than the <a href=#concept-url-path title=concept-url-path>path</a>, <a href=#concept-url-query title=concept-url-query>query</a>, and <a href=#concept-url-fragment title=concept-url-fragment>fragment</a> components, then throw a
+ <li>Compare the resulting <a href=#parsed-url>parsed URL</a> to the result of applying the <a href=#url-parser>URL
+ parser</a> algorithm to <a href="#the-document's-address">the document's address</a>. If any component of these two
+ <a href=#url title=URL>URLs</a> differ other than the <a href=#concept-url-path title=concept-url-path>path</a>,
+ <a href=#concept-url-query title=concept-url-query>query</a>, and <a href=#concept-url-fragment title=concept-url-fragment>fragment</a> components, then throw a
<code><a href=#securityerror>SecurityError</a></code> exception and abort these steps.</li>
<li>If the <a href=#origin>origin</a> of the resulting <a href=#absolute-url>absolute URL</a> is not the same as
the <a href=#origin>origin</a> of the <a href=#entry-script>entry script</a>'s <a href="#script's-document" title="script's
- document">document</a>, and either the <a href=#concept-url-path title=concept-url-path>path</a> or <a href=#concept-url-query title=concept-url-query>query</a> components of the two <a href=#parsed-url title="parsed URL">parsed URLs</a>
- compared in the previous step differ, throw a <code><a href=#securityerror>SecurityError</a></code> exception and abort
- these steps. (This prevents sandboxed content from spoofing other pages on the same
+ document">document</a>, and either the <a href=#concept-url-path title=concept-url-path>path</a> or <a href=#concept-url-query title=concept-url-query>query</a> components of the two <a href=#parsed-url title="parsed URL">parsed
+ URLs</a> compared in the previous step differ, throw a <code><a href=#securityerror>SecurityError</a></code> exception
+ and abort these steps. (This prevents sandboxed content from spoofing other pages on the same
origin.)</li>
<li><p>Let <var title="">new URL</var> be the resulting <a href=#absolute-url>absolute URL</a>.</li>
</ol><p>For the purposes of the comparisons in the above substeps, the <a href=#concept-url-path title=concept-url-path>path</a> and <a href=#concept-url-query title=concept-url-query>query</a> components
- can only be the same if the <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> component of both <a href=#parsed-url title="parsed URL">parsed URLs</a> are <a href=#concept-url-scheme-relative title=concept-url-scheme-relative>relative schemes</a>.</p>
+ can only be the same if the <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> component of both
+ <a href=#parsed-url title="parsed URL">parsed URLs</a> are <a href=#concept-url-scheme-relative title=concept-url-scheme-relative>relative schemes</a>.</p>
</li>
@@ -66748,13 +66625,11 @@
<div class=example>
- <p>Consider a game where the user can navigate along a line, such
- that the user is always at some coordinate, and such that the user
- can bookmark the page corresponding to a particular coordinate, to
- return to it later.</p>
+ <p>Consider a game where the user can navigate along a line, such that the user is always at some
+ coordinate, and such that the user can bookmark the page corresponding to a particular
+ coordinate, to return to it later.</p>
- <p>A static page implementing the x=5 position in such a game could
- look like the following:</p>
+ <p>A static page implementing the x=5 position in such a game could look like the following:</p>
<pre><!DOCTYPE HTML>
<!-- this is http://example.com/line?x=5 -->
@@ -66765,9 +66640,8 @@
<a href="?x=4">retreat to 4</a>?
</p></pre>
- <p>The problem with such a system is that each time the user
- clicks, the whole page has to be reloaded. Here instead is another
- way of doing it, using script:</p>
+ <p>The problem with such a system is that each time the user clicks, the whole page has to be
+ reloaded. Here instead is another way of doing it, using script:</p>
<pre><!DOCTYPE HTML>
<!-- this starts off as http://example.com/line?x=5 -->
@@ -66797,30 +66671,24 @@
}
</script></pre>
- <p>In systems without script, this still works like the previous
- example. However, users that <em>do</em> have script support can
- now navigate much faster, since there is no network access for the
- same experience. Furthermore, contrary to the experience the user
- would have with just a naïve script-based approach,
- bookmarking and navigating the session history still work.</p>
+ <p>In systems without script, this still works like the previous example. However, users that
+ <em>do</em> have script support can now navigate much faster, since there is no network access
+ for the same experience. Furthermore, contrary to the experience the user would have with just a
+ naïve script-based approach, bookmarking and navigating the session history still work.</p>
- <p>In the example above, the <var title="">data</var> argument to
- the <code title=dom-history-pushState><a href=#dom-history-pushstate>pushState()</a></code> method
- is the same information as would be sent to the server, but in a
- more convenient form, so that the script doesn't have to parse the
- URL each time the user navigates.</p>
+ <p>In the example above, the <var title="">data</var> argument to the <code title=dom-history-pushState><a href=#dom-history-pushstate>pushState()</a></code> method is the same information as would be sent
+ to the server, but in a more convenient form, so that the script doesn't have to parse the URL
+ each time the user navigates.</p>
</div>
<div class=example>
- <p>Applications might not use the same title for a <a href=#session-history-entry>session
- history entry</a> as the value of the document's
- <code><a href=#the-title-element>title</a></code> element at that time. For example, here is a
- simple page that shows a block in the <code><a href=#the-title-element>title</a></code> element.
- Clearly, when navigating backwards to a previous state the user
- does not go back in time, and therefore it would be inappropriate
- to put the time in the session history title.</p>
+ <p>Applications might not use the same title for a <a href=#session-history-entry>session history entry</a> as the
+ value of the document's <code><a href=#the-title-element>title</a></code> element at that time. For example, here is a simple
+ page that shows a block in the <code><a href=#the-title-element>title</a></code> element. Clearly, when navigating backwards to
+ a previous state the user does not go back in time, and therefore it would be inappropriate to
+ put the time in the session history title.</p>
<pre><!DOCTYPE HTML>
<TITLE>Line</TITLE>
@@ -66847,9 +66715,8 @@
<h4 id=the-location-interface><span class=secno>6.5.3 </span>The <code><a href=#location>Location</a></code> interface</h4>
- <p>Each <code><a href=#document>Document</a></code> object in a <a href=#browsing-context>browsing
- context</a>'s session history is associated with a unique
- instance of a <code><a href=#location>Location</a></code> object.</p>
+ <p>Each <code><a href=#document>Document</a></code> object in a <a href=#browsing-context>browsing context</a>'s session history is
+ associated with a unique instance of a <code><a href=#location>Location</a></code> object.</p>
<dl class=domintro><dt><var title="">document</var> . <code title=dom-document-location><a href=#dom-document-location>location</a></code> [ = <var title="">value</var> ]</dt>
<dt><var title="">window</var> . <code title=dom-location><a href=#dom-location>location</a></code> [ = <var title="">value</var> ]</dt>
@@ -66864,14 +66731,12 @@
</dl><div class=impl>
- <p>The <dfn id=dom-document-location title=dom-document-location><code>location</code></dfn> attribute
- of the <code><a href=#document>Document</a></code> interface must return the
- <code><a href=#location>Location</a></code> object for that <code><a href=#document>Document</a></code> object,
- if it is in a <a href=#browsing-context>browsing context</a>, and null otherwise.</p>
+ <p>The <dfn id=dom-document-location title=dom-document-location><code>location</code></dfn> attribute of the
+ <code><a href=#document>Document</a></code> interface must return the <code><a href=#location>Location</a></code> object for that
+ <code><a href=#document>Document</a></code> object, if it is in a <a href=#browsing-context>browsing context</a>, and null otherwise.</p>
- <p>The <dfn id=dom-location title=dom-location><code>location</code></dfn>
- attribute of the <code><a href=#window>Window</a></code> interface must return the
- <code><a href=#location>Location</a></code> object for that <code><a href=#window>Window</a></code> object's
+ <p>The <dfn id=dom-location title=dom-location><code>location</code></dfn> attribute of the <code><a href=#window>Window</a></code>
+ interface must return the <code><a href=#location>Location</a></code> object for that <code><a href=#window>Window</a></code> object's
<code><a href=#document>Document</a></code>.</p>
</div>
@@ -67191,14 +67056,15 @@
<li><p>Let <var title="">gone async</var> be false.</li>
-<!--CLEANUP-->
- <li id=navigate-fragid-step><p><i>Fragment identifiers</i>: Apply the <a href=#url-parser>URL parser</a> algorithm to the <a href=#absolute-url>absolute URL</a> of
- the new resource and the <a href="#the-document's-address" title="the document's address">address</a> of the
- <a href=#active-document>active document</a> of the <a href=#browsing-context>browsing context</a> being navigated. If all the components of the resulting <a href=#parsed-url title="parsed URL">parsed URLs</a> , ignoring any
- <a href=#concept-url-fragment title=concept-url-fragment>fragment</a> components, are identical, and the new resource is to be fetched using HTTP GET <a href=#concept-http-equivalent-get title=concept-http-equivalent-get>or equivalent</a>, and the <a href=#parsed-url>parsed URL</a> of
- the new resource has a <a href=#concept-url-fragment title=concept-url-fragment>fragment</a> component that is not null (even if it
- is empty), then <a href=#scroll-to-fragid title=navigate-fragid>navigate to that fragment identifier</a> and
- abort these steps.</li>
+ <li id=navigate-fragid-step><p><i>Fragment identifiers</i>: Apply the <a href=#url-parser>URL parser</a>
+ algorithm to the <a href=#absolute-url>absolute URL</a> of the new resource and the <a href="#the-document's-address" title="the
+ document's address">address</a> of the <a href=#active-document>active document</a> of the <a href=#browsing-context>browsing
+ context</a> being navigated. If all the components of the resulting <a href=#parsed-url title="parsed
+ URL">parsed URLs</a>, ignoring any <a href=#concept-url-fragment title=concept-url-fragment>fragment</a>
+ components, are identical, and the new resource is to be fetched using HTTP GET <a href=#concept-http-equivalent-get title=concept-http-equivalent-get>or equivalent</a>, and the <a href=#parsed-url>parsed URL</a> of the
+ new resource has a <a href=#concept-url-fragment title=concept-url-fragment>fragment</a> component that is not null
+ (even if it is empty), then <a href=#scroll-to-fragid title=navigate-fragid>navigate to that fragment
+ identifier</a> and abort these steps.</li>
<li><p>If <var title="">gone async</var> is false, cancel any preexisting but not yet <a href=#concept-navigate-mature title=concept-navigate-mature>mature</a> attempt to navigate the <a href=#browsing-context>browsing
context</a>, including canceling any instances of the <a href=#fetch>fetch</a> algorithm started by
@@ -67660,18 +67526,18 @@
encoding is established, the <a href="#document's-character-encoding">document's character encoding</a> must be set to that
character encoding.</p>
-<!--CLEANUP-->
<p>If the root element, as parsed according to the XML specifications cited above, is found to be
an <code><a href=#the-html-element>html</a></code> element with an attribute <code title=attr-html-manifest><a href=#attr-html-manifest>manifest</a></code>
whose value is not the empty string, then, as soon as the element is <a href=#insert-an-element-into-a-document title="insert an
element into a document">inserted into the document</a>, the user agent must <a href=#resolve-a-url title="resolve a url">resolve</a> the value of that attribute relative to that element, and if
- that is successful, must apply the <a href=#url-serializer>URL serializer</a> algorithm to the resulting <a href=#parsed-url>parsed URL</a> with the <i>exclude fragment flag</i> set to obtain <var title="">manifest URL</var>, and then run the <a href=#concept-appcache-init title=concept-appcache-init>application cache selection
- algorithm</a> with <var title="">manifest URL</var>
- as the manifest URL, passing in
- the newly-created <code><a href=#document>Document</a></code>. Otherwise, if the attribute is absent, its value is the
- empty string, or resolving its value fails, then as soon as the root element is <a href=#insert-an-element-into-a-document title="insert an element into a document">inserted into the document</a>, the user agent must
- run the <a href=#concept-appcache-init title=concept-appcache-init>application cache selection algorithm</a> with no
- manifest, and passing in the <code><a href=#document>Document</a></code>.</p>
+ that is successful, must apply the <a href=#url-serializer>URL serializer</a> algorithm to the resulting
+ <a href=#parsed-url>parsed URL</a> with the <i>exclude fragment flag</i> set to obtain <var title="">manifest
+ URL</var>, and then run the <a href=#concept-appcache-init title=concept-appcache-init>application cache selection
+ algorithm</a> with <var title="">manifest URL</var> as the manifest URL, passing in the
+ newly-created <code><a href=#document>Document</a></code>. Otherwise, if the attribute is absent, its value is the empty
+ string, or resolving its value fails, then as soon as the root element is <a href=#insert-an-element-into-a-document title="insert an
+ element into a document">inserted into the document</a>, the user agent must run the <a href=#concept-appcache-init title=concept-appcache-init>application cache selection algorithm</a> with no manifest, and
+ passing in the <code><a href=#document>Document</a></code>.</p>
<p class=note>Because the processing of the <code title=attr-html-manifest><a href=#attr-html-manifest>manifest</a></code>
attribute happens only once the root element is parsed, any URLs referenced by processing
@@ -67909,8 +67775,9 @@
processing model must be followed to determine what <a href=#the-indicated-part-of-the-document>the indicated part of the
document</a> is.</p>
- <ol><!--CLEANUP--><li><p>Apply the <a href=#url-parser>URL parser</a> algorithm to the <a href=#url>URL</a>, and let <var title="">fragid</var> be the <a href=#concept-url-fragment title=concept-url-fragment>fragment</a> component of the
- resulting <a href=#parsed-url>parsed URL</a>.</li><!-- parsing can't fail, since we checked earlier on when navigating -->
+ <ol><li><p>Apply the <a href=#url-parser>URL parser</a> algorithm to the <a href=#url>URL</a>, and let <var title="">fragid</var> be the <a href=#concept-url-fragment title=concept-url-fragment>fragment</a> component of the
+ resulting <a href=#parsed-url>parsed URL</a>.</li><!-- parsing can't fail, since we checked earlier on
+ when navigating -->
<li><p>If <var title="">fragid</var> is the empty string, then <a href=#the-indicated-part-of-the-document>the indicated part of the
document</a> is the top of the document; stop the algorithm here.</li>
@@ -69042,34 +68909,26 @@
</div>
-<!--CLEANUP-->
<h5 id=writing-cache-manifests><span class=secno>6.7.3.2 </span>Writing cache manifests</h5>
- <p>Manifests must be served using the
- <code><a href=#text/cache-manifest>text/cache-manifest</a></code> <a href=#mime-type>MIME type</a>. All
- resources served using the <code><a href=#text/cache-manifest>text/cache-manifest</a></code>
- <a href=#mime-type>MIME type</a> must follow the syntax of application cache
- manifests, as described in this section.</p>
+ <p>Manifests must be served using the <code><a href=#text/cache-manifest>text/cache-manifest</a></code> <a href=#mime-type>MIME type</a>. All
+ resources served using the <code><a href=#text/cache-manifest>text/cache-manifest</a></code> <a href=#mime-type>MIME type</a> must follow the
+ syntax of application cache manifests, as described in this section.</p>
- <p>An application cache manifest is a text file, whose text is
- encoded using UTF-8. Data in application cache manifests is
- line-based. Newlines must be represented by U+000A LINE FEED (LF)
- characters, U+000D CARRIAGE RETURN (CR) characters, or U+000D
- CARRIAGE RETURN (CR) U+000A LINE FEED (LF) pairs. <a href=#refsRFC3629>[RFC3629]</a></p>
+ <p>An application cache manifest is a text file, whose text is encoded using UTF-8. Data in
+ application cache manifests is line-based. Newlines must be represented by U+000A LINE FEED (LF)
+ characters, U+000D CARRIAGE RETURN (CR) characters, or U+000D CARRIAGE RETURN (CR) U+000A LINE
+ FEED (LF) pairs. <a href=#refsRFC3629>[RFC3629]</a></p>
- <p class=note>This is a <a href=#willful-violation>willful violation</a> of RFC
- 2046, which requires all <code title="">text/*</code> types to only
- allow CRLF line breaks. This requirement, however, is outdated; the
- use of CR, LF, and CRLF line breaks is commonly supported and indeed
- sometimes CRLF is <em>not</em> supported by text editors. <a href=#refsRFC2046>[RFC2046]</a></p>
+ <p class=note>This is a <a href=#willful-violation>willful violation</a> of RFC 2046, which requires all <code title="">text/*</code> types to only allow CRLF line breaks. This requirement, however, is
+ outdated; the use of CR, LF, and CRLF line breaks is commonly supported and indeed sometimes CRLF
+ is <em>not</em> supported by text editors. <a href=#refsRFC2046>[RFC2046]</a></p>
- <p>The first line of an application cache manifest must consist of
- the string "CACHE", a single U+0020 SPACE character, the string
- "MANIFEST", and either a U+0020 SPACE character, a U+0009 CHARACTER
- TABULATION (tab) character, a U+000A LINE FEED (LF) character, or a
- U+000D CARRIAGE RETURN (CR) character. The first line may optionally
- be preceded by a U+FEFF BYTE ORDER MARK (BOM) character. If any
- other text is found on the first line, it is ignored.</p>
+ <p>The first line of an application cache manifest must consist of the string "CACHE", a single
+ U+0020 SPACE character, the string "MANIFEST", and either a U+0020 SPACE character, a U+0009
+ CHARACTER TABULATION (tab) character, a U+000A LINE FEED (LF) character, or a U+000D CARRIAGE
+ RETURN (CR) character. The first line may optionally be preceded by a U+FEFF BYTE ORDER MARK (BOM)
+ character. If any other text is found on the first line, it is ignored.</p>
<p>Subsequent lines, if any, must all be one of the following:</p>
@@ -69080,21 +68939,17 @@
<dt>A comment
<dd>
- <p>Comment lines must consist of zero or more U+0020 SPACE and
- U+0009 CHARACTER TABULATION (tab) characters, followed by a single
- U+0023 NUMBER SIGN character (#), followed by zero or more
- characters other than U+000A LINE FEED (LF) and U+000D CARRIAGE
- RETURN (CR) characters.</p>
+ <p>Comment lines must consist of zero or more U+0020 SPACE and U+0009 CHARACTER TABULATION (tab)
+ characters, followed by a single U+0023 NUMBER SIGN character (#), followed by zero or more
+ characters other than U+000A LINE FEED (LF) and U+000D CARRIAGE RETURN (CR) characters.</p>
- <p class=note>Comments must be on a line on their own. If they
- were to be included on a line with a URL, the "#" would be
- mistaken for part of a fragment identifier.</p>
+ <p class=note>Comments must be on a line on their own. If they were to be included on a line
+ with a URL, the "#" would be mistaken for part of a fragment identifier.</p>
<dt>A section header
<dd>
- <p>Section headers change the current section. There are four
- possible section headers:
+ <p>Section headers change the current section. There are four possible section headers:
<dl><dt><code>CACHE:</code>
<dd>Switches to the <dfn id=concept-appcache-manifest-explicit title=concept-appcache-manifest-explicit>explicit section</dfn>.
@@ -69108,258 +68963,212 @@
<dt><code>SETTINGS:</code>
<dd>Switches to the <dfn id=concept-appcache-manifest-settings title=concept-appcache-manifest-settings>settings section</dfn>.
- </dl><p>Section header lines must consist of zero or more U+0020 SPACE
- and U+0009 CHARACTER TABULATION (tab) characters, followed by one
- of the names above (including the U+003A COLON character (:))
- followed by zero or more U+0020 SPACE and U+0009 CHARACTER
- TABULATION (tab) characters.</p>
+ </dl><p>Section header lines must consist of zero or more U+0020 SPACE and U+0009 CHARACTER
+ TABULATION (tab) characters, followed by one of the names above (including the U+003A COLON
+ character (:)) followed by zero or more U+0020 SPACE and U+0009 CHARACTER TABULATION (tab)
+ characters.</p>
- <p>Ironically, by default, the current section is the
- <a href=#concept-appcache-manifest-explicit title=concept-appcache-manifest-explicit>explicit section</a>.</p>
+ <p>Ironically, by default, the current section is the <a href=#concept-appcache-manifest-explicit title=concept-appcache-manifest-explicit>explicit section</a>.</p>
<dt>Data for the current section
<dd>
- <p>The format that data lines must take depends on the current
- section.</p>
+ <p>The format that data lines must take depends on the current section.</p>
+
<p>When the current section is the <a href=#concept-appcache-manifest-explicit title=concept-appcache-manifest-explicit>explicit
- section</a>, data lines must consist of zero or more U+0020
- SPACE and U+0009 CHARACTER TABULATION (tab) characters, a
- <a href=#valid-url>valid URL</a> identifying a resource other than the
- manifest itself, and then zero or more U+0020 SPACE and U+0009
- CHARACTER TABULATION (tab) characters.</p>
+ section</a>, data lines must consist of zero or more U+0020 SPACE and U+0009 CHARACTER
+ TABULATION (tab) characters, a <a href=#valid-url>valid URL</a> identifying a resource other than the
+ manifest itself, and then zero or more U+0020 SPACE and U+0009 CHARACTER TABULATION (tab)
+ characters.</p>
<p>When the current section is the <a href=#concept-appcache-manifest-fallback title=concept-appcache-manifest-fallback>fallback
- section</a>, data lines must consist of zero or more U+0020
- SPACE and U+0009 CHARACTER TABULATION (tab) characters, a
- <a href=#valid-url>valid URL</a> identifying a resource other than the
- manifest itself, one or more U+0020 SPACE and U+0009 CHARACTER
- TABULATION (tab) characters, another <a href=#valid-url>valid URL</a>
- identifying a resource other than the manifest itself, and then
- zero or more U+0020 SPACE and U+0009 CHARACTER TABULATION (tab)
- characters.</p>
+ section</a>, data lines must consist of zero or more U+0020 SPACE and U+0009 CHARACTER
+ TABULATION (tab) characters, a <a href=#valid-url>valid URL</a> identifying a resource other than the
+ manifest itself, one or more U+0020 SPACE and U+0009 CHARACTER TABULATION (tab) characters,
+ another <a href=#valid-url>valid URL</a> identifying a resource other than the manifest itself, and then
+ zero or more U+0020 SPACE and U+0009 CHARACTER TABULATION (tab) characters.</p>
- <p>When the current section is the <a href=#concept-appcache-manifest-network title=concept-appcache-manifest-network>online whitelist
- section</a>, data lines must consist of zero or more U+0020
- SPACE and U+0009 CHARACTER TABULATION (tab) characters, either a
- single U+002A ASTERISK character (*) <!--
- concept-appcache-onlinewhitelist-wildcard --> or a <a href=#valid-url>valid
- URL</a> identifying a resource other than the manifest itself,
- and then zero or more U+0020 SPACE and U+0009 CHARACTER TABULATION
- (tab) characters.</p>
+ <p>When the current section is the <a href=#concept-appcache-manifest-network title=concept-appcache-manifest-network>online
+ whitelist section</a>, data lines must consist of zero or more U+0020 SPACE and U+0009
+ CHARACTER TABULATION (tab) characters, either a single U+002A ASTERISK character (*) <!--
+ concept-appcache-onlinewhitelist-wildcard --> or a <a href=#valid-url>valid URL</a> identifying a resource
+ other than the manifest itself, and then zero or more U+0020 SPACE and U+0009 CHARACTER
+ TABULATION (tab) characters.</p>
<p>When the current section is the <a href=#concept-appcache-manifest-settings title=concept-appcache-manifest-settings>settings
- section</a>, data lines must consist of zero or more U+0020
- SPACE and U+0009 CHARACTER TABULATION (tab) characters, a <a href=#concept-appcache-manifest-setting title=concept-appcache-manifest-setting>setting</a>, and then
- zero or more U+0020 SPACE and U+0009 CHARACTER TABULATION (tab)
- characters.</p>
+ section</a>, data lines must consist of zero or more U+0020 SPACE and U+0009 CHARACTER
+ TABULATION (tab) characters, a <a href=#concept-appcache-manifest-setting title=concept-appcache-manifest-setting>setting</a>,
+ and then zero or more U+0020 SPACE and U+0009 CHARACTER TABULATION (tab) characters.</p>
<p>Currently only one <dfn id=concept-appcache-manifest-setting title=concept-appcache-manifest-setting>setting</dfn> is
defined:</p>
<dl><dt>The cache mode setting</dt>
- <dd>This consists of the string "<code title="">prefer-online</code>". It sets the <a href=#concept-appcache-mode title=concept-appcache-mode>cache mode</a> to <a href=#concept-appcache-mode-prefer-online title=concept-appcache-mode-prefer-online>prefer-online</a>.
- (The <a href=#concept-appcache-mode title=concept-appcache-mode>cache mode</a>
- defaults to <a href=#concept-appcache-mode-fast title=concept-appcache-mode-fast>fast</a>.)</dd>
+ <dd>This consists of the string "<code title="">prefer-online</code>". It sets the <a href=#concept-appcache-mode title=concept-appcache-mode>cache mode</a> to <a href=#concept-appcache-mode-prefer-online title=concept-appcache-mode-prefer-online>prefer-online</a>. (The <a href=#concept-appcache-mode title=concept-appcache-mode>cache mode</a> defaults to <a href=#concept-appcache-mode-fast title=concept-appcache-mode-fast>fast</a>.)</dd>
- </dl><p>Within a <a href=#concept-appcache-manifest-settings title=concept-appcache-manifest-settings>settings
- section</a>, each <a href=#concept-appcache-manifest-setting title=concept-appcache-manifest-setting>setting</a> must
- occur no more than once.</p>
+ </dl><p>Within a <a href=#concept-appcache-manifest-settings title=concept-appcache-manifest-settings>settings section</a>, each <a href=#concept-appcache-manifest-setting title=concept-appcache-manifest-setting>setting</a> must occur no more than once.</p>
<!--
- <p class="note">The URLs in data lines can't be empty strings,
- since those would be relative URLs to the manifest itself. Such
- lines would be confused with blank or invalid lines, anyway.</p>
+ <p class="note">The URLs in data lines can't be empty strings, since those would be relative
+ URLs to the manifest itself. Such lines would be confused with blank or invalid lines,
+ anyway.</p>
-->
- </dl><p>Manifests may contain sections more than once. Sections may be
- empty.</p>
+ </dl><p>Manifests may contain sections more than once. Sections may be empty.</p>
- <p>URLs that are to be fallback pages associated with <a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>fallback namespaces</a>, and
- those namespaces themselves, must be given in <a href=#concept-appcache-manifest-fallback title=concept-appcache-manifest-fallback>fallback sections</a>,
- with the namespace being the first URL of the data line, and the
- corresponding fallback page being the second URL. All the other
- pages to be cached must be listed in <a href=#concept-appcache-manifest-explicit title=concept-appcache-manifest-explicit>explicit
- sections</a>.</p>
+ <p>URLs that are to be fallback pages associated with <a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>fallback namespaces</a>, and those namespaces themselves,
+ must be given in <a href=#concept-appcache-manifest-fallback title=concept-appcache-manifest-fallback>fallback sections</a>, with
+ the namespace being the first URL of the data line, and the corresponding fallback page being the
+ second URL. All the other pages to be cached must be listed in <a href=#concept-appcache-manifest-explicit title=concept-appcache-manifest-explicit>explicit sections</a>.</p>
- <p><a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>Fallback
- namespaces</a> and <a href=#concept-appcache-fallback title=concept-appcache-fallback>fallback entries</a> must have
- the <a href=#same-origin>same origin</a> as the manifest itself.</p>
+ <p><a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>Fallback namespaces</a> and <a href=#concept-appcache-fallback title=concept-appcache-fallback>fallback entries</a> must have the <a href=#same-origin>same origin</a>
+ as the manifest itself.</p>
- <p>A <a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>fallback
- namespace</a> must not be listed more than once.</p>
+ <p>A <a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>fallback namespace</a> must not be listed more
+ than once.</p>
- <p>Namespaces that the user agent is to put into the <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online whitelist</a>
- must all be specified in <a href=#concept-appcache-manifest-network title=concept-appcache-manifest-network>online whitelist
- sections</a>. (This is needed for any URL that the page is
- intending to use to communicate back to the server.) To specify that
- all URLs are automatically whitelisted in this way, a U+002A
- ASTERISK character (*) may be specified as one of the URLs. <!--
- concept-appcache-onlinewhitelist-wildcard --></p>
+ <p>Namespaces that the user agent is to put into the <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online whitelist</a> must all be specified in <a href=#concept-appcache-manifest-network title=concept-appcache-manifest-network>online whitelist sections</a>. (This is needed for
+ any URL that the page is intending to use to communicate back to the server.) To specify that all
+ URLs are automatically whitelisted in this way, a U+002A ASTERISK character (*) may be specified
+ as one of the URLs. <!-- concept-appcache-onlinewhitelist-wildcard --></p>
- <p>Authors should not include namespaces in the <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online whitelist</a> for
- which another namespace in the <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online whitelist</a> is
- a <a href=#prefix-match>prefix match</a>.</p>
+ <p>Authors should not include namespaces in the <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online whitelist</a> for which another namespace in
+ the <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online whitelist</a> is a <a href=#prefix-match>prefix
+ match</a>.</p>
<p><a href=#relative-url title="relative URL">Relative URLs</a> must be given relative to the manifest's own
- URL. All URLs in the manifest must have the same <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> as the manifest itself
- (either explicitly or implicitly, through the use of <a href=#relative-url title="relative url">relative
- URLs</a>). <a href=#refsURL>[URL]</a></p>
+ URL. All URLs in the manifest must have the same <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> as
+ the manifest itself (either explicitly or implicitly, through the use of <a href=#relative-url title="relative
+ url">relative URLs</a>). <a href=#refsURL>[URL]</a></p>
- <p>URLs in manifests must not have fragment identifiers (i.e. the
- U+0023 NUMBER SIGN character isn't allowed in URLs in
- manifests).</p>
+ <p>URLs in manifests must not have fragment identifiers (i.e. the U+0023 NUMBER SIGN character
+ isn't allowed in URLs in manifests).</p>
- <p><a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>Fallback
- namespaces</a> and namespaces in the <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online whitelist</a> are
- matched by <a href=#prefix-match>prefix match</a>.</p>
+ <p><a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>Fallback namespaces</a> and namespaces in the
+ <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online whitelist</a> are matched by <a href=#prefix-match>prefix
+ match</a>.</p>
-<!--CLEANUP-->
<div class=impl>
<h5 id=parsing-cache-manifests><span class=secno>6.7.3.3 </span>Parsing cache manifests</h5>
- <p>When a user agent is to <dfn id=parse-a-manifest>parse a manifest</dfn>, it means
- that the user agent must run the following steps:</p>
+ <p>When a user agent is to <dfn id=parse-a-manifest>parse a manifest</dfn>, it means that the user agent must run the
+ following steps:</p>
- <ol><li><p>Decode the byte stream corresponding
- with the manifest to be parsed <a href=#decoded-as-utf-8,-with-error-handling title="decoded as UTF-8, with
- error handling">as UTF-8, with error handling</a>. <!--All
- U+0000 NULL characters must be replaced by U+FFFD REPLACEMENT
- CHARACTERs. (this isn't black-box testable since neither U+0000 nor
- U+FFFD are valid anywhere in the syntax and thus both will be
- treated the same anyway)--></li>
+ <ol><li><p>Decode the byte stream corresponding with the manifest to be parsed <a href=#decoded-as-utf-8,-with-error-handling title="decoded
+ as UTF-8, with error handling">as UTF-8, with error handling</a>. <!--All U+0000 NULL
+ characters must be replaced by U+FFFD REPLACEMENT CHARACTERs. (this isn't black-box testable
+ since neither U+0000 nor U+FFFD are valid anywhere in the syntax and thus both will be treated
+ the same anyway)--></li>
- <li><p>Let <var title="">base URL</var> be the <a href=#absolute-url>absolute
- URL</a> representing the manifest.</li>
+ <li><p>Let <var title="">base URL</var> be the <a href=#absolute-url>absolute URL</a> representing the
+ manifest.</li>
<li><p>Apply the <a href=#url-parser>URL parser</a> steps to the <var title="">base URL</var>, so that the
components from its <a href=#parsed-url>parsed URL</a> can be used by the subseqent steps of this
algorithm.</li>
- <li><p>Let <var title="">explicit URLs</var> be an initially empty
- list of <a href=#absolute-url title="absolute URL">absolute URLs</a> for <a href=#concept-appcache-explicit title=concept-appcache-explicit>explicit entries</a>.</li>
+ <li><p>Let <var title="">explicit URLs</var> be an initially empty list of <a href=#absolute-url title="absolute
+ URL">absolute URLs</a> for <a href=#concept-appcache-explicit title=concept-appcache-explicit>explicit
+ entries</a>.</li>
- <li><p>Let <var title="">fallback URLs</var> be an initially empty
- mapping of <a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>fallback
- namespaces</a> to <a href=#absolute-url title="absolute URL">absolute
- URLs</a> for <a href=#concept-appcache-fallback title=concept-appcache-fallback>fallback
+ <li><p>Let <var title="">fallback URLs</var> be an initially empty mapping of <a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>fallback namespaces</a> to <a href=#absolute-url title="absolute
+ URL">absolute URLs</a> for <a href=#concept-appcache-fallback title=concept-appcache-fallback>fallback
entries</a>.</li>
- <li><p>Let <var title="">online whitelist namespaces</var> be an
- initially empty list of <a href=#absolute-url title="absolute URL">absolute
- URLs</a> for an <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online
- whitelist</a>.</li>
+ <li><p>Let <var title="">online whitelist namespaces</var> be an initially empty list of <a href=#absolute-url title="absolute URL">absolute URLs</a> for an <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online whitelist</a>.</li>
<li><p>Let <var title="">online whitelist wildcard flag</var> be <i title="">blocking</i>. <!--
concept-appcache-onlinewhitelist-wildcard --></li>
- <li><p>Let <var title="">cache mode flag</var> be <i title="">fast</i>. <!-- concept-appcache-mode-fast --></li>
+ <li><p>Let <var title="">cache mode flag</var> be <i title="">fast</i>. <!--
+ concept-appcache-mode-fast --></li>
- <li><p>Let <var title="">input</var> be the decoded text of the
- manifest's byte stream.</li>
+ <li><p>Let <var title="">input</var> be the decoded text of the manifest's byte stream.</li>
- <li><p>Let <var title="">position</var> be a pointer into <var title="">input</var>, initially pointing at the first
- character.</li>
+ <li><p>Let <var title="">position</var> be a pointer into <var title="">input</var>, initially
+ pointing at the first character.</li>
- <li><p>If <var title="">position</var> is pointing at a U+FEFF BYTE
- ORDER MARK (BOM) character, then advance <var title="">position</var> to the next character.</li>
+ <li><p>If <var title="">position</var> is pointing at a U+FEFF BYTE ORDER MARK (BOM) character,
+ then advance <var title="">position</var> to the next character.</li>
- <li><p>If the characters starting from <var title="">position</var>
- are "CACHE", followed by a U+0020 SPACE character, followed by
- "MANIFEST", then advance <var title="">position</var> to the next
- character after those. Otherwise, this isn't a cache manifest;
- abort this algorithm with a failure while checking for the magic
- signature.</li>
+ <li><p>If the characters starting from <var title="">position</var> are "CACHE", followed by a
+ U+0020 SPACE character, followed by "MANIFEST", then advance <var title="">position</var> to the
+ next character after those. Otherwise, this isn't a cache manifest; abort this algorithm with a
+ failure while checking for the magic signature.</li>
- <li><p>If the character at <var title="">position</var> is neither
- a U+0020 SPACE character, a U+0009 CHARACTER TABULATION (tab)
- character, U+000A LINE FEED (LF) character, nor a U+000D CARRIAGE
- RETURN (CR) character, then this isn't a cache manifest; abort this
- algorithm with a failure while checking for the magic
- signature.</li>
+ <li><p>If the character at <var title="">position</var> is neither a U+0020 SPACE character, a
+ U+0009 CHARACTER TABULATION (tab) character, U+000A LINE FEED (LF) character, nor a U+000D
+ CARRIAGE RETURN (CR) character, then this isn't a cache manifest; abort this algorithm with a
+ failure while checking for the magic signature.</li>
<li><p>This is a cache manifest. The algorithm cannot fail beyond
this point (though bogus lines can get ignored).</li>
- <li><p><a href=#collect-a-sequence-of-characters>Collect a sequence of characters</a> that are
- <em>not</em> U+000A LINE FEED (LF) or U+000D CARRIAGE RETURN (CR)
- characters, and ignore those characters. (Extra text on the first
+ <li><p><a href=#collect-a-sequence-of-characters>Collect a sequence of characters</a> that are <em>not</em> U+000A LINE FEED (LF)
+ or U+000D CARRIAGE RETURN (CR) characters, and ignore those characters. (Extra text on the first
line, after the signature, is ignored.)</li>
<li><p>Let <var title="">mode</var> be "explicit".</li>
- <li><p><i>Start of line</i>: If <var title="">position</var> is
- past the end of <var title="">input</var>, then jump to the last
- step. Otherwise, <a href=#collect-a-sequence-of-characters>collect a sequence of characters</a> that
- are U+000A LINE FEED (LF), U+000D CARRIAGE RETURN (CR), U+0020
- SPACE, or U+0009 CHARACTER TABULATION (tab) characters.</li>
+ <li><p><i>Start of line</i>: If <var title="">position</var> is past the end of <var title="">input</var>, then jump to the last step. Otherwise, <a href=#collect-a-sequence-of-characters>collect a sequence of
+ characters</a> that are U+000A LINE FEED (LF), U+000D CARRIAGE RETURN (CR), U+0020 SPACE, or
+ U+0009 CHARACTER TABULATION (tab) characters.</li>
<!-- strips leading spaces, ignores space-only lines, ignores blank lines -->
- <li><p>Now, <a href=#collect-a-sequence-of-characters>collect a sequence of characters</a> that are
- <em>not</em> U+000A LINE FEED (LF) or U+000D CARRIAGE RETURN (CR)
- characters, and let the result be <var title="">line</var>.</li>
+ <li><p>Now, <a href=#collect-a-sequence-of-characters>collect a sequence of characters</a> that are <em>not</em> U+000A LINE FEED
+ (LF) or U+000D CARRIAGE RETURN (CR) characters, and let the result be <var title="">line</var>.</li>
- <li><p>Drop any trailing U+0020 SPACE and U+0009 CHARACTER
- TABULATION (tab) characters at the end of <var title="">line</var>.</li>
+ <li><p>Drop any trailing U+0020 SPACE and U+0009 CHARACTER TABULATION (tab) characters at the end
+ of <var title="">line</var>.</li>
- <li><p>If <var title="">line</var> is the empty string, then jump
- back to the step labeled "start of line".</li>
+ <li><p>If <var title="">line</var> is the empty string, then jump back to the step labeled "start
+ of line".</li>
- <li><p>If the first character in <var title="">line</var> is a
- U+0023 NUMBER SIGN character (#), then jump back to the step
- labeled "start of line".</li>
+ <li><p>If the first character in <var title="">line</var> is a U+0023 NUMBER SIGN character (#),
+ then jump back to the step labeled "start of line".</li>
- <li><p>If <var title="">line</var> equals "CACHE:" (the word
- "CACHE" followed by a U+003A COLON character (:)), then set <var title="">mode</var> to "explicit" and jump back to the step
- labeled "start of line".</li>
+ <li><p>If <var title="">line</var> equals "CACHE:" (the word "CACHE" followed by a U+003A COLON
+ character (:)), then set <var title="">mode</var> to "explicit" and jump back to the step labeled
+ "start of line".</li>
- <li><p>If <var title="">line</var> equals "FALLBACK:" (the word
- "FALLBACK" followed by a U+003A COLON character (:)), then set <var title="">mode</var> to "fallback" and jump back to the step
+ <li><p>If <var title="">line</var> equals "FALLBACK:" (the word "FALLBACK" followed by a U+003A
+ COLON character (:)), then set <var title="">mode</var> to "fallback" and jump back to the step
labeled "start of line".</li>
- <li><p>If <var title="">line</var> equals "NETWORK:" (the word
- "NETWORK" followed by a U+003A COLON character (:)), then set <var title="">mode</var> to "online whitelist" and jump back to the step
+ <li><p>If <var title="">line</var> equals "NETWORK:" (the word "NETWORK" followed by a U+003A
+ COLON character (:)), then set <var title="">mode</var> to "online whitelist" and jump back to
+ the step labeled "start of line".</li>
+
+ <li><p>If <var title="">line</var> equals "SETTINGS:" (the word "SETTINGS" followed by a U+003A
+ COLON character (:)), then set <var title="">mode</var> to "settings" and jump back to the step
labeled "start of line".</li>
- <li><p>If <var title="">line</var> equals "SETTINGS:" (the word
- "SETTINGS" followed by a U+003A COLON character (:)), then set <var title="">mode</var> to "settings" and jump back to the step labeled
- "start of line".</li>
+ <li><p>If <var title="">line</var> ends with a U+003A COLON character (:), then set <var title="">mode</var> to "unknown" and jump back to the step labeled "start of line".</li>
- <li><p>If <var title="">line</var> ends with a U+003A COLON
- character (:), then set <var title="">mode</var> to "unknown" and
- jump back to the step labeled "start of line".</li>
+ <li><p>This is either a data line or it is syntactically incorrect.</li>
- <li><p>This is either a data line or it is syntactically
- incorrect.</li>
+ <li><p>Let <var title="">position</var> be a pointer into <var title="">line</var>, initially
+ pointing at the start of the string.</li>
- <li><p>Let <var title="">position</var> be a pointer into <var title="">line</var>, initially pointing at the start of the
- string.</li>
+ <li><p>Let <var title="">tokens</var> be a list of strings, initially empty.</li>
- <li><p>Let <var title="">tokens</var> be a list of strings,
- initially empty.</li>
-
<li>
- <p>While <var title="">position</var> doesn't point past the end
- of <var title="">line</var>:</p>
+ <p>While <var title="">position</var> doesn't point past the end of <var title="">line</var>:</p>
- <ol><li><p>Let <var title="">current token</var> be an empty
- string.</li>
+ <ol><li><p>Let <var title="">current token</var> be an empty string.</li>
- <li><p>While <var title="">position</var> doesn't point past the
- end of <var title="">line</var> and the character at <var title="">position</var> is neither a U+0020 SPACE nor a U+0009
- CHARACTER TABULATION (tab) character, add the character at <var title="">position</var> to <var title="">current token</var> and
- advance <var title="">position</var> to the next character in
- <var title="">input</var>.</li>
+ <li><p>While <var title="">position</var> doesn't point past the end of <var title="">line</var> and the character at <var title="">position</var> is neither a U+0020 SPACE
+ nor a U+0009 CHARACTER TABULATION (tab) character, add the character at <var title="">position</var> to <var title="">current token</var> and advance <var title="">position</var> to the next character in <var title="">input</var>.</li>
<li><p>Add <var title="">current token</var> to the <var title="">tokens</var> list.</li>
- <li><p>While <var title="">position</var> doesn't point past the
- end of <var title="">line</var> and the character at <var title="">position</var> is either a U+0020 SPACE or a U+0009
- CHARACTER TABULATION (tab) character, advance <var title="">position</var> to the next character in <var title="">input</var>.</li>
+ <li><p>While <var title="">position</var> doesn't point past the end of <var title="">line</var> and the character at <var title="">position</var> is either a U+0020 SPACE
+ or a U+0009 CHARACTER TABULATION (tab) character, advance <var title="">position</var> to the
+ next character in <var title="">input</var>.</li>
</ol></li>
@@ -69371,20 +69180,17 @@
<dd>
- <p><a href=#resolve-a-url title="resolve a url">Resolve</a> the first item in
- <var title="">tokens</var>, relative to <var title="">base
- URL</var>; ignore the rest.</p>
+ <p><a href=#resolve-a-url title="resolve a url">Resolve</a> the first item in <var title="">tokens</var>,
+ relative to <var title="">base URL</var>; ignore the rest.</p>
- <p>If this fails, then jump back to the step labeled "start of
- line".</p>
+ <p>If this fails, then jump back to the step labeled "start of line".</p>
- <p>If the resulting <a href=#parsed-url>parsed URL</a> has a different
- <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> component than
- <var title="">base URL</var> (the manifest's URL), then jump back to the step
- labeled "start of line".</p>
+ <p>If the resulting <a href=#parsed-url>parsed URL</a> has a different <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> component than <var title="">base URL</var> (the
+ manifest's URL), then jump back to the step labeled "start of line".</p>
<p>Let <var title="">new URL</var> be the result of applying the <a href=#url-serializer>URL serializer</a>
- algorithm to the resulting <a href=#parsed-url>parsed URL</a>, with the <i>exclude fragment flag</i> set.</p>
+ algorithm to the resulting <a href=#parsed-url>parsed URL</a>, with the <i>exclude fragment flag</i>
+ set.</p>
<p>Add <var title="">new URL</var> to the <var title="">explicit URLs</var>.</p>
@@ -69394,19 +69200,16 @@
<dd>
- <p>Let <var title="">part one</var> be the first token in <var title="">tokens</var>, and let <var title="">part two</var> be
- the second token in <var title="">tokens</var>.</p>
+ <p>Let <var title="">part one</var> be the first token in <var title="">tokens</var>, and let
+ <var title="">part two</var> be the second token in <var title="">tokens</var>.</p>
- <p><a href=#resolve-a-url title="resolve a url">Resolve</a> <var title="">part
- one</var> and <var title="">part two</var>, relative to <var title="">base URL</var>.</p>
+ <p><a href=#resolve-a-url title="resolve a url">Resolve</a> <var title="">part one</var> and <var title="">part two</var>, relative to <var title="">base URL</var>.</p>
- <p>If either fails, then jump back to the step labeled "start of
- line".</p>
+ <p>If either fails, then jump back to the step labeled "start of line".</p>
- <p>If the <a href=#absolute-url>absolute URL</a> corresponding to either <var title="">part one</var> or <var title="">part two</var> does not
- have the <a href=#same-origin>same origin</a> as the manifest's URL, then
- jump back to the step labeled "start of line".</p> <!-- SECURITY
- -->
+ <p>If the <a href=#absolute-url>absolute URL</a> corresponding to either <var title="">part one</var> or
+ <var title="">part two</var> does not have the <a href=#same-origin>same origin</a> as the manifest's URL,
+ then jump back to the step labeled "start of line".</p> <!-- SECURITY -->
<p>Let <var title="">part one</var> be the result of applying the <a href=#url-serializer>URL serializer</a>
algorithm to the first resulting <a href=#parsed-url>parsed URL</a>, with the <i>exclude fragment
@@ -69416,14 +69219,14 @@
algorithm to the second resulting <a href=#parsed-url>parsed URL</a>, with the <i>exclude fragment
flag</i> set.</p>
- <p>If <var title="">part one</var> is already in the <var title="">fallback
- URLs</var> mapping as a <a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>fallback namespace</a>,
- then jump back to the step labeled "start of line".</p>
+ <p>If <var title="">part one</var> is already in the <var title="">fallback URLs</var> mapping
+ as a <a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>fallback namespace</a>, then jump back to
+ the step labeled "start of line".</p>
- <p>Otherwise, add
- <var title="">part one</var> to the <var title="">fallback
- URLs</var> mapping as a <a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>fallback namespace</a>,
- mapped to <var title="">part two</var> as the <a href=#concept-appcache-fallback title=concept-appcache-fallback>fallback entry</a>.</p>
+ <p>Otherwise, add <var title="">part one</var> to the <var title="">fallback URLs</var>
+ mapping as a <a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>fallback namespace</a>, mapped to
+ <var title="">part two</var> as the <a href=#concept-appcache-fallback title=concept-appcache-fallback>fallback
+ entry</a>.</p>
</dd>
@@ -69431,24 +69234,20 @@
<dd>
- <p>If the first item in <var title="">tokens</var> is a U+002A
- ASTERISK character (*), then set <var title="">online whitelist
- wildcard flag</var> to <i title="">open</i> and jump back to the
- step labeled "start of line".</p>
+ <p>If the first item in <var title="">tokens</var> is a U+002A ASTERISK character (*), then
+ set <var title="">online whitelist wildcard flag</var> to <i title="">open</i> and jump back
+ to the step labeled "start of line".</p>
- <p>Otherwise, <a href=#resolve-a-url title="resolve a url">resolve</a> the
- first item in <var title="">tokens</var>, relative to <var title="">base URL</var>; ignore the rest.</p>
+ <p>Otherwise, <a href=#resolve-a-url title="resolve a url">resolve</a> the first item in <var title="">tokens</var>, relative to <var title="">base URL</var>; ignore the rest.</p>
- <p>If this fails, then jump back to the step labeled "start of
- line".</p>
+ <p>If this fails, then jump back to the step labeled "start of line".</p>
- <p>If the resulting <a href=#parsed-url>parsed URL</a> has a different
- <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> component than
- <var title="">base URL</var> (the manifest's URL), then jump back to the step
- labeled "start of line".</p>
+ <p>If the resulting <a href=#parsed-url>parsed URL</a> has a different <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> component than <var title="">base URL</var> (the
+ manifest's URL), then jump back to the step labeled "start of line".</p>
<p>Let <var title="">new URL</var> be the result of applying the <a href=#url-serializer>URL serializer</a>
- algorithm to the resulting <a href=#parsed-url>parsed URL</a>, with the <i>exclude fragment flag</i> set.</p>
+ algorithm to the resulting <a href=#parsed-url>parsed URL</a>, with the <i>exclude fragment flag</i>
+ set.</p>
<p>Add <var title="">new URL</var> to the <var title="">online whitelist namespaces</var>.</p>
@@ -69458,13 +69257,12 @@
<dd>
- <p>If <var title="">tokens</var> contains a single token, and
- that token is a <a href=#case-sensitive>case-sensitive</a> match for the string
- "<code title="">prefer-online</code>", then set <var title="">cache mode flag</var> to <i title="">prefer-online</i>
- and jump back to the step labeled "start of line".</p>
+ <p>If <var title="">tokens</var> contains a single token, and that token is a
+ <a href=#case-sensitive>case-sensitive</a> match for the string "<code title="">prefer-online</code>", then
+ set <var title="">cache mode flag</var> to <i title="">prefer-online</i> and jump back to the
+ step labeled "start of line".</p>
- <p>Otherwise, the line is an unsupported setting: do nothing;
- the line is ignored.</p>
+ <p>Otherwise, the line is an unsupported setting: do nothing; the line is ignored.</p>
</dd>
@@ -69478,41 +69276,27 @@
</dl></li>
- <li><p>Jump back to the step labeled "start of line". (That step
- jumps to the next, and last, step when the end of the file is
- reached.)</li>
+ <li><p>Jump back to the step labeled "start of line". (That step jumps to the next, and last,
+ step when the end of the file is reached.)</li>
- <li><p>Return the <var title="">explicit URLs</var> list, the <var title="">fallback URLs</var> mapping, the <var title="">online
- whitelist namespaces</var>, the <var title="">online whitelist
- wildcard flag</var>, and the <var title="">cache mode
- flag</var>.</li>
+ <li><p>Return the <var title="">explicit URLs</var> list, the <var title="">fallback URLs</var>
+ mapping, the <var title="">online whitelist namespaces</var>, the <var title="">online whitelist
+ wildcard flag</var>, and the <var title="">cache mode flag</var>.</li>
</ol><div class=note>
- <p>The resource that declares the manifest (with the <code title=attr-html-manifest><a href=#attr-html-manifest>manifest</a></code> attribute) will always
- get taken from the cache, whether it is listed in the cache or not,
- even if it is listed in an <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online whitelist
- namespace</a>.</p>
+ <p>The resource that declares the manifest (with the <code title=attr-html-manifest><a href=#attr-html-manifest>manifest</a></code> attribute) will always get taken from the cache,
+ whether it is listed in the cache or not, even if it is listed in an <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online whitelist namespace</a>.</p>
- <p>If a resource is listed in the <a href=#concept-appcache-manifest-explicit title=concept-appcache-manifest-explicit>explicit section</a>
- or as a <a href=#concept-appcache-fallback title=concept-appcache-fallback>fallback
- entry</a> in the <a href=#concept-appcache-manifest-fallback title=concept-appcache-manifest-fallback>fallback section</a>,
- the resource will always be taken from the cache, regardless of any
- other matching entries in the <a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>fallback namespaces</a> or
- <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online whitelist
- namespaces</a>.</p>
+ <p>If a resource is listed in the <a href=#concept-appcache-manifest-explicit title=concept-appcache-manifest-explicit>explicit
+ section</a> or as a <a href=#concept-appcache-fallback title=concept-appcache-fallback>fallback entry</a> in the <a href=#concept-appcache-manifest-fallback title=concept-appcache-manifest-fallback>fallback section</a>, the resource will always be
+ taken from the cache, regardless of any other matching entries in the <a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>fallback namespaces</a> or <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online whitelist namespaces</a>.</p>
- <p>When a <a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>fallback
- namespace</a> and an <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online whitelist
- namespace</a> overlap, the <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online whitelist
- namespace</a> has priority.</p>
+ <p>When a <a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>fallback namespace</a> and an <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online whitelist namespace</a> overlap, the <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online whitelist namespace</a> has priority.</p>
- <p>The <a href=#concept-appcache-onlinewhitelist-wildcard title=concept-appcache-onlinewhitelist-wildcard>online whitelist
- wildcard flag</a> is applied last, only for URLs that match
- neither the <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online
- whitelist namespace</a> nor the <a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>fallback namespace</a> and
- that are not listed in the <a href=#concept-appcache-manifest-explicit title=concept-appcache-manifest-explicit>explicit
- section</a>.</p>
+ <p>The <a href=#concept-appcache-onlinewhitelist-wildcard title=concept-appcache-onlinewhitelist-wildcard>online whitelist wildcard
+ flag</a> is applied last, only for URLs that match neither the <a href=#concept-appcache-onlinewhitelist title=concept-appcache-onlinewhitelist>online whitelist namespace</a> nor the <a href=#concept-appcache-fallback-ns title=concept-appcache-fallback-ns>fallback namespace</a> and that are not listed in the
+ <a href=#concept-appcache-manifest-explicit title=concept-appcache-manifest-explicit>explicit section</a>.</p>
</div>
@@ -69735,12 +69519,14 @@
<a href=#shows-caching-progress>shows caching progress</a>, the display of some sort of user interface indicating to
the user that the user agent failed to save the application for offline use.</p>
-<!--CLEANUP-->
<p>Otherwise, associate the <code><a href=#document>Document</a></code> for this entry with <var title="">cache</var>; store the resource for this entry in <var title="">cache</var>, if it
- isn't already there, and categorize its entry as a <a href=#concept-appcache-master title=concept-appcache-master>master entry</a>. If applying the <a href=#url-parser>URL parser</a> algorithm to the resource's <a href=#url>URL</a> results in a <a href=#parsed-url>parsed URL</a> that has a non-null
- <a href=#concept-url-fragment title=concept-url-fragment>fragment</a> component, the <a href=#url>URL</a> used for the
- entry in <var title="">cache</var> must instead be the <a href=#absolute-url>absolute URL</a> obtained from applying the <a href=#url-serializer>URL serializer</a> algorith, to the <a href=#parsed-url>parsed URL</a> with the <i>exclude fragment flag</i> set (application caches never include fragment
- identifiers).</p>
+ isn't already there, and categorize its entry as a <a href=#concept-appcache-master title=concept-appcache-master>master entry</a>. If applying the <a href=#url-parser>URL parser</a>
+ algorithm to the resource's <a href=#url>URL</a> results in a <a href=#parsed-url>parsed URL</a> that has a
+ non-null <a href=#concept-url-fragment title=concept-url-fragment>fragment</a> component, the <a href=#url>URL</a>
+ used for the entry in <var title="">cache</var> must instead be the <a href=#absolute-url>absolute URL</a>
+ obtained from applying the <a href=#url-serializer>URL serializer</a> algorith, to the <a href=#parsed-url>parsed
+ URL</a> with the <i>exclude fragment flag</i> set (application caches never include
+ fragment identifiers).</p>
</li>
@@ -70760,7 +70546,6 @@
</div>
-<!--CLEANUP-->
<div class=impl>
@@ -70769,15 +70554,15 @@
<h5 id=definitions-0><span class=secno>7.1.3.1 </span>Definitions</h5>
- <p>This specification describes three kinds of <a href=#javascript-global-environment title="JavaScript global environment">JavaScript global
- environments</a>: the <dfn id=document-environment>document environment</dfn>, the
- <dfn id=dedicated-worker-environment>dedicated worker environment</dfn>, and the <dfn id=shared-worker-environment>shared worker
- environment</dfn>. The <a href=#dedicated-worker-environment>dedicated worker environment</a> and
- the <a href=#shared-worker-environment>shared worker environment</a> are both types of <dfn id=worker-environment title="worker environment">worker environments</dfn>.</p>
+ <p>This specification describes three kinds of <a href=#javascript-global-environment title="JavaScript global
+ environment">JavaScript global environments</a>: the <dfn id=document-environment>document environment</dfn>, the
+ <dfn id=dedicated-worker-environment>dedicated worker environment</dfn>, and the <dfn id=shared-worker-environment>shared worker environment</dfn>. The
+ <a href=#dedicated-worker-environment>dedicated worker environment</a> and the <a href=#shared-worker-environment>shared worker environment</a> are both
+ types of <dfn id=worker-environment title="worker environment">worker environments</dfn>.</p>
- <p>Except where otherwise specified, a <a href=#javascript-global-environment>JavaScript global
- environment</a> is a <a href=#document-environment>document environment</a>.</p> <!--
- note that we never actually say where one of these is created... -->
+ <p>Except where otherwise specified, a <a href=#javascript-global-environment>JavaScript global environment</a> is a
+ <a href=#document-environment>document environment</a>.</p> <!-- note that we never actually say where one of these is
+ created... -->
<hr><p>A <dfn id=concept-script title=concept-script>script</dfn> has:</p>
@@ -70785,13 +70570,12 @@
<dd>
- <p>The characteristics of the script execution environment depend
- on the language, and are not defined by this specification.</p>
+ <p>The characteristics of the script execution environment depend on the language, and are not
+ defined by this specification.</p>
- <p class=example>In JavaScript, the script execution environment
- consists of the interpreter, the stack of <i>execution
- contexts</i>, the <i>global code</i> and <i>function code</i> and
- the <code>Function</code> objects resulting, and so forth.</p>
+ <p class=example>In JavaScript, the script execution environment consists of the interpreter,
+ the stack of <i>execution contexts</i>, the <i>global code</i> and <i>function code</i> and the
+ <code>Function</code> objects resulting, and so forth.</p>
</dd>
@@ -70799,21 +70583,18 @@
<dd>
- <p>Each code entry-point represents a block of executable code
- that the script exposes to other scripts and to the user
- agent.</p>
+ <p>Each code entry-point represents a block of executable code that the script exposes to other
+ scripts and to the user agent.</p>
- <p class=example>Each <code>Function</code> object in a
- JavaScript <a href=#script-execution-environment>script execution environment</a> has a
- corresponding code entry-point, for instance.</p>
+ <p class=example>Each <code>Function</code> object in a JavaScript <a href=#script-execution-environment>script execution
+ environment</a> has a corresponding code entry-point, for instance.</p>
- <p>The main program code of the script, if any, is the
- <dfn id=initial-code-entry-point><i>initial code entry-point</i></dfn>. Typically, the code
- corresponding to this entry-point is executed immediately after
- the script is parsed.</p>
+ <p>The main program code of the script, if any, is the <dfn id=initial-code-entry-point><i>initial code
+ entry-point</i></dfn>. Typically, the code corresponding to this entry-point is executed
+ immediately after the script is parsed.</p>
- <p class=example>In JavaScript, this corresponds to the
- execution context of the global code.</p>
+ <p class=example>In JavaScript, this corresponds to the execution context of the global
+ code.</p>
</dd>
@@ -70823,28 +70604,20 @@
<p>An object that provides the APIs that the code can use.</p>
- <p class=example>This is typically a <code><a href=#window>Window</a></code>
- object. In JavaScript, this corresponds to the <i>global
- object</i>.</p>
+ <p class=example>This is typically a <code><a href=#window>Window</a></code> object. In JavaScript, this
+ corresponds to the <i>global object</i>.</p>
- <p class=note>When a <a href="#script's-global-object">script's global object</a> is an
- empty object, it can't do anything that interacts with the
- environment.</p>
+ <p class=note>When a <a href="#script's-global-object">script's global object</a> is an empty object, it can't do
+ anything that interacts with the environment.</p>
- <p>If the <a href="#script's-global-object">script's global object</a> is a
- <code><a href=#window>Window</a></code> object, then in JavaScript, the ThisBinding of
- the global execution context for this script must be the
- <code><a href=#window>Window</a></code> object's <code><a href=#windowproxy>WindowProxy</a></code> object,
- rather than the global object. <a href=#refsECMA262>[ECMA262]</a></p>
+ <p>If the <a href="#script's-global-object">script's global object</a> is a <code><a href=#window>Window</a></code> object, then in
+ JavaScript, the ThisBinding of the global execution context for this script must be the
+ <code><a href=#window>Window</a></code> object's <code><a href=#windowproxy>WindowProxy</a></code> object, rather than the global object. <a href=#refsECMA262>[ECMA262]</a></p>
- <p class=note>This is a <a href=#willful-violation>willful violation</a> of the
- JavaScript specification current at the time of writing
- (ECMAScript edition 5, as defined in section 10.4.1.1 Initial
- Global Execution Context, step 3). The JavaScript specification
- requires that the <code title="">this</code> keyword in the global
- scope return the global object, but this is not compatible with
- the security design prevalent in implementations as specified
- herein. <a href=#refsECMA262>[ECMA262]</a></p>
+ <p class=note>This is a <a href=#willful-violation>willful violation</a> of the JavaScript specification current
+ at the time of writing (ECMAScript edition 5, as defined in section 10.4.1.1 Initial Global
+ Execution Context, step 3). The JavaScript specification requires that the <code title="">this</code> keyword in the global scope return the global object, but this is not
+ compatible with the security design prevalent in implementations as specified herein. <a href=#refsECMA262>[ECMA262]</a></p>
</dd>
@@ -70852,14 +70625,13 @@
<dd>
- <p>A <a href=#browsing-context>browsing context</a> that is assigned responsibility
- for actions taken by the script.</p>
+ <p>A <a href=#browsing-context>browsing context</a> that is assigned responsibility for actions taken by the
+ script.</p>
- <p class=example>When a script creates and <a href=#navigate title=navigate>navigates</a> a new <a href=#top-level-browsing-context>top-level browsing
- context</a>, the <code title=dom-opener><a href=#dom-opener>opener</a></code>
- attribute of the new <a href=#browsing-context>browsing context</a>'s
- <code><a href=#window>Window</a></code> object will be set to the <a href="#script's-browsing-context">script's
- browsing context</a>'s <code><a href=#windowproxy>WindowProxy</a></code> object.</p>
+ <p class=example>When a script creates and <a href=#navigate title=navigate>navigates</a> a new
+ <a href=#top-level-browsing-context>top-level browsing context</a>, the <code title=dom-opener><a href=#dom-opener>opener</a></code> attribute of
+ the new <a href=#browsing-context>browsing context</a>'s <code><a href=#window>Window</a></code> object will be set to the
+ <a href="#script's-browsing-context">script's browsing context</a>'s <code><a href=#windowproxy>WindowProxy</a></code> object.</p>
</dd>
@@ -70867,14 +70639,11 @@
<dd>
- <p>A <code><a href=#document>Document</a></code> that is assigned responsibility for
- actions taken by the script.</p>
+ <p>A <code><a href=#document>Document</a></code> that is assigned responsibility for actions taken by the script.</p>
- <p class=example>For example, the <a href="#the-document's-address" title="the document's
- address">address</a> of the <a href="#script's-document">script's document</a> is
- used to set the <a href="#the-document's-address" title="the document's
- address">address</a> of any <code><a href=#document>Document</a></code> elements
- created using <code title=dom-DOMImplementation-createDocument><a href=#dom-domimplementation-createdocument>createDocument()</a></code>.</p>
+ <p class=example>For example, the <a href="#the-document's-address" title="the document's address">address</a> of the
+ <a href="#script's-document">script's document</a> is used to set the <a href="#the-document's-address" title="the document's
+ address">address</a> of any <code><a href=#document>Document</a></code> elements created using <code title=dom-DOMImplementation-createDocument><a href=#dom-domimplementation-createdocument>createDocument()</a></code>.</p>
</dd>
@@ -70882,10 +70651,8 @@
<dd>
- <p>Either a <code><a href=#document>Document</a></code> (specifically, the
- <a href="#script's-document">script's document</a>), or a <a href=#url>URL</a>, which is
- used by some APIs to determine what value to use for the <code title=http-referer>Referer</code> (sic) header in calls to the
- <a href=#fetch title=fetch>fetching</a> algorithm.</p>
+ <p>Either a <code><a href=#document>Document</a></code> (specifically, the <a href="#script's-document">script's document</a>), or a
+ <a href=#url>URL</a>, which is used by some APIs to determine what value to use for the <code title=http-referer>Referer</code> (sic) header in calls to the <a href=#fetch title=fetch>fetching</a> algorithm.</p>
</dd>
@@ -70893,12 +70660,10 @@
<dd>
- <p>A character encoding, set when the script is created, used to
- encode URLs. <span id=sce-not-copy title="">If the character
- encoding is set from another source, e.g. a <a href="#document's-character-encoding">document's
- character encoding</a>, then the <a href="#script's-url-character-encoding">script's URL character
- encoding</a> must follow the source, so that if the source's
- changes, so does the script's.</span></p>
+ <p>A character encoding, set when the script is created, used to encode URLs. <span id=sce-not-copy title="">If the character encoding is set from another source, e.g. a
+ <a href="#document's-character-encoding">document's character encoding</a>, then the <a href="#script's-url-character-encoding">script's URL character
+ encoding</a> must follow the source, so that if the source's changes, so does the
+ script's.</span></p>
</dd>
@@ -70906,12 +70671,10 @@
<dd>
- <p>A <a href=#url>URL</a>, set when the script is created, used to
- resolve <a href=#relative-url title="relative url">relative URLs</a>. <span id=sbu-not-copy title="">If the
- base URL is set from another source, e.g. a <a href=#document-base-url>document base
- URL</a>, then the <a href="#script's-base-url">script's base URL</a> must follow
- the source, so that if the source's changes, so does the
- script's.</span></p>
+ <p>A <a href=#url>URL</a>, set when the script is created, used to resolve <a href=#relative-url title="relative
+ url">relative URLs</a>. <span id=sbu-not-copy title="">If the base URL is set from another
+ source, e.g. a <a href=#document-base-url>document base URL</a>, then the <a href="#script's-base-url">script's base URL</a> must
+ follow the source, so that if the source's changes, so does the script's.</span></p>
</dd>
@@ -73387,8 +73150,8 @@
</div>
-<!--CLEANUP-->
+
<h5 id=custom-handlers><span class=secno>7.5.1.3 </span>Custom scheme and content handlers</h5>
<pre class=idl>[NoInterfaceObject]
@@ -73402,20 +73165,16 @@
void <a href=#dom-navigator-unregistercontenthandler title=dom-navigator-unregisterContentHandler>unregisterContentHandler</a>(DOMString mimeType, DOMString url);
};</pre>
- <p>The <dfn id=dom-navigator-registerprotocolhandler title=dom-navigator-registerProtocolHandler><code>registerProtocolHandler()</code></dfn>
- method allows Web sites to register themselves as possible handlers
- for particular schemes. For example, an online telephone messaging
- service could register itself as a handler of the <code>sms:</code>
- scheme, so that if the user clicks on such a link, he is given the
- opportunity to use that Web site. Analogously, the <dfn id=dom-navigator-registercontenthandler title=dom-navigator-registerContentHandler><code>registerContentHandler()</code></dfn>
- method allows Web sites to register themselves as possible handlers
- for content in a particular <a href=#mime-type>MIME type</a>. For example, the
- same online telephone messaging service could register itself as a
- handler for <code>text/vcard</code> files, so that if the user has
- no native application capable of handling vCards, his Web browser
- can instead suggest he use that site to view contact information
- stored on vCards that he opens. <a href=#refsRFC5724>[RFC5724]</a>
- <a href=#refsRFC6350>RFC6350</a></p>
+ <p>The <dfn id=dom-navigator-registerprotocolhandler title=dom-navigator-registerProtocolHandler><code>registerProtocolHandler()</code></dfn> method
+ allows Web sites to register themselves as possible handlers for particular schemes. For example,
+ an online telephone messaging service could register itself as a handler of the <code>sms:</code>
+ scheme, so that if the user clicks on such a link, he is given the opportunity to use that Web
+ site. Analogously, the <dfn id=dom-navigator-registercontenthandler title=dom-navigator-registerContentHandler><code>registerContentHandler()</code></dfn> method
+ allows Web sites to register themselves as possible handlers for content in a particular
+ <a href=#mime-type>MIME type</a>. For example, the same online telephone messaging service could register
+ itself as a handler for <code>text/vcard</code> files, so that if the user has no native
+ application capable of handling vCards, his Web browser can instead suggest he use that site to
+ view contact information stored on vCards that he opens. <a href=#refsRFC5724>[RFC5724]</a> <a href=#refsRFC6350>RFC6350</a></p>
<dl class=domintro><dt><var title="">window</var> . <code title=dom-navigator><a href=#dom-navigator>navigator</a></code> . <code title=dom-navigator-registerProtocolHandler><a href=#dom-navigator-registerprotocolhandler>registerProtocolHandler</a></code>(<var title="">scheme</var>, <var title="">url</var>, <var title="">title</var>)</dt>
<dt><var title="">window</var> . <code title=dom-navigator><a href=#dom-navigator>navigator</a></code> . <code title=dom-navigator-registerContentHandler><a href=#dom-navigator-registercontenthandler>registerContentHandler</a></code>(<var title="">mimeType</var>, <var title="">url</var>, <var title="">title</var>)</dt>
@@ -73438,39 +73197,32 @@
</dl><div class=impl>
- <p>User agents may, within the constraints described in this
- section, do whatever they like when the methods are called. A UA
- could, for instance, prompt the user and offer the user the
- opportunity to add the site to a shortlist of handlers, or make the
- handlers his default, or cancel the request. UAs could provide such
- a UI through modal UI or through a non-modal transient notification
- interface. UAs could also simply silently collect the information,
- providing it only when relevant to the user.</p>
+ <p>User agents may, within the constraints described in this section, do whatever they like when
+ the methods are called. A UA could, for instance, prompt the user and offer the user the
+ opportunity to add the site to a shortlist of handlers, or make the handlers his default, or
+ cancel the request. UAs could provide such a UI through modal UI or through a non-modal transient
+ notification interface. UAs could also simply silently collect the information, providing it only
+ when relevant to the user.</p>
- <p>User agents should keep track of which sites have registered
- handlers (even if the user has declined such registrations) so that
- the user is not repeatedly prompted with the same request.</p>
+ <p>User agents should keep track of which sites have registered handlers (even if the user has
+ declined such registrations) so that the user is not repeatedly prompted with the same
+ request.</p>
- <p>The arguments to the methods have the following meanings and
- corresponding implementation requirements. The requirements that
- involve throwing exceptions must be processed in the order given
- below, stopping at the first exception thrown. (So the exceptions
- for the first argument take precedence over the exceptions for the
- second argument.)</p>
+ <p>The arguments to the methods have the following meanings and corresponding implementation
+ requirements. The requirements that involve throwing exceptions must be processed in the order
+ given below, stopping at the first exception thrown. (So the exceptions for the first argument
+ take precedence over the exceptions for the second argument.)</p>
<dl><dt><var title="">scheme</var> (<code title=dom-navigator-registerProtocolHandler><a href=#dom-navigator-registerprotocolhandler>registerProtocolHandler()</a></code> only)</dt>
<dd>
- <p>A scheme, such as <code>mailto</code> or <code>web+auth</code>.
- The scheme must be compared in an <a href=#ascii-case-insensitive>ASCII
- case-insensitive</a> manner by user agents for the purposes of
- comparing with the scheme part of URLs that they consider against
- the list of registered handlers.</p>
+ <p>A scheme, such as <code>mailto</code> or <code>web+auth</code>. The scheme must be compared
+ in an <a href=#ascii-case-insensitive>ASCII case-insensitive</a> manner by user agents for the purposes of comparing
+ with the scheme part of URLs that they consider against the list of registered handlers.</p>
- <p>The <var title="">scheme</var> value, if it contains a colon
- (as in "<code>mailto:</code>"), will never match anything, since
- schemes don't contain colons.</p>
+ <p>The <var title="">scheme</var> value, if it contains a colon (as in "<code>mailto:</code>"),
+ will never match anything, since schemes don't contain colons.</p>
<p>If the <code title=dom-navigator-registerProtocolHandler><a href=#dom-navigator-registerprotocolhandler>registerProtocolHandler()</a></code>
method is invoked with a scheme that is neither a <a href=#whitelisted-scheme>whitelisted scheme</a> nor a scheme
@@ -73479,8 +73231,7 @@
the "<code title="">web+</code>" prefix), the user agent must throw a <code><a href=#securityerror>SecurityError</a></code>
exception.</p>
- <p>The following schemes are the <dfn id=whitelisted-scheme title="whitelisted
- scheme">whitelisted schemes</dfn>:</p>
+ <p>The following schemes are the <dfn id=whitelisted-scheme title="whitelisted scheme">whitelisted schemes</dfn>:</p>
<ul class=brief><li><code title="">irc</code></li>
<li><code title="">geo</code></li>
@@ -73497,18 +73248,15 @@
<li><code title="">urn</code></li>
<li><code title="">webcal</code></li>
<li><code title="">xmpp</code></li>
- </ul><p class=note>This list can be changed. If there are schemes
- that should be added, please send feedback.</p>
+ </ul><p class=note>This list can be changed. If there are schemes that should be added, please send
+ feedback.</p>
- <p class=note>This list excludes any schemes that could
- reasonably be expected to be supported inline, e.g. in an
- <code><a href=#the-iframe-element>iframe</a></code>, such as <code title="">http</code> or (more
- theoretically) <code title="">gopher</code>. If those were
- supported, they could potentially be used in man-in-the-middle
- attacks, by replacing pages that have frames with such content
- with content under the control of the protocol handler. If the
- user agent has native support for the schemes, this could further
- be used for cookie-theft attacks.</p>
+ <p class=note>This list excludes any schemes that could reasonably be expected to be supported
+ inline, e.g. in an <code><a href=#the-iframe-element>iframe</a></code>, such as <code title="">http</code> or (more
+ theoretically) <code title="">gopher</code>. If those were supported, they could potentially be
+ used in man-in-the-middle attacks, by replacing pages that have frames with such content with
+ content under the control of the protocol handler. If the user agent has native support for the
+ schemes, this could further be used for cookie-theft attacks.</p>
</dd>
@@ -73516,33 +73264,26 @@
<dd>
- <p>A <a href=#mime-type>MIME type</a>, such as
- <code>model/vnd.flatland.3dml</code> or
- <code>application/vnd.google-earth.kml+xml</code>. The <a href=#mime-type>MIME
- type</a> must be compared in an <a href=#ascii-case-insensitive>ASCII
- case-insensitive</a> manner by user agents for the purposes of
- comparing with MIME types of documents that they consider against
- the list of registered handlers.</p>
+ <p>A <a href=#mime-type>MIME type</a>, such as <code>model/vnd.flatland.3dml</code> or
+ <code>application/vnd.google-earth.kml+xml</code>. The <a href=#mime-type>MIME type</a> must be compared
+ in an <a href=#ascii-case-insensitive>ASCII case-insensitive</a> manner by user agents for the purposes of comparing
+ with MIME types of documents that they consider against the list of registered handlers.</p>
- <p>User agents must compare the given values only to the MIME
- type/subtype parts of content types, not to the complete type
- including parameters. Thus, if <var title="">mimeType</var> values
- passed to this method include characters such as commas or
- whitespace, or include MIME parameters, then the handler being
- registered will never be used.</p>
+ <p>User agents must compare the given values only to the MIME type/subtype parts of content
+ types, not to the complete type including parameters. Thus, if <var title="">mimeType</var>
+ values passed to this method include characters such as commas or whitespace, or include MIME
+ parameters, then the handler being registered will never be used.</p>
- <p class=note>The type is compared to the <a href=#mime-type>MIME type</a>
- used by the user agent <em>after</em> the sniffing algorithms have
- been applied.</p>
+ <p class=note>The type is compared to the <a href=#mime-type>MIME type</a> used by the user agent
+ <em>after</em> the sniffing algorithms have been applied.</p>
<p>If the <code title=dom-navigator-registerContentHandler><a href=#dom-navigator-registercontenthandler>registerContentHandler()</a></code>
- method is invoked with a <a href=#mime-type>MIME type</a> that is in the
- <a href=#type-blacklist>type blacklist</a> or that the user agent has deemed a
- privileged type, the user agent must throw a
+ method is invoked with a <a href=#mime-type>MIME type</a> that is in the <a href=#type-blacklist>type blacklist</a> or
+ that the user agent has deemed a privileged type, the user agent must throw a
<code><a href=#securityerror>SecurityError</a></code> exception.</p>
- <p>The following <a href=#mime-type title="MIME type">MIME types</a> are in
- the <dfn id=type-blacklist>type blacklist</dfn>:</p>
+ <p>The following <a href=#mime-type title="MIME type">MIME types</a> are in the <dfn id=type-blacklist>type
+ blacklist</dfn>:</p>
<ul class=brief><li><code><a href=#application/x-www-form-urlencoded>application/x-www-form-urlencoded</a></code></li>
<li><code><a href=#application/xhtml+xml>application/xhtml+xml</a></code></li>
@@ -73560,8 +73301,8 @@
<li><code>text/xml</code></li>
<li>All types that the user agent supports displaying natively in a <a href=#browsing-context>browsing context</a> during <a href=#navigate title=navigate>navigation</a>, except for <code>application/rss+xml</code> and <code>application/atom+xml</code></li>
- </ul><p class=note>This list can be changed. If there are MIME types
- that should be added, please send feedback.</p>
+ </ul><p class=note>This list can be changed. If there are MIME types that should be added, please
+ send feedback.</p>
</dd>
@@ -73570,73 +73311,62 @@
<dd>
- <p>A string used to build the <a href=#url>URL</a> of the page that
- will handle the requests.</p>
+ <p>A string used to build the <a href=#url>URL</a> of the page that will handle the requests.</p>
- <p>User agents must throw a <code><a href=#syntaxerror>SyntaxError</a></code> exception if
- the <var title="">url</var> argument passed to one of these
- methods does not contain the exact literal string
+ <p>User agents must throw a <code><a href=#syntaxerror>SyntaxError</a></code> exception if the <var title="">url</var>
+ argument passed to one of these methods does not contain the exact literal string
"<code>%s</code>".</p>
- <p>User agents must throw a <code><a href=#syntaxerror>SyntaxError</a></code> if <a href=#resolve-a-url title="resolve a url">resolving</a> the <var title="">url</var>
- argument relative to the <a href=#entry-script>entry script</a>'s <a href="#script's-base-url" title="script's base URL">base URL</a>, is not successful.</p>
+ <p>User agents must throw a <code><a href=#syntaxerror>SyntaxError</a></code> if <a href=#resolve-a-url title="resolve a
+ url">resolving</a> the <var title="">url</var> argument relative to the <a href=#entry-script>entry
+ script</a>'s <a href="#script's-base-url" title="script's base URL">base URL</a>, is not successful.</p>
- <p class=note>The resulting <a href=#absolute-url>absolute URL</a> would by
- definition not be a <a href=#valid-url>valid URL</a> as it would include the
- string "<code title="">%s</code>" which is not a valid component
- in a URL.</p>
+ <p class=note>The resulting <a href=#absolute-url>absolute URL</a> would by definition not be a <a href=#valid-url>valid
+ URL</a> as it would include the string "<code title="">%s</code>" which is not a valid
+ component in a URL.</p>
- <p>User agents must throw a <code><a href=#securityerror>SecurityError</a></code> exception if
- the resulting <a href=#absolute-url>absolute URL</a> has an <a href=#origin>origin</a>
- that differs from the <a href=#origin>origin</a> of the <a href=#entry-script>entry
- script</a>.</p>
+ <p>User agents must throw a <code><a href=#securityerror>SecurityError</a></code> exception if the resulting <a href=#absolute-url>absolute
+ URL</a> has an <a href=#origin>origin</a> that differs from the <a href=#origin>origin</a> of the
+ <a href=#entry-script>entry script</a>.</p>
- <p class=note>This is forcibly the case if the <code title="">%s</code> placeholder is in the scheme, host, or port
- parts of the URL.</p>
+ <p class=note>This is forcibly the case if the <code title="">%s</code> placeholder is in the
+ scheme, host, or port parts of the URL.</p>
- <p>The resulting <a href=#absolute-url>absolute URL</a> is the
- <dfn id=proto-url>proto-URL</dfn>. It identifies the handler for the purposes
- of the methods described below.</p>
+ <p>The resulting <a href=#absolute-url>absolute URL</a> is the <dfn id=proto-url>proto-URL</dfn>. It identifies the
+ handler for the purposes of the methods described below.</p>
- <p>When the user agent uses this handler, it must replace the
- first occurrence of the exact literal string "<code title="">%s</code>" in the <var title="">url</var> argument with
- an escaped version of the <a href=#absolute-url>absolute URL</a> of the content
- in question (as defined below), then <a href=#resolve-a-url title="resolve a
- url">resolve</a> the resulting URL, relative to the <a href="#script's-base-url" title="script's base URL">base URL</a> of the <a href=#entry-script>entry
- script</a> at the time the <code title=dom-navigator-registerContentHandler><a href=#dom-navigator-registercontenthandler>registerContentHandler()</a></code>
- or <code title=dom-navigator-registerProtocolHandler><a href=#dom-navigator-registerprotocolhandler>registerProtocolHandler()</a></code>
- methods were invoked, and then <a href=#navigate>navigate</a><!--DONAV
- user--> an appropriate <a href=#browsing-context>browsing context</a> to the
- resulting URL using the GET method (<a href=#concept-http-equivalent-get title=concept-http-equivalent-get>or equivalent</a> for
- non-HTTP URLs).</p>
+ <p>When the user agent uses this handler, it must replace the first occurrence of the exact
+ literal string "<code title="">%s</code>" in the <var title="">url</var> argument with an
+ escaped version of the <a href=#absolute-url>absolute URL</a> of the content in question (as defined below),
+ then <a href=#resolve-a-url title="resolve a url">resolve</a> the resulting URL, relative to the <a href="#script's-base-url" title="script's base URL">base URL</a> of the <a href=#entry-script>entry script</a> at the time the <code title=dom-navigator-registerContentHandler><a href=#dom-navigator-registercontenthandler>registerContentHandler()</a></code> or <code title=dom-navigator-registerProtocolHandler><a href=#dom-navigator-registerprotocolhandler>registerProtocolHandler()</a></code> methods were
+ invoked, and then <a href=#navigate>navigate</a><!--DONAV user--> an appropriate <a href=#browsing-context>browsing
+ context</a> to the resulting URL using the GET method (<a href=#concept-http-equivalent-get title=concept-http-equivalent-get>or equivalent</a> for non-HTTP URLs).</p>
<p>To get the escaped version of the <a href=#absolute-url>absolute URL</a> of the content in question, the
user agent must replace every character in that <a href=#absolute-url>absolute URL</a> that is not a
- character in the URL <a href=#default-encode-set>default encode set</a> with the result of <a href=#utf-8-percent-encode title="UTF-8 percent
- encode">UTF-8 percent encoding</a> that character.</p>
+ character in the URL <a href=#default-encode-set>default encode set</a> with the result of <a href=#utf-8-percent-encode title="UTF-8
+ percent encode">UTF-8 percent encoding</a> that character.</p>
<div class=example>
- <p>If the user had visited a site at <code title="">http://example.com/</code> that made the following
- call:</p>
+ <p>If the user had visited a site at <code title="">http://example.com/</code> that made the
+ following call:</p>
<pre>navigator.registerContentHandler('application/x-soup', 'soup?url=%s', 'SoupWeb™')</pre>
- <p>...and then, much later, while visiting <code title="">http://www.example.net/</code>, clicked on a link such
- as:</p>
+ <p>...and then, much later, while visiting <code title="">http://www.example.net/</code>,
+ clicked on a link such as:</p>
<pre><a href="chickenkïwi.soup">Download our Chicken Kïwi soup!</a></pre>
- <p>...then, assuming this <code>chickenkïwi.soup</code> file
- was served with the <a href=#mime-type>MIME type</a>
- <code>application/x-soup</code>, the UA might navigate to the
- following URL:</p>
+ <p>...then, assuming this <code>chickenkïwi.soup</code> file was served with the
+ <a href=#mime-type>MIME type</a> <code>application/x-soup</code>, the UA might navigate to the following
+ URL:</p>
<pre>http://example.com/soup?url=http://www.example.net/chickenk%C3%AFwi.soup</pre>
- <p>This site could then fetch the <code>chickenkïwi.soup</code>
- file and do whatever it is that it does with soup (synthesize it
- and ship it to the user, or whatever).</p>
+ <p>This site could then fetch the <code>chickenkïwi.soup</code> file and do whatever it is
+ that it does with soup (synthesize it and ship it to the user, or whatever).</p>
</div>
@@ -73646,53 +73376,50 @@
<dd>
- <p>A descriptive title of the handler, which the UA might use to
- remind the user what the site in question is.</p>
+ <p>A descriptive title of the handler, which the UA might use to remind the user what the site
+ in question is.</p>
</dd>
- </dl><p>This section does not define how the pages registered by these
- methods are used, beyond the requirements on how to process the <var title="">url</var> value (see above). To some extent, the <a href=#navigate title=navigate>processing model for navigating across
- documents</a> defines some cases where these methods are
- relevant, but in general UAs may use this information wherever they
- would otherwise consider handing content to native plugins or helper
- applications.</p>
+ </dl><p>This section does not define how the pages registered by these methods are used, beyond the
+ requirements on how to process the <var title="">url</var> value (see above). To some extent, the
+ <a href=#navigate title=navigate>processing model for navigating across documents</a> defines some cases
+ where these methods are relevant, but in general UAs may use this information wherever they would
+ otherwise consider handing content to native plugins or helper applications.</p>
- <p>UAs must not use registered content handlers to handle content
- that was returned as part of a non-GET transaction (or rather, as
- part of any non-idempotent transaction), as the remote site would
- not be able to fetch the same data.</p>
+ <p>UAs must not use registered content handlers to handle content that was returned as part of a
+ non-GET transaction (or rather, as part of any non-idempotent transaction), as the remote site
+ would not be able to fetch the same data.</p>
<hr></div>
- <p>In addition to the registration methods, there are also methods
- for determining if particular handlers have been registered, and for
- unregistering handlers.</p>
+ <p>In addition to the registration methods, there are also methods for determining if particular
+ handlers have been registered, and for unregistering handlers.</p>
<dl class=domintro><dt><var title="">state</var> = <var title="">window</var> . <code title=dom-navigator><a href=#dom-navigator>navigator</a></code> . <code title=dom-navigator-isProtocolHandlerRegistered><a href=#dom-navigator-isprotocolhandlerregistered>isProtocolHandlerRegistered</a></code>(<var title="">scheme</var>, <var title="">url</var>)</dt>
<dt><var title="">state</var> = <var title="">window</var> . <code title=dom-navigator><a href=#dom-navigator>navigator</a></code> . <code title=dom-navigator-isContentHandlerRegistered><a href=#dom-navigator-iscontenthandlerregistered>isContentHandlerRegistered</a></code>(<var title="">mimeType</var>, <var title="">url</var>)</dt>
<dd>
- <p>Returns one of the following strings describing the state of
- the handler given by the arguments:</p>
+ <p>Returns one of the following strings describing the state of the handler given by the
+ arguments:</p>
<dl><dt><code title="">new</code>
- <dd>Indicates that no attempt has been made to register the given
- handler (or that the handler has been unregistered). It would be
- appropriate to promote the availability of the handler or to just
- automatically register the handler.
+ <dd>Indicates that no attempt has been made to register the given handler (or that the handler
+ has been unregistered). It would be appropriate to promote the availability of the handler or
+ to just automatically register the handler.
+
<dt><code title="">registered</code>
- <dd>Indicates that the given handler has been registered or that
- the site is blocked from registering the handler. Trying to
- register the handler again would have no effect.
+ <dd>Indicates that the given handler has been registered or that the site is blocked from
+ registering the handler. Trying to register the handler again would have no effect.
+
<dt><code title="">declined</code>
- <dd>Indicates that the given handler has been offered but was
- rejected. Trying to register the handler again may prompt the
- user again.
+ <dd>Indicates that the given handler has been offered but was rejected. Trying to register the
+ handler again may prompt the user again.
+
</dl></dd>
<dt><var title="">state</var> = <var title="">window</var> . <code title=dom-navigator><a href=#dom-navigator>navigator</a></code> . <code title=dom-navigator-unregisterProtocolHandler><a href=#dom-navigator-unregisterprotocolhandler>unregisterProtocolHandler</a></code>(<var title="">scheme</var>, <var title="">url</var>)</dt>
@@ -73707,153 +73434,129 @@
</dl><div class=impl>
<p>The <dfn id=dom-navigator-isprotocolhandlerregistered title=dom-navigator-isProtocolHandlerRegistered><code>isProtocolHandlerRegistered()</code></dfn>
- method must return the <a href=#handler-state-string>handler state string</a> that most
- closely describes the current state of the handler described by the
- two arguments to the method, where the first argument gives the
- scheme and the second gives the string used to build the
- <a href=#url>URL</a> of the page that will handle the requests.
+ method must return the <a href=#handler-state-string>handler state string</a> that most closely describes the current
+ state of the handler described by the two arguments to the method, where the first argument gives
+ the scheme and the second gives the string used to build the <a href=#url>URL</a> of the page that
+ will handle the requests.
<a class=fingerprint href=#fingerprint><img alt="(This is a fingerprinting vector.)" src=http://images.whatwg.org/fingerprint.png></a>
</p>
- <p>The first argument must be compared to the schemes for which
- custom protocol handlers are registered in an <a href=#ascii-case-insensitive>ASCII
- case-insensitive</a> manner to find the relevant handlers.</p>
+ <p>The first argument must be compared to the schemes for which custom protocol handlers are
+ registered in an <a href=#ascii-case-insensitive>ASCII case-insensitive</a> manner to find the relevant handlers.</p>
- <p>The second argument must be preprocessed as described below, and
- if that is successful, must then be matched against the <a href=#proto-url title=proto-URL>proto-URLs</a> of the relevant handlers to find
- the described handler.</p>
+ <p>The second argument must be preprocessed as described below, and if that is successful, must
+ then be matched against the <a href=#proto-url title=proto-URL>proto-URLs</a> of the relevant handlers to
+ find the described handler.</p>
<hr><p>The <dfn id=dom-navigator-iscontenthandlerregistered title=dom-navigator-isContentHandlerRegistered><code>isContentHandlerRegistered()</code></dfn>
- method must return the <a href=#handler-state-string>handler state string</a> that most
- closely describes the current state of the handler described by the
- two arguments to the method, where the first argument gives the
- <a href=#mime-type>MIME type</a> and the second gives the string used to build
- the <a href=#url>URL</a> of the page that will handle the requests.
+ method must return the <a href=#handler-state-string>handler state string</a> that most closely describes the current
+ state of the handler described by the two arguments to the method, where the first argument gives
+ the <a href=#mime-type>MIME type</a> and the second gives the string used to build the <a href=#url>URL</a> of
+ the page that will handle the requests.
<a class=fingerprint href=#fingerprint><img alt="(This is a fingerprinting vector.)" src=http://images.whatwg.org/fingerprint.png></a>
</p>
- <p>The first argument must be compared to the <a href=#mime-type title="MIME
- type">MIME types</a> for which custom content handlers are
- registered in an <a href=#ascii-case-insensitive>ASCII case-insensitive</a> manner to find
+ <p>The first argument must be compared to the <a href=#mime-type title="MIME type">MIME types</a> for which
+ custom content handlers are registered in an <a href=#ascii-case-insensitive>ASCII case-insensitive</a> manner to find
the relevant handlers.</p>
- <p>The second argument must be preprocessed as described below, and
- if that is successful, must then be matched against the
- <a href=#proto-url title=proto-URL>proto-URLs</a> of the relevant handlers to
+ <p>The second argument must be preprocessed as described below, and if that is successful, must
+ then be matched against the <a href=#proto-url title=proto-URL>proto-URLs</a> of the relevant handlers to
find the described handler.</p>
- <hr><p>The <dfn id=handler-state-string title="handler state string">handler state strings</dfn>
- are the following strings. Each string describes several situations,
- as given by the following list.</p>
+ <hr><p>The <dfn id=handler-state-string title="handler state string">handler state strings</dfn> are the following strings.
+ Each string describes several situations, as given by the following list.</p>
<dl><dt><code title="">new</code>
- <dd>The described handler has never been registered for the given
- scheme or type.
+ <dd>The described handler has never been registered for the given scheme or type.
- <dd>The described handler was once registered for the given scheme
- or type, but the site has since unregistered it. If the handler
- were to be reregistered, the user would be notified accordingly.
+ <dd>The described handler was once registered for the given scheme or type, but the site has
+ since unregistered it. If the handler were to be reregistered, the user would be notified
+ accordingly.
- <dd>The described handler was once registered for the given scheme
- or type, but the site has since unregistered it, but the user has
- indicated that the site is to be blocked from registering the type
- again, so the user agent would ignore further registration attempts.
+ <dd>The described handler was once registered for the given scheme or type, but the site has
+ since unregistered it, but the user has indicated that the site is to be blocked from registering
+ the type again, so the user agent would ignore further registration attempts.
<dt><code title="">registered</code>
- <dd>An attempt was made to register the described handler for the
- given scheme or type, but the user has not yet been notified, and
- the user agent would ignore further registration attempts. (Maybe
- the user agent batches registration requests to display them when
- the user requests to be notified about them, and the user has not
- yet requested that the user agent notify it of the previous
- registration attempt.)
+ <dd>An attempt was made to register the described handler for the given scheme or type, but the
+ user has not yet been notified, and the user agent would ignore further registration attempts.
+ (Maybe the user agent batches registration requests to display them when the user requests to be
+ notified about them, and the user has not yet requested that the user agent notify it of the
+ previous registration attempt.)
- <dd>The described handler is registered for the given scheme or
- type (maybe, or maybe not, as the default handler).
+ <dd>The described handler is registered for the given scheme or type (maybe, or maybe not, as the
+ default handler).
- <dd>The described handler is permanently blocked from being
- (re)registered. (Maybe the user marked the registration attempt as
- spam, or blocked the site for other reasons.)
+ <dd>The described handler is permanently blocked from being (re)registered. (Maybe the user
+ marked the registration attempt as spam, or blocked the site for other reasons.)
<dt><code title="">declined</code>
- <dd>An attempt was made to register the described handler for the
- given scheme or type, but the user has not yet been notified;
- however, the user might be notified if another registration attempt
- were to be made. (Maybe the last registration attempt was made
- while the page was in the background and the user closed the page
- without looking at it, and the user agent requires confirmation for
- this registration attempt.)
+ <dd>An attempt was made to register the described handler for the given scheme or type, but the
+ user has not yet been notified; however, the user might be notified if another registration
+ attempt were to be made. (Maybe the last registration attempt was made while the page was in the
+ background and the user closed the page without looking at it, and the user agent requires
+ confirmation for this registration attempt.)
- <dd>An attempt was made to register the described handler for the
- given scheme or type, but the user has not yet responded.
+ <dd>An attempt was made to register the described handler for the given scheme or type, but the
+ user has not yet responded.
- <dd>An attempt was made to register the described handler for the
- given scheme or type, but the user declined the offer. The user has
- not indicated that the handler is to be permanently blocked,
- however, so another attempt to register the described handler might
- result in the user being prompted again.
+ <dd>An attempt was made to register the described handler for the given scheme or type, but the
+ user declined the offer. The user has not indicated that the handler is to be permanently
+ blocked, however, so another attempt to register the described handler might result in the user
+ being prompted again.
- <dd>The described handler was once registered for the given scheme
- or type, but the user has since removed it. The user has not
- indicated that the handler is to be permanently blocked, however,
- so another attempt to register the described handler might result
- in the user being prompted again.
+ <dd>The described handler was once registered for the given scheme or type, but the user has
+ since removed it. The user has not indicated that the handler is to be permanently blocked,
+ however, so another attempt to register the described handler might result in the user being
+ prompted again.
</dl><hr><p>The <dfn id=dom-navigator-unregisterprotocolhandler title=dom-navigator-unregisterProtocolHandler><code>unregisterProtocolHandler()</code></dfn>
- method must unregister the handler described by the two arguments to
- the method, where the first argument gives the scheme and the second
- gives the string used to build the <a href=#url>URL</a> of the page that
- will handle the requests.</p>
+ method must unregister the handler described by the two arguments to the method, where the first
+ argument gives the scheme and the second gives the string used to build the <a href=#url>URL</a> of
+ the page that will handle the requests.</p>
- <p>The first argument must be compared to the schemes for which
- custom protocol handlers are registered in an <a href=#ascii-case-insensitive>ASCII
- case-insensitive</a> manner to find the relevant handlers.</p>
+ <p>The first argument must be compared to the schemes for which custom protocol handlers are
+ registered in an <a href=#ascii-case-insensitive>ASCII case-insensitive</a> manner to find the relevant handlers.</p>
- <p>The second argument must be preprocessed as described below, and
- if that is successful, must then be matched against the <a href=#proto-url title=proto-URL>proto-URLs</a> of the relevant handlers to find
- the described handler.</p>
+ <p>The second argument must be preprocessed as described below, and if that is successful, must
+ then be matched against the <a href=#proto-url title=proto-URL>proto-URLs</a> of the relevant handlers to
+ find the described handler.</p>
<hr><p>The <dfn id=dom-navigator-unregistercontenthandler title=dom-navigator-unregisterContentHandler><code>unregisterContentHandler()</code></dfn>
- method must unregister the handler described by the two arguments to
- the method, where the first argument gives the <a href=#mime-type>MIME
- type</a> and the second gives the string used to build the
+ method must unregister the handler described by the two arguments to the method, where the first
+ argument gives the <a href=#mime-type>MIME type</a> and the second gives the string used to build the
<a href=#url>URL</a> of the page that will handle the requests.</p>
- <p>The first argument must be compared to the <a href=#mime-type title="MIME
- type">MIME types</a> for which custom content handlers are
- registered in an <a href=#ascii-case-insensitive>ASCII case-insensitive</a> manner to find
+ <p>The first argument must be compared to the <a href=#mime-type title="MIME type">MIME types</a> for which
+ custom content handlers are registered in an <a href=#ascii-case-insensitive>ASCII case-insensitive</a> manner to find
the relevant handlers.</p>
- <p>The second argument must be preprocessed as described below, and
- if that is successful, must then be matched against the
- <a href=#proto-url title=proto-URL>proto-URLs</a> of the relevant handlers to
+ <p>The second argument must be preprocessed as described below, and if that is successful, must
+ then be matched against the <a href=#proto-url title=proto-URL>proto-URLs</a> of the relevant handlers to
find the described handler.</p>
- <hr><p>The second argument of the four methods described above must be
- preprocessed as follows:</p>
+ <hr><p>The second argument of the four methods described above must be preprocessed as follows:</p>
- <ol><li><p>If the string does not contain the substring "<code title="">%s</code>", abort these steps. There's no matching
- handler.</li>
+ <ol><li><p>If the string does not contain the substring "<code title="">%s</code>", abort these
+ steps. There's no matching handler.</li>
- <li><p><a href=#resolve-a-url title="resolve a URL">Resolve</a> the string
- relative to the <a href="#script's-base-url" title="script's base URL">base URL</a> of
- the <a href=#entry-script>entry script</a>.</li>
+ <li><p><a href=#resolve-a-url title="resolve a URL">Resolve</a> the string relative to the <a href="#script's-base-url" title="script's base URL">base URL</a> of the <a href=#entry-script>entry script</a>.</li>
- <li><p>If this fails, then throw a <code><a href=#syntaxerror>SyntaxError</a></code>
- exception, aborting the method.</li>
+ <li><p>If this fails, then throw a <code><a href=#syntaxerror>SyntaxError</a></code> exception, aborting the
+ method.</li>
- <li><p>If the resoluting <a href=#absolute-url>absolute URL</a>'s
- <a href=#origin>origin</a> is not the <a href=#same-origin>same origin</a> as that of
- the <a href=#entry-script>entry script</a> throw a <a href=#securityerror>SecurityError</a>
+ <li><p>If the resoluting <a href=#absolute-url>absolute URL</a>'s <a href=#origin>origin</a> is not the <a href=#same-origin>same
+ origin</a> as that of the <a href=#entry-script>entry script</a> throw a <a href=#securityerror>SecurityError</a>
exception, aborting the method.</li>
- <li><p>Return the resulting <a href=#absolute-url>absolute URL</a> as the result
- of preprocessing the argument.</li>
+ <li><p>Return the resulting <a href=#absolute-url>absolute URL</a> as the result of preprocessing the
+ argument.</li>
</ol></div>
@@ -73864,82 +73567,66 @@
<h6 id=security-and-privacy><span class=secno>7.5.1.3.1 </span>Security and privacy</h6>
- <p>These mechanisms can introduce a number of concerns, in
- particular privacy concerns.</p>
+ <p>These mechanisms can introduce a number of concerns, in particular privacy concerns.</p>
- <p><strong>Hijacking all Web usage.</strong> User agents should not
- allow schemes that are key to its normal operation, such as
- <code>http</code> or <code>https</code>, to be rerouted through
- third-party sites. This would allow a user's activities to be
- trivially tracked, and would allow user information, even in secure
- connections, to be collected.</p>
+ <p><strong>Hijacking all Web usage.</strong> User agents should not allow schemes that are key to
+ its normal operation, such as <code>http</code> or <code>https</code>, to be rerouted through
+ third-party sites. This would allow a user's activities to be trivially tracked, and would allow
+ user information, even in secure connections, to be collected.</p>
<p><strong>Hijacking defaults.</strong> User agents are strongly urged to not automatically change
any defaults, as this could lead the user to send data to remote hosts that the user is not
expecting. New handlers registering themselves should never automatically cause those sites to be
used.</p>
- <p><strong>Registration spamming.</strong> User agents should
- consider the possibility that a site will attempt to register a
- large number of handlers, possibly from multiple domains (e.g. by
- redirecting through a series of pages each on a different domain,
- and each registering a handler for <code>video/mpeg</code> —
- analogous practices abusing other Web browser features have been
- used by pornography Web sites for many years). User agents should
- gracefully handle such hostile attempts, protecting the user.</p>
+ <p><strong>Registration spamming.</strong> User agents should consider the possibility that a site
+ will attempt to register a large number of handlers, possibly from multiple domains (e.g. by
+ redirecting through a series of pages each on a different domain, and each registering a handler
+ for <code>video/mpeg</code> — analogous practices abusing other Web browser features have
+ been used by pornography Web sites for many years). User agents should gracefully handle such
+ hostile attempts, protecting the user.</p>
- <p><strong>Misleading titles.</strong> User agents should not rely
- wholly on the <var title="">title</var> argument to the methods when
- presenting the registered handlers to the user, since sites could
- easily lie. For example, a site <code>hostile.example.net</code>
- could claim that it was registering the "Cuddly Bear Happy Content
- Handler". User agents should therefore use the handler's domain in
- any UI along with any title.</p>
+ <p><strong>Misleading titles.</strong> User agents should not rely wholly on the <var title="">title</var> argument to the methods when presenting the registered handlers to the user,
+ since sites could easily lie. For example, a site <code>hostile.example.net</code> could claim
+ that it was registering the "Cuddly Bear Happy Content Handler". User agents should therefore use
+ the handler's domain in any UI along with any title.</p>
- <p><strong>Hostile handler metadata.</strong> User agents should
- protect against typical attacks against strings embedded in their
- interface, for example ensuring that markup or escape characters in
- such strings are not executed, that null bytes are properly handled,
- that over-long strings do not cause crashes or buffer overruns, and
- so forth.</p>
+ <p><strong>Hostile handler metadata.</strong> User agents should protect against typical attacks
+ against strings embedded in their interface, for example ensuring that markup or escape characters
+ in such strings are not executed, that null bytes are properly handled, that over-long strings do
+ not cause crashes or buffer overruns, and so forth.</p>
- <p><strong>Leaking Intranet URLs.</strong> The mechanism described
- in this section can result in secret Intranet URLs being leaked, in
- the following manner:</p>
+ <p><strong>Leaking Intranet URLs.</strong> The mechanism described in this section can result in
+ secret Intranet URLs being leaked, in the following manner:</p>
- <ol><li>The user registers a third-party content handler as the default
- handler for a content type.</li>
+ <ol><li>The user registers a third-party content handler as the default handler for a content
+ type.</li>
- <li>The user then browses his corporate Intranet site and accesses
- a document that uses that content type.</li>
+ <li>The user then browses his corporate Intranet site and accesses a document that uses that
+ content type.</li>
- <li>The user agent contacts the third party and hands the third
- party the URL to the Intranet content.</li>
+ <li>The user agent contacts the third party and hands the third party the URL to the Intranet
+ content.</li>
- </ol><p>No actual confidential file data is leaked in this manner, but
- the URLs themselves could contain confidential information. For
- example, the URL could be
- <code>http://www.corp.example.com/upcoming-aquisitions/the-sample-company.egf</code>,
- which might tell the third party that Example Corporation is
- intending to merge with The Sample Company. Implementors might wish
- to consider allowing administrators to disable this feature for
- certain subdomains, content types, or schemes.</p>
+ </ol><p>No actual confidential file data is leaked in this manner, but the URLs themselves could
+ contain confidential information. For example, the URL could be
+ <code>http://www.corp.example.com/upcoming-aquisitions/the-sample-company.egf</code>, which might
+ tell the third party that Example Corporation is intending to merge with The Sample Company.
+ Implementors might wish to consider allowing administrators to disable this feature for certain
+ subdomains, content types, or schemes.</p>
- <p><strong>Leaking secure URLs.</strong> User agents should not send
- HTTPS URLs to third-party sites registered as content handlers
- without the user's informed consent, for the same reason that user
- agents sometimes avoid sending <code title=http-referer>Referer</code> (sic) HTTP headers from secure
- sites to third-party sites.</p>
+ <p><strong>Leaking secure URLs.</strong> User agents should not send HTTPS URLs to third-party
+ sites registered as content handlers without the user's informed consent, for the same reason that
+ user agents sometimes avoid sending <code title=http-referer>Referer</code> (sic) HTTP headers
+ from secure sites to third-party sites.</p>
- <p><strong>Leaking credentials.</strong> User agents must never send
- username or password information in the URLs that are escaped and
- included sent to the handler sites. User agents may even avoid
- attempting to pass to Web-based handlers the URLs of resources
- that are known to require authentication to access, as such sites
- would be unable to access the resources in question without
- prompting the user for credentials themselves (a practice that would
- require the user to know whether to trust the third-party handler, a
- decision many users are unable to make or even understand).</p>
+ <p><strong>Leaking credentials.</strong> User agents must never send username or password
+ information in the URLs that are escaped and included sent to the handler sites. User agents may
+ even avoid attempting to pass to Web-based handlers the URLs of resources that are known to
+ require authentication to access, as such sites would be unable to access the resources in
+ question without prompting the user for credentials themselves (a practice that would require the
+ user to know whether to trust the third-party handler, a decision many users are unable to make or
+ even understand).</p>
<p><strong>Interface interference.</strong> User agents should be prepared to handle intentionally
long arguments to the methods. For example, if the user interface exposed consists of an "accept"
@@ -73962,43 +73649,36 @@
<p><i>This section is non-normative.</i></p>
- <p>A simple implementation of this feature for a desktop Web browser
- might work as follows.</p>
+ <p>A simple implementation of this feature for a desktop Web browser might work as follows.</p>
- <p>The <code title=dom-navigator-registerContentHandler><a href=#dom-navigator-registercontenthandler>registerContentHandler()</a></code>
- method could display a modal dialog box:</p>
+ <p>The <code title=dom-navigator-registerContentHandler><a href=#dom-navigator-registercontenthandler>registerContentHandler()</a></code> method
+ could display a modal dialog box:</p>
<p><img alt="The modal dialog box could have the title 'Content Handler Registration', and could say 'This Web page: Kittens at work http://kittens.example.org/ ...would like permission to handle files of type: application/x-meowmeow using the following Web-based application: Kittens-at-work displayer http://kittens.example.org/?show=%s Do you trust the administrators of the "kittens.example.org" domain?' with two buttons, 'Trust kittens.example.org' and 'Cancel'." height=374 src=http://images.whatwg.org/sample-content-handler-registration.png width=534></p>
- <p>In this dialog box, "Kittens at work" is the title of the page
- that invoked the method, "http://kittens.example.org/" is the URL of
- that page, "application/x-meowmeow" is the string that was passed to
- the <code title=dom-navigator-registerContentHandler><a href=#dom-navigator-registercontenthandler>registerContentHandler()</a></code>
- method as its first argument (<var title="">mimeType</var>),
- "http://kittens.example.org/?show=%s" was the second argument (<var title="">url</var>), and "Kittens-at-work displayer" was the third
- argument (<var title="">title</var>).</p>
+ <p>In this dialog box, "Kittens at work" is the title of the page that invoked the method,
+ "http://kittens.example.org/" is the URL of that page, "application/x-meowmeow" is the string that
+ was passed to the <code title=dom-navigator-registerContentHandler><a href=#dom-navigator-registercontenthandler>registerContentHandler()</a></code> method as its first
+ argument (<var title="">mimeType</var>), "http://kittens.example.org/?show=%s" was the second
+ argument (<var title="">url</var>), and "Kittens-at-work displayer" was the third argument (<var title="">title</var>).</p>
- <p>If the user clicks the Cancel button, then nothing further
- happens. If the user clicks the "Trust" button, then the handler is
- remembered.</p>
+ <p>If the user clicks the Cancel button, then nothing further happens. If the user clicks the
+ "Trust" button, then the handler is remembered.</p>
- <p>When the user then attempts to fetch a URL that uses the
- "application/x-meowmeow" <a href=#mime-type>MIME type</a>, then it might
- display a dialog as follows:</p>
+ <p>When the user then attempts to fetch a URL that uses the "application/x-meowmeow" <a href=#mime-type>MIME
+ type</a>, then it might display a dialog as follows:</p>
<p><img alt="The dialog box could have the title 'Unknown File Type' and could say 'You have attempted to access:' followed by a URL, followed by a prompt such as 'How would you like FerretBrowser to handle this resource?' with three radio buttons, one saying 'Contact the FerretBrowser plugin registry to see if there is an official way to handle this resource.', one saying 'Pass this URL to a local application' with an application selector, and one saying 'Pass this URL to the "Kittens-at-work displayer" application at "kittens.example.org"', with a checkbox labeled 'Always do this for resources using the "application/x-meowmeow" type in future.', and with two buttons, 'Ok' and 'Cancel'." height=428 src=http://images.whatwg.org/sample-content-handler.png width=577></p>
- <p>In this dialog, the third option is the one that was primed by
- the site registering itself earlier.</p>
+ <p>In this dialog, the third option is the one that was primed by the site registering itself
+ earlier.</p>
- <p>If the user does select that option, then the browser, in
- accordance with the requirements described in the previous two
- sections, will redirect the user to
+ <p>If the user does select that option, then the browser, in accordance with the requirements
+ described in the previous two sections, will redirect the user to
"http://kittens.example.org/?show=data%3Aapplication/x-meowmeow;base64,S2l0dGVucyBhcmUgdGhlIGN1dGVzdCE%253D".</p>
- <p>The <code title=dom-navigator-registerProtocolHandler><a href=#dom-navigator-registerprotocolhandler>registerProtocolHandler()</a></code>
- method would work equivalently, but for schemes instead of unknown
- content types.</p>
+ <p>The <code title=dom-navigator-registerProtocolHandler><a href=#dom-navigator-registerprotocolhandler>registerProtocolHandler()</a></code> method
+ would work equivalently, but for schemes instead of unknown content types.</p>
</div>
@@ -78198,50 +77878,40 @@
</div>
-->
-<!--CLEANUP-->
<!--ADD-TOPIC:Security-->
<div class=impl>
<h4 id=security-risks-in-the-drag-and-drop-model><span class=secno>8.7.9 </span>Security risks in the drag-and-drop model</h4>
- <p>User agents must not make the data added to the
- <code><a href=#datatransfer>DataTransfer</a></code> object during the <code title=event-dragstart><a href=#event-dragstart>dragstart</a></code> event available to scripts
- until the <code title=event-drop><a href=#event-drop>drop</a></code> event, because
- otherwise, if a user were to drag sensitive information from one
- document to a second document, crossing a hostile third document in
- the process, the hostile document could intercept the data.</p>
+ <p>User agents must not make the data added to the <code><a href=#datatransfer>DataTransfer</a></code> object during the
+ <code title=event-dragstart><a href=#event-dragstart>dragstart</a></code> event available to scripts until the <code title=event-drop><a href=#event-drop>drop</a></code> event, because otherwise, if a user were to drag sensitive
+ information from one document to a second document, crossing a hostile third document in the
+ process, the hostile document could intercept the data.</p>
- <p>For the same reason, user agents must consider a drop to be
- successful only if the user specifically ended the drag operation
- — if any scripts end the drag operation, it must be considered
- unsuccessful (canceled) and the <code title=event-drop><a href=#event-drop>drop</a></code>
- event must not be fired.</p>
+ <p>For the same reason, user agents must consider a drop to be successful only if the user
+ specifically ended the drag operation — if any scripts end the drag operation, it must be
+ considered unsuccessful (canceled) and the <code title=event-drop><a href=#event-drop>drop</a></code> event must not be
+ fired.</p>
- <p>User agents should take care to not start drag-and-drop
- operations in response to script actions. For example, in a
- mouse-and-window environment, if a script moves a window while the
- user has his mouse button depressed, the UA would not consider that
- to start a drag. This is important because otherwise UAs could cause
- data to be dragged from sensitive sources and dropped into hostile
- documents without the user's consent.</p>
+ <p>User agents should take care to not start drag-and-drop operations in response to script
+ actions. For example, in a mouse-and-window environment, if a script moves a window while the user
+ has his mouse button depressed, the UA would not consider that to start a drag. This is important
+ because otherwise UAs could cause data to be dragged from sensitive sources and dropped into
+ hostile documents without the user's consent.</p>
- <p>User agents should filter potentially active (scripted) content
- (e.g. HTML) when it is dragged and when it is dropped, using a
- whitelist of known-safe features. Similarly, <a href=#relative-url title="relative url">relative URLs</a> should be
- turned into absolute URLs to avoid references changing in unexpected
- ways. This specification does not specify how this is performed.</p>
+ <p>User agents should filter potentially active (scripted) content (e.g. HTML) when it is dragged
+ and when it is dropped, using a whitelist of known-safe features. Similarly, <a href=#relative-url title="relative
+ url">relative URLs</a> should be turned into absolute URLs to avoid references changing in
+ unexpected ways. This specification does not specify how this is performed.</p>
<div class=example>
- <p>Consider a hostile page providing some content and getting the
- user to select and drag and drop (or indeed, copy and paste) that
- content to a victim page's <code title=attr-contenteditable><a href=#attr-contenteditable>contenteditable</a></code> region. If the
- browser does not ensure that only safe content is dragged,
- potentially unsafe content such as scripts and event handlers in
- the selection, once dropped (or pasted) into the victim site, get
- the privileges of the victim site. This would thus enable a
- cross-site scripting attack.</p>
+ <p>Consider a hostile page providing some content and getting the user to select and drag and
+ drop (or indeed, copy and paste) that content to a victim page's <code title=attr-contenteditable><a href=#attr-contenteditable>contenteditable</a></code> region. If the browser does not ensure that
+ only safe content is dragged, potentially unsafe content such as scripts and event handlers in
+ the selection, once dropped (or pasted) into the victim site, get the privileges of the victim
+ site. This would thus enable a cross-site scripting attack.</p>
</div>
@@ -79849,7 +79519,7 @@
<table><thead><tr><th><a href=#event-handlers title="event handlers">Event handler</a> <th><a href=#event-handler-event-type>Event handler event type</a>
<tbody><tr><td><dfn id=handler-abstractworker-onerror title=handler-AbstractWorker-onerror><code>onerror</code></dfn> <td> <code title=event-error>error</code>
<!-- v2-onclose <tr><td><dfn title="handler-AbstractWorker-onclose"><code>onclose</code></dfn> <td> <code title="event-worker-close">close</code> -->
- </table><!--CLEANUP--><h5 id=dedicated-workers-and-the-worker-interface><span class=secno>9.2.6.2 </span>Dedicated workers and the <code><a href=#worker>Worker</a></code> interface</h5>
+ </table><h5 id=dedicated-workers-and-the-worker-interface><span class=secno>9.2.6.2 </span>Dedicated workers and the <code><a href=#worker>Worker</a></code> interface</h5>
<pre class=idl>[<a href=#dom-worker title=dom-Worker>Constructor</a>(DOMString scriptURL)]
interface <dfn id=worker>Worker</dfn> : <a href=#eventtarget>EventTarget</a> {
@@ -79861,19 +79531,16 @@
};
<a href=#worker>Worker</a> implements <a href=#abstractworker>AbstractWorker</a>;</pre>
- <p>The <dfn id=dom-worker-terminate title=dom-Worker-terminate><code>terminate()</code></dfn> method,
- when invoked, must cause the "<a href=#terminate-a-worker>terminate a worker</a>"
- algorithm to be run on the worker with with the object is
- associated.</p>
+ <p>The <dfn id=dom-worker-terminate title=dom-Worker-terminate><code>terminate()</code></dfn> method, when invoked, must
+ cause the "<a href=#terminate-a-worker>terminate a worker</a>" algorithm to be run on the worker with with the object
+ is associated.</p>
- <p><code><a href=#worker>Worker</a></code> objects act as if they had an implicit
- <code><a href=#messageport>MessagePort</a></code> associated with them. This port is part of
- a channel that is set up when the worker is created, but it is not
- exposed. This object must never be garbage collected before the
- <code><a href=#worker>Worker</a></code> object.</p>
+ <p><code><a href=#worker>Worker</a></code> objects act as if they had an implicit <code><a href=#messageport>MessagePort</a></code> associated
+ with them. This port is part of a channel that is set up when the worker is created, but it is not
+ exposed. This object must never be garbage collected before the <code><a href=#worker>Worker</a></code> object.</p>
- <p>All messages received by that port must immediately be retargeted
- at the <code><a href=#worker>Worker</a></code> object.</p>
+ <p>All messages received by that port must immediately be retargeted at the <code><a href=#worker>Worker</a></code>
+ object.</p>
<p>The <dfn id=dom-worker-postmessage title=dom-Worker-postMessage><code>postMessage()</code></dfn> method on
<code><a href=#worker>Worker</a></code> objects must act as if, when invoked, it immediately invoked <a href=#dom-messageport-postmessage title=dom-MessagePort-postMessage>the method of the same name</a> on the port, with the same
@@ -79895,10 +79562,9 @@
</div>
- <p>The following are the <a href=#event-handlers>event handlers</a> (and their
- corresponding <a href=#event-handler-event-type title="event handler event type">event handler
- event types</a>) that must be supported, as IDL attributes, by
- objects implementing the <code><a href=#worker>Worker</a></code> interface:</p>
+ <p>The following are the <a href=#event-handlers>event handlers</a> (and their corresponding <a href=#event-handler-event-type title="event
+ handler event type">event handler event types</a>) that must be supported, as IDL attributes,
+ by objects implementing the <code><a href=#worker>Worker</a></code> interface:</p>
<table><thead><tr><th><a href=#event-handlers title="event handlers">Event handler</a> <th><a href=#event-handler-event-type>Event handler event type</a>
<tbody><tr><td><dfn id=handler-worker-onmessage title=handler-Worker-onmessage><code>onmessage</code></dfn> <td> <code title=event-message><a href=#event-message>message</a></code>
@@ -79909,110 +79575,92 @@
the request violates a policy decision (e.g. if the user agent is configured to not allow the
page to start dedicated workers).</li>
- <li><p><a href=#resolve-a-url title="resolve a url">Resolve</a> the <var title="">scriptURL</var> argument relative to the <a href=#entry-script>entry
- script</a>'s <a href="#script's-base-url" title="script's base URL">base URL</a>,
- when the method is invoked.</li>
+ <li><p><a href=#resolve-a-url title="resolve a url">Resolve</a> the <var title="">scriptURL</var> argument
+ relative to the <a href=#entry-script>entry script</a>'s <a href="#script's-base-url" title="script's base URL">base URL</a>, when
+ the method is invoked.</li>
- <li><p>If this fails, throw a <code><a href=#syntaxerror>SyntaxError</a></code>
- exception.</li>
+ <li><p>If this fails, throw a <code><a href=#syntaxerror>SyntaxError</a></code> exception.</li>
<li>
- <p>If the <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> component of
- the resulting <a href=#parsed-url>parsed URL</a> is not "<code title=data-protocol>data</code>", and the <a href=#origin>origin</a> of
- the resulting <a href=#absolute-url>absolute URL</a> is not the <a href=#same-origin title="same origin">same</a> as the origin of the <a href=#entry-script>entry
- script</a>, then throw a <code><a href=#securityerror>SecurityError</a></code> exception
- and abort these steps.</p>
+ <p>If the <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> component of the resulting <a href=#parsed-url>parsed
+ URL</a> is not "<code title=data-protocol>data</code>", and the <a href=#origin>origin</a> of the
+ resulting <a href=#absolute-url>absolute URL</a> is not the <a href=#same-origin title="same origin">same</a> as the
+ origin of the <a href=#entry-script>entry script</a>, then throw a <code><a href=#securityerror>SecurityError</a></code> exception and
+ abort these steps.</p>
- <p class=note>Thus, scripts must either be external files with
- the same scheme, host, and port as the original page, or <a href=#data-protocol title="data protocol"><code title="">data:</code> URLs</a>. For
- example, you can't load a script from a <a href=#javascript-protocol title="javascript
- protocol"><code title="">javascript:</code> URL</a>, and an
- <code>https:</code> page couldn't start workers using scripts with
- <code>http:</code> URLs.</p>
+ <p class=note>Thus, scripts must either be external files with the same scheme, host, and port
+ as the original page, or <a href=#data-protocol title="data protocol"><code title="">data:</code> URLs</a>.
+ For example, you can't load a script from a <a href=#javascript-protocol title="javascript protocol"><code title="">javascript:</code> URL</a>, and an <code>https:</code> page couldn't start workers
+ using scripts with <code>http:</code> URLs.</p>
</li>
- <li><p>Create a new <code><a href=#dedicatedworkerglobalscope>DedicatedWorkerGlobalScope</a></code> object
- whose <a href=#worker-origin>worker origin</a> is the origin of the <a href=#entry-script>entry
- script</a>. Let <var title="">worker global scope</var> be this
- new object.</li>
+ <li><p>Create a new <code><a href=#dedicatedworkerglobalscope>DedicatedWorkerGlobalScope</a></code> object whose <a href=#worker-origin>worker
+ origin</a> is the origin of the <a href=#entry-script>entry script</a>. Let <var title="">worker global
+ scope</var> be this new object.</li>
- <li><p>Create a new <code><a href=#worker>Worker</a></code> object, associated with
- <var title="">worker global scope</var>. Let <var title="">worker</var> be this new object.</li>
+ <li><p>Create a new <code><a href=#worker>Worker</a></code> object, associated with <var title="">worker global
+ scope</var>. Let <var title="">worker</var> be this new object.</li>
- <li><p><a href=#create-a-new-messageport-object>Create a new <code>MessagePort</code> object</a>
- owned by the <a href="#script's-global-object" title="script's global object">global
- object</a> of the <a href=#concept-script title=concept-script>script</a> that
- invoked the constructor. Let this be the <var title="">outside
- port</var>.</li>
+ <li><p><a href=#create-a-new-messageport-object>Create a new <code>MessagePort</code> object</a> owned by the <a href="#script's-global-object" title="script's global object">global object</a> of the <a href=#concept-script title=concept-script>script</a> that invoked the constructor. Let this be the <var title="">outside port</var>.</li>
<li><p>Associate the <var title="">outside port</var> with <var title="">worker</var>.</li>
- <li><p><a href=#create-a-new-messageport-object>Create a new <code>MessagePort</code> object</a>
- owned by <var title="">worker global scope</var>. Let <var title="">inside port</var> be this new object.</li>
+ <li><p><a href=#create-a-new-messageport-object>Create a new <code>MessagePort</code> object</a> owned by <var title="">worker
+ global scope</var>. Let <var title="">inside port</var> be this new object.</li>
- <li><p>Associate <var title="">inside port</var> with <var title="">worker global scope</var>.</li>
+ <li><p>Associate <var title="">inside port</var> with <var title="">worker global
+ scope</var>.</li>
- <li><p><a href=#entangle>Entangle</a> <var title="">outside port</var> and
- <var title="">inside port</var>.</li>
+ <li><p><a href=#entangle>Entangle</a> <var title="">outside port</var> and <var title="">inside
+ port</var>.</li>
- <li><p>Return <var title="">worker</var>, and run the following
- steps asynchronously.</li>
+ <li><p>Return <var title="">worker</var>, and run the following steps asynchronously.</li>
<!-- (this is done by the "run a worker" algorithm)
- <li><p>Enable <var title="">inside port</var>'s <span>port message
- queue</span>.</p></li>
+ <li><p>Enable <var title="">inside port</var>'s <span>port message queue</span>.</p></li>
-->
- <li><p>Enable <var title="">outside port</var>'s <a href=#port-message-queue>port message
- queue</a>.</li>
+ <li><p>Enable <var title="">outside port</var>'s <a href=#port-message-queue>port message queue</a>.</li>
<li>
- <p>Let <var title="">docs</var> be the <a href=#list-of-relevant-document-objects-to-add>list of relevant
- <code>Document</code> objects to add</a> given the <a href="#script's-global-object" title="script's global object">global object</a> of the <a href=#concept-script title=concept-script>script</a> that invoked the
- constructor.</p>
+ <p>Let <var title="">docs</var> be the <a href=#list-of-relevant-document-objects-to-add>list of relevant <code>Document</code> objects to
+ add</a> given the <a href="#script's-global-object" title="script's global object">global object</a> of the <a href=#concept-script title=concept-script>script</a> that invoked the constructor.</p>
</li>
<li>
- <p><a href="#add-a-document-to-the-worker's-documents" title="add a document to the worker's documents">Add to
- <var title="">worker global scope</var>'s list of <span>the
- worker's <code>Document</code>s</span></a> the
+ <p><a href="#add-a-document-to-the-worker's-documents" title="add a document to the worker's documents">Add to <var title="">worker global
+ scope</var>'s list of <span>the worker's <code>Document</code>s</span></a> the
<code><a href=#document>Document</a></code> objects in <var title="">docs</var>.</p>
</li>
<li>
- <p>If the <a href="#script's-global-object" title="script's global object">global object</a>
- of the <a href=#concept-script title=concept-script>script</a> that invoked the
- constructor is a <code><a href=#workerglobalscope>WorkerGlobalScope</a></code> object (i.e. we
- are creating a nested worker), add <var title="">worker global
- scope</var> to the list of <a href="#the-worker's-workers">the worker's workers</a> of the
- <code><a href=#workerglobalscope>WorkerGlobalScope</a></code> object that is the <a href="#script's-global-object" title="script's global object">global object</a> of the <a href=#concept-script title=concept-script>script</a> that invoked the
+ <p>If the <a href="#script's-global-object" title="script's global object">global object</a> of the <a href=#concept-script title=concept-script>script</a> that invoked the constructor is a
+ <code><a href=#workerglobalscope>WorkerGlobalScope</a></code> object (i.e. we are creating a nested worker), add <var title="">worker global scope</var> to the list of <a href="#the-worker's-workers">the worker's workers</a> of the
+ <code><a href=#workerglobalscope>WorkerGlobalScope</a></code> object that is the <a href="#script's-global-object" title="script's global object">global
+ object</a> of the <a href=#concept-script title=concept-script>script</a> that invoked the
constructor.</p>
</li>
<li>
- <p><a href=#run-a-worker>Run a worker</a> for the resulting <a href=#absolute-url>absolute
- URL</a>, with the <a href="#script's-browsing-context">script's browsing context</a> of the
- script that invoked the method as the <var title="">owner browsing
- context</var>, with the <a href="#script's-document">script's document</a> of the
- script that invoked the method as the <var title="">owner
- document</var>, with the <a href=#origin>origin</a> of the <a href=#entry-script>entry
- script</a> as the <var title="">owner origin</var>, and with
- <var title="">worker global scope</var> as the global scope.</p>
+ <p><a href=#run-a-worker>Run a worker</a> for the resulting <a href=#absolute-url>absolute URL</a>, with the
+ <a href="#script's-browsing-context">script's browsing context</a> of the script that invoked the method as the <var title="">owner browsing context</var>, with the <a href="#script's-document">script's document</a> of the script
+ that invoked the method as the <var title="">owner document</var>, with the <a href=#origin>origin</a>
+ of the <a href=#entry-script>entry script</a> as the <var title="">owner origin</var>, and with <var title="">worker global scope</var> as the global scope.</p>
</li>
- </ol><p>This constructor must be visible when the <a href="#script's-global-object">script's global
- object</a> is either a <code><a href=#window>Window</a></code> object or an object
- implementing the <code><a href=#workerglobalscope>WorkerGlobalScope</a></code> interface.</p>
+ </ol><p>This constructor must be visible when the <a href="#script's-global-object">script's global object</a> is either a
+ <code><a href=#window>Window</a></code> object or an object implementing the <code><a href=#workerglobalscope>WorkerGlobalScope</a></code>
+ interface.</p>
<h5 id=shared-workers-and-the-sharedworker-interface><span class=secno>9.2.6.3 </span>Shared workers and the <code><a href=#sharedworker>SharedWorker</a></code> interface</h5>
@@ -80023,55 +79671,47 @@
};
<a href=#sharedworker>SharedWorker</a> implements <a href=#abstractworker>AbstractWorker</a>;</pre>
- <p>The <dfn id=dom-sharedworker-port title=dom-SharedWorker-port><code>port</code></dfn>
- attribute must return the value it was assigned by the object's
- constructor. It represents the <code><a href=#messageport>MessagePort</a></code> for
+ <p>The <dfn id=dom-sharedworker-port title=dom-SharedWorker-port><code>port</code></dfn> attribute must return the value
+ it was assigned by the object's constructor. It represents the <code><a href=#messageport>MessagePort</a></code> for
communicating with the shared worker.</p>
- <p>When the <dfn id=dom-sharedworker title=dom-SharedWorker><code>SharedWorker(<var title="">scriptURL</var>, <var title="">name</var>)</code></dfn>
- constructor is invoked, the user agent must run the following
+ <p>When the <dfn id=dom-sharedworker title=dom-SharedWorker><code>SharedWorker(<var title="">scriptURL</var>, <var title="">name</var>)</code></dfn> constructor is invoked, the user agent must run the following
steps:</p>
<ol><li><p>The user agent may throw a <code><a href=#securityerror>SecurityError</a></code> exception and abort these steps if
the request violates a policy decision (e.g. if the user agent is configured to not allow the
page to start shared workers).</li>
- <li><p><a href=#resolve-a-url title="resolve a url">Resolve</a> the <var title="">scriptURL</var> argument.</li>
+ <li><p><a href=#resolve-a-url title="resolve a url">Resolve</a> the <var title="">scriptURL</var>
+ argument.</li>
- <li><p>If this fails, throw a <code><a href=#syntaxerror>SyntaxError</a></code>
- exception.</li>
+ <li><p>If this fails, throw a <code><a href=#syntaxerror>SyntaxError</a></code> exception.</li>
- <li><p>Otherwise, let <var title="">scriptURL</var> be the
- resulting <a href=#absolute-url>absolute URL</a> and <var title="">parsed scriptURL</var> be the
- resulting <a href=#parsed-url>parsed URL</a>.</li>
+ <li><p>Otherwise, let <var title="">scriptURL</var> be the resulting <a href=#absolute-url>absolute URL</a>
+ and <var title="">parsed scriptURL</var> be the resulting <a href=#parsed-url>parsed URL</a>.</li>
- <li><p>Let <var title="">name</var> be the value of the second
- argument, or the empty string if the second argument was
- omitted.</li>
+ <li><p>Let <var title="">name</var> be the value of the second argument, or the empty string if
+ the second argument was omitted.</li>
<li>
- <p>If the <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> component of
- <var title="">parsed scriptURL</var> is not "<code title=data-protocol>data</code>", and the <a href=#origin>origin</a> of
- <var title="">scriptURL</var> is not the <a href=#same-origin title="same
- origin">same</a> as the origin of the <a href=#entry-script>entry
- script</a>, then throw a <code><a href=#securityerror>SecurityError</a></code> exception
- and abort these steps.</p>
+ <p>If the <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> component of <var title="">parsed
+ scriptURL</var> is not "<code title=data-protocol>data</code>", and the <a href=#origin>origin</a> of
+ <var title="">scriptURL</var> is not the <a href=#same-origin title="same origin">same</a> as the origin of
+ the <a href=#entry-script>entry script</a>, then throw a <code><a href=#securityerror>SecurityError</a></code> exception and abort these
+ steps.</p>
- <p class=note>Thus, scripts must either be external files with
- the same scheme, host, and port as the original page, or <a href=#data-protocol title="data protocol"><code title="">data:</code> URLs</a>. For
- example, you can't load a script from a <a href=#javascript-protocol title="javascript
- protocol"><code title="">javascript:</code> URL</a>, and an
- <code>https:</code> page couldn't start workers using scripts with
- <code>http:</code> URLs.</p>
+ <p class=note>Thus, scripts must either be external files with the same scheme, host, and port
+ as the original page, or <a href=#data-protocol title="data protocol"><code title="">data:</code> URLs</a>.
+ For example, you can't load a script from a <a href=#javascript-protocol title="javascript protocol"><code title="">javascript:</code> URL</a>, and an <code>https:</code> page couldn't start workers
+ using scripts with <code>http:</code> URLs.</p>
</li>
<li>
- <p>Let <var title="">docs</var> be the <a href=#list-of-relevant-document-objects-to-add>list of relevant
- <code>Document</code> objects to add</a> given the <a href="#script's-global-object" title="script's global object">global object</a> of the <a href=#concept-script title=concept-script>script</a> that invoked the
- constructor.</p>
+ <p>Let <var title="">docs</var> be the <a href=#list-of-relevant-document-objects-to-add>list of relevant <code>Document</code> objects to
+ add</a> given the <a href="#script's-global-object" title="script's global object">global object</a> of the <a href=#concept-script title=concept-script>script</a> that invoked the constructor.</p>
</li>
@@ -80079,81 +79719,60 @@
<p>Execute the following substeps atomically:</p>
- <ol><li><p>Create a new <code><a href=#sharedworker>SharedWorker</a></code> object, which will
- shortly be associated with a <code><a href=#sharedworkerglobalscope>SharedWorkerGlobalScope</a></code>
- object. Let this <code><a href=#sharedworker>SharedWorker</a></code> object be <var title="">worker</var>.</li>
+ <ol><li><p>Create a new <code><a href=#sharedworker>SharedWorker</a></code> object, which will shortly be associated with a
+ <code><a href=#sharedworkerglobalscope>SharedWorkerGlobalScope</a></code> object. Let this <code><a href=#sharedworker>SharedWorker</a></code> object be <var title="">worker</var>.</li>
- <li><p><a href=#create-a-new-messageport-object>Create a new <code>MessagePort</code> object</a>
- owned by the <a href="#script's-global-object" title="script's global object">global
- object</a> of the script that invoked the method. Let this be
- the <var title="">outside port</var>.</li>
+ <li><p><a href=#create-a-new-messageport-object>Create a new <code>MessagePort</code> object</a> owned by the <a href="#script's-global-object" title="script's global object">global object</a> of the script that invoked the method. Let
+ this be the <var title="">outside port</var>.</li>
<li><p>Assign <var title="">outside port</var> to the <code title=dom-SharedWorker-port><a href=#dom-sharedworker-port>port</a></code> attribute of <var title="">worker</var>.</li>
- <li><p>Let <var title="">worker global scope</var> be
- null.</li>
+ <li><p>Let <var title="">worker global scope</var> be null.</li>
<li>
- <p>If <var title="">name</var> is not the empty string and there
- exists a <code><a href=#sharedworkerglobalscope>SharedWorkerGlobalScope</a></code> object whose <a href=#dom-workerglobalscope-closing title=dom-WorkerGlobalScope-closing>closing</a> flag is
- false, whose <code title=dom-WorkerGlobalScope-name>name</code> attribute is
- exactly equal to <var title="">name</var>, and whose
- <a href=#worker-origin>worker origin</a> is the <a href=#same-origin>same origin</a> as
- <var title="">scriptURL</var>, then let <var title="">worker
- global scope</var> be that <code><a href=#sharedworkerglobalscope>SharedWorkerGlobalScope</a></code>
- object.</p>
+ <p>If <var title="">name</var> is not the empty string and there exists a
+ <code><a href=#sharedworkerglobalscope>SharedWorkerGlobalScope</a></code> object whose <a href=#dom-workerglobalscope-closing title=dom-WorkerGlobalScope-closing>closing</a> flag is false, whose <code title=dom-WorkerGlobalScope-name>name</code> attribute is exactly equal to <var title="">name</var>, and whose <a href=#worker-origin>worker origin</a> is the <a href=#same-origin>same origin</a> as
+ <var title="">scriptURL</var>, then let <var title="">worker global scope</var> be that
+ <code><a href=#sharedworkerglobalscope>SharedWorkerGlobalScope</a></code> object.</p>
- <p>Otherwise, if <var title="">name</var> is the empty string
- and there exists a <code><a href=#sharedworkerglobalscope>SharedWorkerGlobalScope</a></code> object
- whose <a href=#dom-workerglobalscope-closing title=dom-WorkerGlobalScope-closing>closing</a>
- flag is false, whose <code title=dom-WorkerGlobalScope-name>name</code> attribute is the
- empty string, and whose <code title=dom-WorkerGlobalScope-location><a href=#dom-workerglobalscope-location>location</a></code> attribute
- represents an <a href=#absolute-url>absolute URL</a> that is exactly equal to
- <var title="">scriptURL</var>, then let <var title="">worker
- global scope</var> be that <code><a href=#sharedworkerglobalscope>SharedWorkerGlobalScope</a></code>
- object.</p>
+ <p>Otherwise, if <var title="">name</var> is the empty string and there exists a
+ <code><a href=#sharedworkerglobalscope>SharedWorkerGlobalScope</a></code> object whose <a href=#dom-workerglobalscope-closing title=dom-WorkerGlobalScope-closing>closing</a> flag is false, whose <code title=dom-WorkerGlobalScope-name>name</code> attribute is the empty string, and whose <code title=dom-WorkerGlobalScope-location><a href=#dom-workerglobalscope-location>location</a></code> attribute represents an <a href=#absolute-url>absolute
+ URL</a> that is exactly equal to <var title="">scriptURL</var>, then let <var title="">worker global scope</var> be that <code><a href=#sharedworkerglobalscope>SharedWorkerGlobalScope</a></code> object.</p>
</li>
<li>
- <p>If <var title="">worker global scope</var> is not null, but
- the user agent has been configured to disallow communication
- between the <a href=#concept-script title=concept-script>script</a> that
- invoked the constructor and the worker represented by the <var title="">worker global scope</var>, then set <var title="">worker global scope</var> to null.</p>
+ <p>If <var title="">worker global scope</var> is not null, but the user agent has been
+ configured to disallow communication between the <a href=#concept-script title=concept-script>script</a>
+ that invoked the constructor and the worker represented by the <var title="">worker global
+ scope</var>, then set <var title="">worker global scope</var> to null.</p>
- <p class=note>For example, a user agent could have a
- development mode that isolates a particular <a href=#top-level-browsing-context>top-level
- browsing context</a> from all other pages, and scripts in
- that development mode could be blocked from connecting to shared
- workers running in the normal browser mode.</p>
+ <p class=note>For example, a user agent could have a development mode that isolates a
+ particular <a href=#top-level-browsing-context>top-level browsing context</a> from all other pages, and scripts in that
+ development mode could be blocked from connecting to shared workers running in the normal
+ browser mode.</p>
</li>
<li>
- <p>If <var title="">worker global scope</var> is not null, then
- run these steps:</p>
+ <p>If <var title="">worker global scope</var> is not null, then run these steps:</p>
- <ol><li><p>If <var title="">worker global scope</var>'s <code title=dom-WorkerGlobalScope-location><a href=#dom-workerglobalscope-location>location</a></code>
- attribute represents an <a href=#absolute-url>absolute URL</a> that is not
- exactly equal to <var title="">scriptURL</var>, then throw a
- <code><a href=#urlmismatcherror>URLMismatchError</a></code> exception and abort all these
- steps.</li>
+ <ol><li><p>If <var title="">worker global scope</var>'s <code title=dom-WorkerGlobalScope-location><a href=#dom-workerglobalscope-location>location</a></code> attribute represents an <a href=#absolute-url>absolute
+ URL</a> that is not exactly equal to <var title="">scriptURL</var>, then throw a
+ <code><a href=#urlmismatcherror>URLMismatchError</a></code> exception and abort all these steps.</li>
- <li><p>Associate <var title="">worker</var> with <var title="">worker global scope</var>.</li>
+ <li><p>Associate <var title="">worker</var> with <var title="">worker global
+ scope</var>.</li>
- <li><p><a href=#create-a-new-messageport-object>Create a new <code>MessagePort</code>
- object</a> owned by <var title="">worker global
- scope</var>. Let this be the <var title="">inside
- port</var>.</li>
+ <li><p><a href=#create-a-new-messageport-object>Create a new <code>MessagePort</code> object</a> owned by <var title="">worker global scope</var>. Let this be the <var title="">inside port</var>.</li>
<li><p><a href=#entangle>Entangle</a> <var title="">outside port</var>
and <var title="">inside port</var>.</li>
- <li><p>Return <var title="">worker</var> and perform the next
- step asynchronously.</li>
+ <li><p>Return <var title="">worker</var> and perform the next step asynchronously.</li>
<li><p>Create a <a href=#concept-events-trusted title=concept-events-trusted>trusted</a> event that uses the
<code><a href=#messageevent>MessageEvent</a></code> interface, with the name <code title=event-connect>connect</code>, which does not bubble, is not cancelable, has no
@@ -80166,23 +79785,18 @@
<li>
- <p><a href="#add-a-document-to-the-worker's-documents" title="add a document to the worker's documents">Add to
- <var title="">worker global scope</var>'s list of <span>the
- worker's <code>Document</code>s</span></a> the
+ <p><a href="#add-a-document-to-the-worker's-documents" title="add a document to the worker's documents">Add to <var title="">worker global
+ scope</var>'s list of <span>the worker's <code>Document</code>s</span></a> the
<code><a href=#document>Document</a></code> objects in <var title="">docs</var>.</p>
</li>
<li>
- <p>If the <a href="#script's-global-object" title="script's global object">global
- object</a> of the <a href=#concept-script title=concept-script>script</a>
- that invoked the constructor is a
- <code><a href=#workerglobalscope>WorkerGlobalScope</a></code> object, add <var title="">worker global scope</var> to the list of <a href="#the-worker's-workers">the
- worker's workers</a> of the <code><a href=#workerglobalscope>WorkerGlobalScope</a></code>
- object that is the <a href="#script's-global-object" title="script's global object">global
- object</a> of the <a href=#concept-script title=concept-script>script</a>
- that invoked the constructor.</p>
+ <p>If the <a href="#script's-global-object" title="script's global object">global object</a> of the <a href=#concept-script title=concept-script>script</a> that invoked the constructor is a
+ <code><a href=#workerglobalscope>WorkerGlobalScope</a></code> object, add <var title="">worker global scope</var> to the
+ list of <a href="#the-worker's-workers">the worker's workers</a> of the <code><a href=#workerglobalscope>WorkerGlobalScope</a></code> object that
+ is the <a href="#script's-global-object" title="script's global object">global object</a> of the <a href=#concept-script title=concept-script>script</a> that invoked the constructor.</p>
</li>
@@ -80190,26 +79804,24 @@
</ol></li>
- <li><p>Create a new <code><a href=#sharedworkerglobalscope>SharedWorkerGlobalScope</a></code> object
- whose <a href=#worker-origin>worker origin</a> is the origin of the <a href=#entry-script>entry
- script</a>. Let <var title="">worker global scope</var> be
- this new object.</li>
+ <li><p>Create a new <code><a href=#sharedworkerglobalscope>SharedWorkerGlobalScope</a></code> object whose <a href=#worker-origin>worker
+ origin</a> is the origin of the <a href=#entry-script>entry script</a>. Let <var title="">worker global
+ scope</var> be this new object.</li>
- <li><p>Associate <var title="">worker</var> with <var title="">worker global scope</var>.</li>
+ <li><p>Associate <var title="">worker</var> with <var title="">worker global
+ scope</var>.</li>
- <li><p>Set the <code title=dom-SharedWorkerGlobalScope-name><a href=#dom-sharedworkerglobalscope-name>name</a></code> attribute of
- <var title="">worker global scope</var> to <var title="">name</var>.</li>
+ <li><p>Set the <code title=dom-SharedWorkerGlobalScope-name><a href=#dom-sharedworkerglobalscope-name>name</a></code> attribute of <var title="">worker global scope</var> to <var title="">name</var>.</li>
- <li><p><a href=#create-a-new-messageport-object>Create a new <code>MessagePort</code> object</a>
- owned by <var title="">worker global scope</var>. Let <var title="">inside port</var> be this new object.</li>
+ <li><p><a href=#create-a-new-messageport-object>Create a new <code>MessagePort</code> object</a> owned by <var title="">worker
+ global scope</var>. Let <var title="">inside port</var> be this new object.</li>
- <li><p><a href=#entangle>Entangle</a> <var title="">outside port</var> and
- <var title="">inside port</var>.</li>
+ <li><p><a href=#entangle>Entangle</a> <var title="">outside port</var> and <var title="">inside
+ port</var>.</li>
</ol></li>
- <li><p>Return <var title="">worker</var> and perform the remaining
- steps asynchronously.</li>
+ <li><p>Return <var title="">worker</var> and perform the remaining steps asynchronously.</li>
<li><p>Create a <a href=#concept-events-trusted title=concept-events-trusted>trusted</a> event that uses the
<code><a href=#messageevent>MessageEvent</a></code> interface, with the name <code title=event-connect>connect</code>,
@@ -80222,44 +79834,38 @@
<li>
- <p><a href="#add-a-document-to-the-worker's-documents" title="add a document to the worker's documents">Add to
- <var title="">worker global scope</var>'s list of <span>the
- worker's <code>Document</code>s</span></a> the
+ <p><a href="#add-a-document-to-the-worker's-documents" title="add a document to the worker's documents">Add to <var title="">worker global
+ scope</var>'s list of <span>the worker's <code>Document</code>s</span></a> the
<code><a href=#document>Document</a></code> objects in <var title="">docs</var>.</p>
</li>
<li>
- <p>If the <a href="#script's-global-object" title="script's global object">global object</a>
- of the <a href=#concept-script title=concept-script>script</a> that invoked the
- constructor is a <code><a href=#workerglobalscope>WorkerGlobalScope</a></code> object, add <var title="">worker global scope</var> to the list of <a href="#the-worker's-workers">the
- worker's workers</a> of the <code><a href=#workerglobalscope>WorkerGlobalScope</a></code>
- object that is the <a href="#script's-global-object" title="script's global object">global
- object</a> of the <a href=#concept-script title=concept-script>script</a>
- that invoked the constructor.</p>
+ <p>If the <a href="#script's-global-object" title="script's global object">global object</a> of the <a href=#concept-script title=concept-script>script</a> that invoked the constructor is a
+ <code><a href=#workerglobalscope>WorkerGlobalScope</a></code> object, add <var title="">worker global scope</var> to the list
+ of <a href="#the-worker's-workers">the worker's workers</a> of the <code><a href=#workerglobalscope>WorkerGlobalScope</a></code> object that is the
+ <a href="#script's-global-object" title="script's global object">global object</a> of the <a href=#concept-script title=concept-script>script</a> that invoked the constructor.</p>
</li>
<li>
- <p><a href=#run-a-worker>Run a worker</a> for <var title="">scriptURL</var>,
- with the <a href="#script's-browsing-context">script's browsing context</a> of the script that
- invoked the method as the <var title="">owner browsing
- context</var>, with the <a href="#script's-document">script's document</a> of the
- script that invoked the method as the <var title="">owner
- document</var>, with the <a href=#origin>origin</a> of the <a href=#entry-script>entry
- script</a> as the <var title="">owner origin</var>, and with
- <var title="">worker global scope</var> as the global scope.</p>
+ <p><a href=#run-a-worker>Run a worker</a> for <var title="">scriptURL</var>, with the <a href="#script's-browsing-context">script's browsing
+ context</a> of the script that invoked the method as the <var title="">owner browsing
+ context</var>, with the <a href="#script's-document">script's document</a> of the script that invoked the method as
+ the <var title="">owner document</var>, with the <a href=#origin>origin</a> of the <a href=#entry-script>entry
+ script</a> as the <var title="">owner origin</var>, and with <var title="">worker global
+ scope</var> as the global scope.</p>
</li>
- </ol><p>This constructor must be visible when the <a href="#script's-global-object">script's global
- object</a> is either a <code><a href=#window>Window</a></code> object or an object
- implementing the <code><a href=#workerglobalscope>WorkerGlobalScope</a></code> interface.</p>
+ </ol><p>This constructor must be visible when the <a href="#script's-global-object">script's global object</a> is either a
+ <code><a href=#window>Window</a></code> object or an object implementing the <code><a href=#workerglobalscope>WorkerGlobalScope</a></code>
+ interface.</p>
- <p>The <a href=#task-source>task source</a> for the tasks mentioned above is the
- <a href=#dom-manipulation-task-source>DOM manipulation task source</a>.</p>
+ <p>The <a href=#task-source>task source</a> for the tasks mentioned above is the <a href=#dom-manipulation-task-source>DOM manipulation task
+ source</a>.</p>
@@ -82030,7 +81636,6 @@
https://www.w3.org/Bugs/Public/show_bug.cgi?id=17264 -->
-<!--CLEANUP-->
<h4 id=parsing-websocket-urls><span class=secno>10.3.5 </span>Parsing WebSocket URLs</h4>
<p>The steps to <dfn id="parse-a-websocket-url's-components">parse a WebSocket URL's components</dfn> from a string <var title="">url</var> are as follows. These steps return either a <var title="">host</var>, a <var title="">port</var>, a <var title="">resource name</var>, and a <var title="">secure</var> flag,
@@ -82050,34 +81655,37 @@
</li>
- <li><p>If the resulting <a href=#parsed-url>parsed URL</a> does not have a <a href=#concept-url-scheme title=concept-url-scheme>scheme</a>
- component whose value, when <a href=#converted-to-ascii-lowercase>converted to ASCII lowercase</a>, is either "<code title="">ws</code>" or "<code title="">wss</code>", then fail this algorithm.</li>
+ <li><p>If the resulting <a href=#parsed-url>parsed URL</a> does not have a <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> component whose value, when <a href=#converted-to-ascii-lowercase>converted to ASCII
+ lowercase</a>, is either "<code title="">ws</code>" or "<code title="">wss</code>", then fail
+ this algorithm.</li>
- <li><p>If the resulting <a href=#parsed-url>parsed URL</a> has a non-null <a href=#concept-url-fragment title=concept-url-fragment>fragment</a>
- component, then fail this algorithm.</li>
+ <li><p>If the resulting <a href=#parsed-url>parsed URL</a> has a non-null <a href=#concept-url-fragment title=concept-url-fragment>fragment</a> component, then fail this algorithm.</li>
- <li><p>If the <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> component of the resulting <a href=#parsed-url>parsed URL</a>
- is "<code title="">ws</code>", set <var title="">secure</var> to false; otherwise, the <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> component is "<code title="">wss</code>", set <var title="">secure</var> to true.</li>
+ <li><p>If the <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> component of the resulting
+ <a href=#parsed-url>parsed URL</a> is "<code title="">ws</code>", set <var title="">secure</var> to false;
+ otherwise, the <a href=#concept-url-scheme title=concept-url-scheme>scheme</a> component is "<code title="">wss</code>", set <var title="">secure</var> to true.</li>
- <li><p>Let <var title="">host</var> be the value of the resulting <a href=#parsed-url>parsed URL</a>'s <a href=#concept-url-host title=concept-url-host>host</a> component, <a href=#converted-to-ascii-lowercase>converted to
- ASCII lowercase</a>.</li> <!-- at this point this is Punycode-encoded already -->
+ <li><p>Let <var title="">host</var> be the value of the resulting <a href=#parsed-url>parsed URL</a>'s <a href=#concept-url-host title=concept-url-host>host</a> component, <a href=#converted-to-ascii-lowercase>converted to ASCII
+ lowercase</a>.</li> <!-- at this point this is Punycode-encoded already -->
- <li><p>If the resulting <a href=#parsed-url>parsed URL</a> has a <a href=#concept-url-port title=concept-url-port>port</a> component that is not the empty string,
- then let <var title="">port</var> be that component's value; otherwise, there is no explicit <var title="">port</var>.</li>
+ <li><p>If the resulting <a href=#parsed-url>parsed URL</a> has a <a href=#concept-url-port title=concept-url-port>port</a>
+ component that is not the empty string, then let <var title="">port</var> be that component's
+ value; otherwise, there is no explicit <var title="">port</var>.</li>
<li><p>If there is no explicit <var title="">port</var>, then: if <var title="">secure</var> is
false, let <var title="">port</var> be 80, otherwise let <var title="">port</var> be
443.</li>
- <li><p>Let <var title="">resource name</var> be the value of the resulting <a href=#parsed-url>parsed URL</a>'s <a href=#concept-url-path title=concept-url-path>path</a> component (which might be empty).</li> <!-- at this point this is UTF-8 encoded and percent encoded -->
+ <li><p>Let <var title="">resource name</var> be the value of the resulting <a href=#parsed-url>parsed
+ URL</a>'s <a href=#concept-url-path title=concept-url-path>path</a> component (which might be
+ empty).</li> <!-- at this point this is UTF-8 encoded and percent encoded -->
<li><p>If <var title="">resource name</var> is the empty string, set it to a single character
U+002F SOLIDUS (/).</li>
- <li><p>If the resulting <a href=#parsed-url>parsed URL</a> has a non-null <a href=#concept-url-query title=concept-url-query>query</a> component,
- then append a single U+003F QUESTION MARK character (?) to <var title="">resource name</var>,
- followed by the value of the <a href=#concept-url-query title=concept-url-query>query</a> component.</li>
- <!-- at this point this is UTF-8 encoded and percent encoded -->
+ <li><p>If the resulting <a href=#parsed-url>parsed URL</a> has a non-null <a href=#concept-url-query title=concept-url-query>query</a> component, then append a single U+003F QUESTION MARK
+ character (?) to <var title="">resource name</var>, followed by the value of the <a href=#concept-url-query title=concept-url-query>query</a> component.</li> <!-- at this point this is UTF-8
+ encoded and percent encoded -->
<li><p>Return <var title="">host</var>, <var title="">port</var>, <var title="">resource
name</var>, and <var title="">secure</var>.</li>
Modified: source
===================================================================
--- source 2013-02-09 02:07:29 UTC (rev 7710)
+++ source 2013-02-09 04:06:15 UTC (rev 7711)
@@ -6080,40 +6080,30 @@
</div>
-<!--CLEANUP-->
<div class="impl">
<h3>Fetching resources</h3>
<h4>Terminology</h4>
- <p id="concept-http-equivalent">User agents can implement a variety
- of transfer protocols, but this specification mostly defines
- behavior in terms of HTTP. <a href="#refsHTTP">[HTTP]</a></p>
+ <p id="concept-http-equivalent">User agents can implement a variety of transfer protocols, but
+ this specification mostly defines behavior in terms of HTTP. <a href="#refsHTTP">[HTTP]</a></p>
- <p>The <dfn title="concept-http-equivalent-get">HTTP GET
- method</dfn> is equivalent to the default retrieval action of the
- protocol. For example, RETR in FTP. Such actions are idempotent and
- safe, in HTTP terms.</p>
+ <p>The <dfn title="concept-http-equivalent-get">HTTP GET method</dfn> is equivalent to the default
+ retrieval action of the protocol. For example, RETR in FTP. Such actions are idempotent and safe,
+ in HTTP terms.</p>
- <p>The <dfn title="concept-http-equivalent-codes">HTTP response
- codes</dfn> are equivalent to statuses in other protocols that have
- the same basic meanings. For example, a "file not found" error is
- equivalent to a 404 code, a server error is equivalent to a 5xx
- code, and so on.</p>
+ <p>The <dfn title="concept-http-equivalent-codes">HTTP response codes</dfn> are equivalent to
+ statuses in other protocols that have the same basic meanings. For example, a "file not found"
+ error is equivalent to a 404 code, a server error is equivalent to a 5xx code, and so on.</p>
- <p>The <dfn title="concept-http-equivalent-headers">HTTP
- headers</dfn> are equivalent to fields in other protocols that have
- the same basic meaning. For example, the HTTP authentication
- headers are equivalent to the authentication aspects of the FTP
- protocol.</p>
+ <p>The <dfn title="concept-http-equivalent-headers">HTTP headers</dfn> are equivalent to fields in
+ other protocols that have the same basic meaning. For example, the HTTP authentication headers are
+ equivalent to the authentication aspects of the FTP protocol.</p>
- <hr>
+ <p>A <dfn>referrer source</dfn> is either a <code>Document</code> or a <span>URL</span>.</p>
- <p>A <dfn>referrer source</dfn> is either a <code>Document</code> or
- a <span>URL</span>.</p>
-
<h4>Processing model</h4>
<p>When a user agent is to <dfn>fetch</dfn><!--FETCH--> a resource or <span>URL</span>, optionally
@@ -6428,30 +6418,24 @@
<h4 id="content-type-sniffing">Determining the type of a resource</h4>
- <p>The <dfn title="Content-Type">Content-Type metadata</dfn> of a
- resource must be obtained and interpreted in a manner consistent
- with the requirements of the Media Type Sniffing
- specification. <a href="#refsMIMESNIFF">[MIMESNIFF]</a></p>
+ <p>The <dfn title="Content-Type">Content-Type metadata</dfn> of a resource must be obtained and
+ interpreted in a manner consistent with the requirements of the Media Type Sniffing specification.
+ <a href="#refsMIMESNIFF">[MIMESNIFF]</a></p>
- <p>The <dfn title="Content-Type sniffing">sniffed type of a
- resource</dfn> must be found in a manner consistent with the
- requirements given in the Media Type Sniffing
- specification for finding the <i>sniffed-type</i> of the relevant
- sequence of octets. <a href="#refsMIMESNIFF">[MIMESNIFF]</a></p>
+ <p>The <dfn title="Content-Type sniffing">sniffed type of a resource</dfn> must be found in a
+ manner consistent with the requirements given in the Media Type Sniffing specification for finding
+ the <i>sniffed-type</i> of the relevant sequence of octets. <a
+ href="#refsMIMESNIFF">[MIMESNIFF]</a></p>
- <p>The <dfn title="Content-Type sniffing: image">rules for sniffing
- images specifically</dfn> and the <dfn title="Content-Type sniffing:
- text or binary">rules for distinguishing if a resource is text or
- binary</dfn> are also defined in the Media Type Sniffing
- specification. Both sets of rules return a <span>MIME type</span> as
- their result. <a href="#refsMIMESNIFF">[MIMESNIFF]</a></p>
+ <p>The <dfn title="Content-Type sniffing: image">rules for sniffing images specifically</dfn> and
+ the <dfn title="Content-Type sniffing: text or binary">rules for distinguishing if a resource is
+ text or binary</dfn> are also defined in the Media Type Sniffing specification. Both sets of rules
+ return a <span>MIME type</span> as their result. <a href="#refsMIMESNIFF">[MIMESNIFF]</a></p>
- <p class="warning">It is imperative that the rules in the Media Type
- Sniffing specification be followed exactly. When a user agent uses
- different heuristics for content type detection than the server
- expects, security problems can occur. For more details, see the
- Media Type Sniffing specification. <a
- href="#refsMIMESNIFF">[MIMESNIFF]</a></p>
+ <p class="warning">It is imperative that the rules in the Media Type Sniffing specification be
+ followed exactly. When a user agent uses different heuristics for content type detection than the
+ server expects, security problems can occur. For more details, see the Media Type Sniffing
+ specification. <a href="#refsMIMESNIFF">[MIMESNIFF]</a></p>
<h4>Extracting character encodings from <code>meta</code> elements</h4>
@@ -8092,16 +8076,13 @@
<dt><var title="">document</var> . <code title="dom-document-referrer">referrer</code></dt>
<dd>
-<!--CLEANUP-->
+ <p>Returns <span title="the document's address">the address</span> of the <code>Document</code>
+ from which the user navigated to this one, unless it was blocked or there was no such document,
+ in which case it returns the empty string.</p>
- <p>Returns <span title="the document's address">the address</span>
- of the <code>Document</code> from which the user navigated to this
- one, unless it was blocked or there was no such document, in which
- case it returns the empty string.</p>
+ <p>The <code title="rel-noreferrer">noreferrer</code> link type can be used to block the
+ referrer.</p>
- <p>The <code title="rel-noreferrer">noreferrer</code> link
- type can be used to block the referrer.</p>
-
</dd>
</dl>
@@ -8250,8 +8231,11 @@
<dt><var title="">document</var> . <code title="dom-document-readyState">readyState</code></dt>
<dd>
- <p>Returns "<code title="">loading</code>" while the <code>Document</code> is loading, "<code title="">interactive</code>" once it is finished parsing but still loading sub-resources, and "<code title="">complete</code>" once it has loaded.</p>
- <p>The <code title="event-readystatechange">readystatechange</code> event fires on the <code>Document</code> object when this value changes.</p>
+ <p>Returns "<code title="">loading</code>" while the <code>Document</code> is loading, "<code
+ title="">interactive</code>" once it is finished parsing but still loading sub-resources, and
+ "<code title="">complete</code>" once it has loaded.</p>
+ <p>The <code title="event-readystatechange">readystatechange</code> event fires on the
+ <code>Document</code> object when this value changes.</p>
</dd>
</dl>
@@ -19888,7 +19872,6 @@
</dl>
-<!-- CLEANUP -->
<div class="impl">
<p>The IDL attributes <dfn title="dom-a-href"><code>href</code></dfn>, <dfn
@@ -19906,14 +19889,14 @@
same value as the <code>textContent</code> IDL attribute on the element, and on setting, must act
as if the <code>textContent</code> IDL attribute on the element had been set to the new value.</p>
- <p>The <code>a</code> element also supports the <code>URLUtils</code> interface. The <span title="concept-uu-input">input</span> is
- the value of the element's <code
- title="attr-hyperlink-href">href</code> content attribute, if there is such an
- attribute, or the empty string otherwise; the <span title="concept-uu-base">base</span>
- is <span>the element's base URL</span>; the <span title="concept-uu-query-encoding">query encoding</span>
- being the <span>document's character encoding</span>; and the <span
- title="concept-uu-update">update steps</span> being the same as setting the element's
- <code title="attr-hyperlink-href">href</code> content attribute to the new output value.</p>
+ <p>The <code>a</code> element also supports the <code>URLUtils</code> interface. The <span
+ title="concept-uu-input">input</span> is the value of the element's <code
+ title="attr-hyperlink-href">href</code> content attribute, if there is such an attribute, or the
+ empty string otherwise; the <span title="concept-uu-base">base</span> is <span>the element's base
+ URL</span>; the <span title="concept-uu-query-encoding">query encoding</span> being the
+ <span>document's character encoding</span>; and the <span title="concept-uu-update">update
+ steps</span> being the same as setting the element's <code title="attr-hyperlink-href">href</code>
+ content attribute to the new output value.</p>
</div>
<!--TOPIC:HTML-->
@@ -26309,12 +26292,11 @@
<!-- if we get to this point we know we can successfully parsed the URL, since this algorithm is
only used after fetching the resource in the steps above -->
-<!--CLEANUP-->
- <p>Otherwise, if applying the <span>URL parser</span> algorithm to the
- <span>URL</span> of the specified resource (after any redirects) results in a <span>parsed URL</span>
- whose <span title="concept-url-path">path</span> component matches a pattern that a
- <span>plugin</span> supports, then the <span title="concept-embed-type">content's type</span> is
- the type that that plugin can handle.</p>
+ <p>Otherwise, if applying the <span>URL parser</span> algorithm to the <span>URL</span> of the
+ specified resource (after any redirects) results in a <span>parsed URL</span> whose <span
+ title="concept-url-path">path</span> component matches a pattern that a <span>plugin</span>
+ supports, then the <span title="concept-embed-type">content's type</span> is the type that that
+ plugin can handle.</p>
<p class="example">For example, a plugin might say that it can handle resources with <span
title="concept-url-path">path</span> components that end with the four character string "<code
@@ -26900,10 +26882,9 @@
<!-- if we get to this point we know we can successfully parsed the URL, since this
algorithm is only used after fetching the resource in the steps above -->
-<!--CLEANUP-->
- <p>If applying the <span>URL parser</span> algorithm to the
- <span>URL</span> of the specified resource (after any redirects) results in a <span>parsed URL</span>
- whose <span title="concept-url-path">path</span> component matches a pattern that a <span>plugin</span>
+ <p>If applying the <span>URL parser</span> algorithm to the <span>URL</span> of the
+ specified resource (after any redirects) results in a <span>parsed URL</span> whose <span
+ title="concept-url-path">path</span> component matches a pattern that a <span>plugin</span>
supports, then let <var title="">resource type</var> be the type that that plugin can
handle.</p>
@@ -64244,45 +64225,38 @@
</div>
-<!--CLEANUP-->
<div class="impl">
<h5>Form submission algorithm</h5>
<p>When a <code>form</code> element <var title="">form</var> is <dfn
- title="concept-form-submit">submitted</dfn> from an element <var
- title="">submitter</var> (typically a button), optionally with a
- <var title="">submitted from <code
- title="dom-form-submit">submit()</code> method</var> flag set, the
- user agent must run the following steps:</p>
+ title="concept-form-submit">submitted</dfn> from an element <var title="">submitter</var>
+ (typically a button), optionally with a <var title="">submitted from <code
+ title="dom-form-submit">submit()</code> method</var> flag set, the user agent must run the
+ following steps:</p>
<ol>
- <li><p>Let <var title="">form document</var> be the <var
- title="">form</var>'s <code>Document</code>.</p></li>
+ <li><p>Let <var title="">form document</var> be the <var title="">form</var>'s
+ <code>Document</code>.</p></li>
- <li id="sandboxSubmitBlocked"><p>If <var title="">form
- document</var> has no associated <span>browsing context</span> or
- its <span>active sandboxing flag set</span> has its
- <span>sandboxed forms browsing context flag</span> set, then abort
- these steps without doing anything.</p></li>
+ <li id="sandboxSubmitBlocked"><p>If <var title="">form document</var> has no associated
+ <span>browsing context</span> or its <span>active sandboxing flag set</span> has its
+ <span>sandboxed forms browsing context flag</span> set, then abort these steps without doing
+ anything.</p></li>
- <li><p>Let <var title="">form browsing context</var> be the
- <span>browsing context</span> of <var title="">form
- document</var>.</p></li>
+ <li><p>Let <var title="">form browsing context</var> be the <span>browsing context</span> of <var
+ title="">form document</var>.</p></li>
<!-- lock (all the following steps are skipped if called from submit() - see unlock step below) -->
- <li><p>If the <var title="">submitted from <code
- title="dom-form-submit">submit()</code> method</var> flag is not
- set, and the <var title="">submitter</var> element's <span
- title="concept-fs-novalidate">no-validate state</span> is false,
- then <span>interactively validate the constraints</span> of <var
- title="">form</var> and examine the result: if the result is
- negative (the constraint validation concluded that there were
- invalid fields and probably informed the user of this) then abort
- these steps.</p></li>
+ <li><p>If the <var title="">submitted from <code title="dom-form-submit">submit()</code>
+ method</var> flag is not set, and the <var title="">submitter</var> element's <span
+ title="concept-fs-novalidate">no-validate state</span> is false, then <span>interactively
+ validate the constraints</span> of <var title="">form</var> and examine the result: if the result
+ is negative (the constraint validation concluded that there were invalid fields and probably
+ informed the user of this) then abort these steps.</p></li>
<li><p>If the <var title="">submitted from <code title="dom-form-submit">submit()</code>
method</var> flag is not set, then <span>fire a simple event</span> that bubbles and is
@@ -64290,72 +64264,58 @@
event's default action is prevented (i.e. if the event is canceled) then abort these steps.
Otherwise, continue (effectively the default action is to perform the submission).</p></li>
- <!-- if you add any steps between the "lock" and "unlock" lines,
- make sure to update the step immediately before the "lock" line -->
+ <!-- if you add any steps between the "lock" and "unlock" lines, make sure to update the step
+ immediately before the "lock" line -->
<!-- unlock -->
- <li><p>Let <var title="">form data set</var> be the result of
- <span>constructing the form data set</span> for <var
- title="">form</var> in the context of <var
- title="">submitter</var>.</p></li>
+ <li><p>Let <var title="">form data set</var> be the result of <span>constructing the form data
+ set</span> for <var title="">form</var> in the context of <var title="">submitter</var>.</p></li>
- <li><p>Let <var title="">action</var> be the <var
- title="">submitter</var> element's <span
+ <li><p>Let <var title="">action</var> be the <var title="">submitter</var> element's <span
title="concept-fs-action">action</span>.</p></li>
<li>
- <p>If <var title="">action</var> is the empty string, let <var
- title="">action</var> be <span>the document's address</span> of
- the <var title="">form document</var>.</p>
+ <p>If <var title="">action</var> is the empty string, let <var title="">action</var> be
+ <span>the document's address</span> of the <var title="">form document</var>.</p>
- <!-- Don't ask me why. But that's what IE does. It even treats
- action="" differently from action=" " or action="#" (the latter
- two resolve to the base URL, the first one resolves to the doc
- URL). And other browsers concur. It is even required, see e.g.
+ <!-- Don't ask me why. But that's what IE does. It even treats action="" differently from
+ action=" " or action="#" (the latter two resolve to the base URL, the first one resolves to the
+ doc URL). And other browsers concur. It is even required, see e.g.
http://bugs.webkit.org/show_bug.cgi?id=7763
https://bugzilla.mozilla.org/show_bug.cgi?id=297761
-->
</li>
- <li><p><span title="resolve a url">Resolve</span> the
- <span>URL</span> <var title="">action</var>, relative to the <var
- title="">submitter</var> element. If this fails, abort these
- steps.</p></li>
+ <li><p><span title="resolve a url">Resolve</span> the <span>URL</span> <var
+ title="">action</var>, relative to the <var title="">submitter</var> element. If this fails,
+ abort these steps.</p></li>
- <li><p>Let <var title="">action</var> be the resulting
- <span>absolute URL</span>.</p></li>
+ <li><p>Let <var title="">action</var> be the resulting <span>absolute URL</span>.</p></li>
<li><p>Let <var title="">action components</var> be the resulting <span>parsed
URL</span>.</p></li>
- <li><p>Let <var title="">scheme</var> be the <span
- title="concept-url-scheme">scheme</span> of the resulting
- <span>parsed URL</span>.</p></li>
+ <li><p>Let <var title="">scheme</var> be the <span title="concept-url-scheme">scheme</span> of
+ the resulting <span>parsed URL</span>.</p></li>
- <li><p>Let <var title="">enctype</var> be the <var
- title="">submitter</var> element's <span
+ <li><p>Let <var title="">enctype</var> be the <var title="">submitter</var> element's <span
title="concept-fs-enctype">enctype</span>.</p></li>
- <li><p>Let <var title="">method</var> be the <var
- title="">submitter</var> element's <span
+ <li><p>Let <var title="">method</var> be the <var title="">submitter</var> element's <span
title="concept-fs-method">method</span>.</p></li>
- <li><p>Let <var title="">target</var> be the <var
- title="">submitter</var> element's <span
+ <li><p>Let <var title="">target</var> be the <var title="">submitter</var> element's <span
title="concept-fs-target">target</span>.</p></li>
- <li><p>If the user indicated a specific <span>browsing
- context</span> to use when submitting the form, then let <var
- title="">target browsing context</var> be that <span>browsing
- context</span>. Otherwise, apply <span>the rules for choosing a
- browsing context given a browsing context name</span> using <var
- title="">target</var> as the name and <var title="">form browsing
- context</var> as the context in which the algorithm is executed,
- and let <var title="">target browsing context</var> be the
- resulting <span>browsing context</span>.</p></li>
+ <li><p>If the user indicated a specific <span>browsing context</span> to use when submitting the
+ form, then let <var title="">target browsing context</var> be that <span>browsing context</span>.
+ Otherwise, apply <span>the rules for choosing a browsing context given a browsing context
+ name</span> using <var title="">target</var> as the name and <var title="">form browsing
+ context</var> as the context in which the algorithm is executed, and let <var title="">target
+ browsing context</var> be the resulting <span>browsing context</span>.</p></li>
<li><p>If <var title="">target browsing context</var> was created in the previous step, or,
alternatively, if the <var title="">form document</var> has not yet <span>completely
@@ -64366,15 +64326,13 @@
<li>
<p>If the value of <var title="">method</var> is <span
- title="attr-fs-method-dialog">dialog</span> then jump to the <span
- title="submit-dialog">submit dialog</span> steps.</p>
+ title="attr-fs-method-dialog">dialog</span> then jump to the <span title="submit-dialog">submit
+ dialog</span> steps.</p>
- <p>Otherwise, select the appropriate row in the table below based
- on the value of <var title="">scheme</var> as given by the first
- cell of each row. Then, select the appropriate cell on that row
- based on the value of <var title="">method</var> as given in the
- first cell of each column. Then, jump to the steps named in that
- cell and defined below the table.</p>
+ <p>Otherwise, select the appropriate row in the table below based on the value of <var
+ title="">scheme</var> as given by the first cell of each row. Then, select the appropriate cell
+ on that row based on the value of <var title="">method</var> as given in the first cell of each
+ column. Then, jump to the steps named in that cell and defined below the table.</p>
<table>
<thead>
@@ -64409,11 +64367,10 @@
<td> <span title="submit-mailto-body">Mail as body</span>
</table>
- <p>If <var title="">scheme</var> is not one of those listed in
- this table, then the behavior is not defined by this
- specification. User agents should, in the absence of another
- specification defining this, act in a manner analogous to that
- defined in this specification for similar schemes.</p>
+ <p>If <var title="">scheme</var> is not one of those listed in this table, then the behavior is
+ not defined by this specification. User agents should, in the absence of another specification
+ defining this, act in a manner analogous to that defined in this specification for similar
+ schemes.</p>
<p>The behaviors are as follows:</p>
@@ -64422,76 +64379,66 @@
<dt><dfn title="submit-mutate-action">Mutate action URL</dfn>
<dd>
- <p>Let <var title="">query</var> be the result of encoding the
- <var title="">form data set</var> using the <span><code
- title="">application/x-www-form-urlencoded</code> encoding
+ <p>Let <var title="">query</var> be the result of encoding the <var title="">form data
+ set</var> using the <span><code title="">application/x-www-form-urlencoded</code> encoding
algorithm</span>, interpreted as a US-ASCII string.</p>
- <!-- by this point we've already tried to resolve the URL, so we
- know we can parse it -->
+ <!-- by this point we've already tried to resolve the URL, so we know we can parse it -->
<p>Set <var title="">parsed action</var>'s <span title="concept-url-query">query</span>
component to <var title="">query</var>.</p>
- <p>Let <var title="">destination</var> be a new <span>URL</span>
- formed by applying the <span>URL serializer</span> algorithm to <var title="">parsed action</var>.</p>
+ <p>Let <var title="">destination</var> be a new <span>URL</span> formed by applying the
+ <span>URL serializer</span> algorithm to <var title="">parsed action</var>.</p>
- <p><span>Navigate</span><!--DONAV form--> <var title="">target
- browsing context</var> to <var title="">destination</var>. If
- <var title="">replace</var> is true, then <var title="">target
- browsing context</var> must be navigated with <span>replacement
- enabled</span>.</p>
+ <p><span>Navigate</span><!--DONAV form--> <var title="">target browsing context</var> to <var
+ title="">destination</var>. If <var title="">replace</var> is true, then <var title="">target
+ browsing context</var> must be navigated with <span>replacement enabled</span>.</p>
</dd>
<dt><dfn title="submit-body">Submit as entity body</dfn>
<dd>
- <p>Let <var title="">entity body</var> be the result of encoding
- the <var title="">form data set</var> using the
- <span>appropriate form encoding algorithm</span>.</p>
+ <p>Let <var title="">entity body</var> be the result of encoding the <var title="">form data
+ set</var> using the <span>appropriate form encoding algorithm</span>.</p>
- <p>Let <var title="">MIME type</var> be determined as
- follows:</p>
+ <p>Let <var title="">MIME type</var> be determined as follows:</p>
<dl>
- <dt>If <var title="">enctype</var> is <code title="attr-fs-enctype-urlencoded">application/x-www-form-urlencoded</code></dt>
+ <dt>If <var title="">enctype</var> is <code
+ title="attr-fs-enctype-urlencoded">application/x-www-form-urlencoded</code></dt>
<dd>Let <var title="">MIME type</var> be "<code
title="">application/x-www-form-urlencoded</code>".</dd>
- <dt>If <var title="">enctype</var> is <code title="attr-fs-enctype-formdata">multipart/form-data</code></dt>
+ <dt>If <var title="">enctype</var> is <code
+ title="attr-fs-enctype-formdata">multipart/form-data</code></dt>
- <dd>Let <var title="">MIME type</var> be the concatenation of
- the string "<code title="">multipart/form-data;</code>", a
- U+0020 SPACE character, the string "<code
- title="">boundary=</code>", and the <span><code
- title="">multipart/form-data</code> boundary string</span>
- generated by the <span><code
- title="">multipart/form-data</code> encoding
+ <dd>Let <var title="">MIME type</var> be the concatenation of the string "<code
+ title="">multipart/form-data;</code>", a U+0020 SPACE character, the string "<code
+ title="">boundary=</code>", and the <span><code title="">multipart/form-data</code> boundary
+ string</span> generated by the <span><code title="">multipart/form-data</code> encoding
algorithm</span>.</dd>
- <dt>If <var title="">enctype</var> is <code title="attr-fs-enctype-text">text/plain</code></dt>
+ <dt>If <var title="">enctype</var> is <code
+ title="attr-fs-enctype-text">text/plain</code></dt>
<dd>Let <var title="">MIME type</var> be "<code title="">text/plain</code>".</dd>
</dl>
- <!--<p>If <var title="">method</var> is anything but (GET or)
- POST, and the <span>origin</span> of <var title="">action</var>
- is not the <span>same origin</span> as that of <var
- title="">form document</var>, then abort these steps.</p> [or do
- CORS] (this is commented out since only POST can trigger this
- now, and that's historically unrestricted)-->
+ <!--<p>If <var title="">method</var> is anything but (GET or) POST, and the
+ <span>origin</span> of <var title="">action</var> is not the <span>same origin</span> as that
+ of <var title="">form document</var>, then abort these steps.</p> [or do CORS] (this is
+ commented out since only POST can trigger this now, and that's historically unrestricted)-->
- <p>Otherwise, <span>navigate</span><!--DONAV form--> <var
- title="">target browsing context</var> to <var
- title="">action</var> using the HTTP method given by <var
- title="">method</var> and with <var title="">entity body</var>
- as the entity body, of type <var title="">MIME type</var>. If
- <var title="">replace</var> is true, then <var title="">target
- browsing context</var> must be navigated with <span>replacement
+ <p>Otherwise, <span>navigate</span><!--DONAV form--> <var title="">target browsing
+ context</var> to <var title="">action</var> using the HTTP method given by <var
+ title="">method</var> and with <var title="">entity body</var> as the entity body, of type
+ <var title="">MIME type</var>. If <var title="">replace</var> is true, then <var
+ title="">target browsing context</var> must be navigated with <span>replacement
enabled</span>.</p>
</dd>
@@ -64499,11 +64446,9 @@
<dt><dfn title="submit-get-action">Get action URL</dfn>
<dd>
- <p><span>Navigate</span><!--DONAV form--> <var title="">target
- browsing context</var> to <var title="">action</var>. If <var
- title="">replace</var> is true, then <var title="">target
- browsing context</var> must be navigated with <span>replacement
- enabled</span>.</p>
+ <p><span>Navigate</span><!--DONAV form--> <var title="">target browsing context</var> to <var
+ title="">action</var>. If <var title="">replace</var> is true, then <var title="">target
+ browsing context</var> must be navigated with <span>replacement enabled</span>.</p>
<p class="note">The <var title="">form data set</var> is discarded.</p>
@@ -64512,37 +64457,29 @@
<dt><dfn title="submit-data-post">Post to data:</dfn>
<dd>
- <p>Let <var title="">data</var> be the result of encoding the
- <var title="">form data set</var> using the <span>appropriate
- form encoding algorithm</span>.</p>
+ <p>Let <var title="">data</var> be the result of encoding the <var title="">form data
+ set</var> using the <span>appropriate form encoding algorithm</span>.</p>
- <p>If <var title="">action</var> contains the string "<code
- title="">%%%%</code>" (four U+0025 PERCENT SIGN characters),
- then <span>percent encode</span> all bytes in <var title="">data</var> that, if
- interpreted as US-ASCII, are not characters in the URL <span>default encode set</span>,
- and then, treating the result as a US-ASCII string,
+ <p>If <var title="">action</var> contains the string "<code title="">%%%%</code>" (four U+0025
+ PERCENT SIGN characters), then <span>percent encode</span> all bytes in <var
+ title="">data</var> that, if interpreted as US-ASCII, are not characters in the URL
+ <span>default encode set</span>, and then, treating the result as a US-ASCII string,
<span>UTF-8 percent encode</span> all the U+0025 PERCENT SIGN characters in the resulting
- string and replace the first occurrence of "<code
- title="">%%%%</code>" in <var title="">action</var> with the
- resulting doubly-escaped string. <a
+ string and replace the first occurrence of "<code title="">%%%%</code>" in <var
+ title="">action</var> with the resulting doubly-escaped string. <a
href="#refsURL">[URL]</a></p>
- <p>Otherwise, if <var title="">action</var> contains the string
- "<code title="">%%</code>" (two U+0025 PERCENT SIGN characters
- in a row, but not four), then <span>UTF-8 percent encode</span> all characters in <var
- title="">data</var> that, if interpreted as US-ASCII,
- are not characters in the URL <span>default encode set</span>, and then, treating the result as a US-ASCII
- string, replace the first occurrence of "<code
- title="">%%</code>" in <var title="">action</var> with the
- resulting escaped string. <a
- href="#refsURL">[URL]</a></p>
+ <p>Otherwise, if <var title="">action</var> contains the string "<code title="">%%</code>"
+ (two U+0025 PERCENT SIGN characters in a row, but not four), then <span>UTF-8 percent
+ encode</span> all characters in <var title="">data</var> that, if interpreted as US-ASCII, are
+ not characters in the URL <span>default encode set</span>, and then, treating the result as a
+ US-ASCII string, replace the first occurrence of "<code title="">%%</code>" in <var
+ title="">action</var> with the resulting escaped string. <a href="#refsURL">[URL]</a></p>
- <p><span>Navigate</span><!--DONAV form--> <var title="">target
- browsing context</var> to the potentially modified <var
- title="">action</var> (which will be a <span title="data
- protocol"><code title="">data:</code> URL</span>). If <var
- title="">replace</var> is true, then <var title="">target
- browsing context</var> must be navigated with <span>replacement
+ <p><span>Navigate</span><!--DONAV form--> <var title="">target browsing context</var> to the
+ potentially modified <var title="">action</var> (which will be a <span title="data
+ protocol"><code title="">data:</code> URL</span>). If <var title="">replace</var> is true,
+ then <var title="">target browsing context</var> must be navigated with <span>replacement
enabled</span>.</p>
</dd>
@@ -64550,77 +64487,61 @@
<dt><dfn title="submit-mailto-headers">Mail with headers</dfn>
<dd>
- <p>Let <var title="">headers</var> be the resulting encoding the
- <var title="">form data set</var> using the <span><code
- title="">application/x-www-form-urlencoded</code> encoding
+ <p>Let <var title="">headers</var> be the resulting encoding the <var title="">form data
+ set</var> using the <span><code title="">application/x-www-form-urlencoded</code> encoding
algorithm</span>, interpreted as a US-ASCII string.</p>
- <p>Replace occurrences of U+002B PLUS SIGN characters (+) in
- <var title="">headers</var> with the string "<code
- title="">%20</code>".</p>
+ <p>Replace occurrences of U+002B PLUS SIGN characters (+) in <var title="">headers</var> with
+ the string "<code title="">%20</code>".</p>
- <p>Let <var title="">destination</var> consist of all the
- characters from the first character in <var
- title="">action</var> to the character immediately before the
- first U+003F QUESTION MARK character (?), if any, or the end of
- the string if there are none.</p>
+ <p>Let <var title="">destination</var> consist of all the characters from the first character
+ in <var title="">action</var> to the character immediately before the first U+003F QUESTION
+ MARK character (?), if any, or the end of the string if there are none.</p>
- <p>Append a single U+003F QUESTION MARK character (?) to <var
- title="">destination</var>.</p>
+ <p>Append a single U+003F QUESTION MARK character (?) to <var title="">destination</var>.</p>
- <p>Append <var title="">headers</var> to <var
- title="">destination</var>.</p>
+ <p>Append <var title="">headers</var> to <var title="">destination</var>.</p>
- <p><span>Navigate</span><!--DONAV form--> <var title="">target
- browsing context</var> to <var title="">destination</var>. If
- <var title="">replace</var> is true, then <var title="">target
- browsing context</var> must be navigated with <span>replacement
- enabled</span>.</p>
+ <p><span>Navigate</span><!--DONAV form--> <var title="">target browsing context</var> to <var
+ title="">destination</var>. If <var title="">replace</var> is true, then <var title="">target
+ browsing context</var> must be navigated with <span>replacement enabled</span>.</p>
</dd>
<dt><dfn title="submit-mailto-body">Mail as body</dfn>
<dd>
- <p>Let <var title="">body</var> be the resulting of encoding the
- <var title="">form data set</var> using the <span>appropriate
- form encoding algorithm</span> and then <span title="percent encode">percent encoding</span> all the bytes
- in the resulting byte string that, when interpreted as US-ASCII,
- are not characters in the URL <span>default encode set</span>. <a href="#refsURL">[URL]</a></p>
+ <p>Let <var title="">body</var> be the resulting of encoding the <var title="">form data
+ set</var> using the <span>appropriate form encoding algorithm</span> and then <span
+ title="percent encode">percent encoding</span> all the bytes in the resulting byte string
+ that, when interpreted as US-ASCII, are not characters in the URL <span>default encode
+ set</span>. <a href="#refsURL">[URL]</a></p>
- <p>Let <var title="">destination</var> have the same value as
- <var title="">action</var>.</p>
+ <p>Let <var title="">destination</var> have the same value as <var title="">action</var>.</p>
- <p>If <var title="">destination</var> does not contain a U+003F
- QUESTION MARK character (?), append a single U+003F QUESTION
- MARK character (?) to <var
- title="">destination</var>. Otherwise, append a single U+0026
- AMPERSAND character (&).</p>
+ <p>If <var title="">destination</var> does not contain a U+003F QUESTION MARK character (?),
+ append a single U+003F QUESTION MARK character (?) to <var title="">destination</var>.
+ Otherwise, append a single U+0026 AMPERSAND character (&).</p>
- <p>Append the string "<code title="">body=</code>" to <var
+ <p>Append the string "<code title="">body=</code>" to <var title="">destination</var>.</p>
+
+ <p>Append <var title="">body</var>, interpreted as a US-ASCII string, to <var
title="">destination</var>.</p>
- <p>Append <var title="">body</var>, interpreted as a US-ASCII
- string, to <var title="">destination</var>.</p>
+ <p><span>Navigate</span><!--DONAV form--> <var title="">target browsing context</var> to <var
+ title="">destination</var>. If <var title="">replace</var> is true, then <var title="">target
+ browsing context</var> must be navigated with <span>replacement enabled</span>.</p>
- <p><span>Navigate</span><!--DONAV form--> <var title="">target
- browsing context</var> to <var title="">destination</var>. If
- <var title="">replace</var> is true, then <var title="">target
- browsing context</var> must be navigated with <span>replacement
- enabled</span>.</p>
-
</dd>
<dt><dfn title="submit-dialog">Submit dialog</dfn>
<dd>
- <p>Let <var title="">dialog</var> be the nearest ancestor
- <code>dialog</code> element of <var title="">form</var>, if
- any.</p>
+ <p>Let <var title="">dialog</var> be the nearest ancestor <code>dialog</code> element of <var
+ title="">form</var>, if any.</p>
- <p>If there isn't one, do nothing. Otherwise, proceed as
- follows:</p>
+ <p>If there isn't one, do nothing. Otherwise, proceed as follows:</p>
<p>If <var title="">submitter</var> is an <code>input</code> element whose <code
title="attr-input-type">type</code> attribute is in the <span
@@ -64633,15 +64554,13 @@
title="">x</var>-component.</p>
<p>Otherwise, if <var title="">submitter</var> has a <span
- title="concept-fe-value">value</span>, then let <var
- title="">result</var> be that <span
+ title="concept-fe-value">value</span>, then let <var title="">result</var> be that <span
title="concept-fe-value">value</span>.</p>
<p>Otherwise, there is no <var title="">result</var>.</p>
- <p>Then, <span>close the dialog</span> <var
- title="">dialog</var>. If there is a <var title="">result</var>,
- let that be the return value.</p>
+ <p>Then, <span>close the dialog</span> <var title="">dialog</var>. If there is a <var
+ title="">result</var>, let that be the return value.</p>
</dd>
@@ -64652,22 +64571,20 @@
<dl>
- <dt>If <var title="">enctype</var> is <code title="attr-fs-enctype-urlencoded">application/x-www-form-urlencoded</code></dt>
+ <dt>If <var title="">enctype</var> is <code
+ title="attr-fs-enctype-urlencoded">application/x-www-form-urlencoded</code></dt>
- <dd>Use the <span><code
- title="">application/x-www-form-urlencoded</code> encoding
+ <dd>Use the <span><code title="">application/x-www-form-urlencoded</code> encoding
algorithm</span>.</dd>
- <dt>If <var title="">enctype</var> is <code title="attr-fs-enctype-formdata">multipart/form-data</code></dt>
+ <dt>If <var title="">enctype</var> is <code
+ title="attr-fs-enctype-formdata">multipart/form-data</code></dt>
- <dd>Use the <span><code
- title="">multipart/form-data</code> encoding
- algorithm</span>.</dd>
+ <dd>Use the <span><code title="">multipart/form-data</code> encoding algorithm</span>.</dd>
<dt>If <var title="">enctype</var> is <code title="attr-fs-enctype-text">text/plain</code></dt>
- <dd>Use the <span><code title="">text/plain</code> encoding
- algorithm</span>.</dd>
+ <dd>Use the <span><code title="">text/plain</code> encoding algorithm</span>.</dd>
</dl>
@@ -64678,73 +64595,60 @@
<h5 id="constructing-form-data-set">Constructing the form data set</h5>
- <p>The algorithm to <dfn title="constructing the form data
- set">construct the form data set</dfn> for a form <var
- title="">form</var> optionally in the context of a submitter <var
- title="">submitter</var> is as follows. If not specified otherwise,
- <var title="">submitter</var> is null.</p>
+ <p>The algorithm to <dfn title="constructing the form data set">construct the form data set</dfn>
+ for a form <var title="">form</var> optionally in the context of a submitter <var
+ title="">submitter</var> is as follows. If not specified otherwise, <var title="">submitter</var>
+ is null.</p>
<ol>
<li><p>Let <var title="">controls</var> be a list of all the <span
- title="category-submit">submittable elements</span> whose
- <span>form owner</span> is <var title="">form</var>, in <span>tree
- order</span>.</p></li>
+ title="category-submit">submittable elements</span> whose <span>form owner</span> is <var
+ title="">form</var>, in <span>tree order</span>.</p></li>
- <li><p>Let the <var title="">form data set</var> be a list of
- name-value-type tuples, initially empty.</p></li>
+ <li><p>Let the <var title="">form data set</var> be a list of name-value-type tuples, initially
+ empty.</p></li>
<li>
- <p><i>Loop</i>: For each element <var title="">field</var> in <var
- title="">controls</var>, in <span>tree order</span>, run the
- following substeps:</p>
+ <p><i>Loop</i>: For each element <var title="">field</var> in <var title="">controls</var>, in
+ <span>tree order</span>, run the following substeps:</p>
<ol>
<li>
- <p>If any of the following conditions are met, then skip these
- substeps for this element:</p>
+ <p>If any of the following conditions are met, then skip these substeps for this element:</p>
<ul>
- <li>The <var title="">field</var> element has a
- <code>datalist</code> element ancestor.</li>
+ <li>The <var title="">field</var> element has a <code>datalist</code> element ancestor.</li>
<li>The <var title="">field</var> element is <span
title="concept-fe-disabled">disabled</span>.</li>
- <li>The <var title="">field</var> element is a <span
- title="concept-button">button</span> but it is not <var
- title="">submitter</var>.</li>
+ <li>The <var title="">field</var> element is a <span title="concept-button">button</span> but
+ it is not <var title="">submitter</var>.</li>
- <li>The <var title="">field</var> element is an
- <code>input</code> element whose <code
+ <li>The <var title="">field</var> element is an <code>input</code> element whose <code
title="attr-input-type">type</code> attribute is in the <span
- title="attr-input-type-checkbox">Checkbox</span> state and
- whose <span title="concept-fe-checked">checkedness</span> is
- false.</li>
+ title="attr-input-type-checkbox">Checkbox</span> state and whose <span
+ title="concept-fe-checked">checkedness</span> is false.</li>
- <li>The <var title="">field</var> element is an
- <code>input</code> element whose <code
+ <li>The <var title="">field</var> element is an <code>input</code> element whose <code
title="attr-input-type">type</code> attribute is in the <span
- title="attr-input-type-radio">Radio Button</span> state and
- whose <span title="concept-fe-checked">checkedness</span> is
- false.</li>
+ title="attr-input-type-radio">Radio Button</span> state and whose <span
+ title="concept-fe-checked">checkedness</span> is false.</li>
- <li>The <var title="">field</var> element is not an
- <code>input</code> element whose <code
+ <li>The <var title="">field</var> element is not an <code>input</code> element whose <code
title="attr-input-type">type</code> attribute is in the <span
- title="attr-input-type-image">Image Button</span> state, and
- either the <var title="">field</var> element does not have a
- <code title="attr-fe-name">name</code> attribute specified, or
- its <code title="attr-fe-name">name</code> attribute's value is
- the empty string.</li>
+ title="attr-input-type-image">Image Button</span> state, and either the <var
+ title="">field</var> element does not have a <code title="attr-fe-name">name</code> attribute
+ specified, or its <code title="attr-fe-name">name</code> attribute's value is the empty
+ string.</li>
- <li>The <var title="">field</var> element is an
- <code>object</code> element that is not using a
- <span>plugin</span>.</li>
+ <li>The <var title="">field</var> element is an <code>object</code> element that is not using
+ a <span>plugin</span>.</li>
</ul>
@@ -64752,174 +64656,138 @@
</li>
- <li><p>Let <var title="">type</var> be the value of the <code
- title="">type</code> IDL attribute of <var
- title="">field</var>.</p></li> <!-- if the field is an <object>
- element, this will get ignored. -->
+ <li><p>Let <var title="">type</var> be the value of the <code title="">type</code> IDL
+ attribute of <var title="">field</var>.</p></li> <!-- if the field is an <object> element, this
+ will get ignored. -->
<li>
- <p>If the <var title="">field</var> element is an
- <code>input</code> element whose <code
+ <p>If the <var title="">field</var> element is an <code>input</code> element whose <code
title="attr-input-type">type</code> attribute is in the <span
- title="attr-input-type-image">Image Button</span> state,
- then run these further nested substeps:</p>
+ title="attr-input-type-image">Image Button</span> state, then run these further nested
+ substeps:</p>
<ol>
- <li><p>If the <var title="">field</var> element has a <code
- title="attr-fe-name">name</code> attribute specified and its
- value is not the empty string, let <var title="">name</var> be
- that value followed by a single U+002E FULL STOP character (.).
- Otherwise, let <var title="">name</var> be the empty
- string.</p></li>
+ <li><p>If the <var title="">field</var> element has a <code title="attr-fe-name">name</code>
+ attribute specified and its value is not the empty string, let <var title="">name</var> be
+ that value followed by a single U+002E FULL STOP character (.). Otherwise, let <var
+ title="">name</var> be the empty string.</p></li>
- <li><p>Let <var title="">name<sub title="">x</sub></var> be the
- string consisting of the concatenation of <var
- title="">name</var> and a single U+0078 LATIN SMALL LETTER X
- character (x).</p></li>
+ <li><p>Let <var title="">name<sub title="">x</sub></var> be the string consisting of the
+ concatenation of <var title="">name</var> and a single U+0078 LATIN SMALL LETTER X character
+ (x).</p></li>
- <li><p>Let <var title="">name<sub title="">y</sub></var> be the
- string consisting of the concatenation of <var
- title="">name</var> and a single U+0079 LATIN SMALL LETTER Y
- character (y).</p></li>
+ <li><p>Let <var title="">name<sub title="">y</sub></var> be the string consisting of the
+ concatenation of <var title="">name</var> and a single U+0079 LATIN SMALL LETTER Y character
+ (y).</p></li>
- <li><p>The <var title="">field</var> element is <var
- title="">submitter</var>, and before this algorithm was invoked
- the user <span
- title="concept-input-type-image-coordinate">indicated a
- coordinate</span>. Let <var title="">x</var> be the <var
- title="">x</var>-component of the coordinate selected by the
- user, and let <var title="">y</var> be the <var
- title="">y</var>-component of the coordinate selected by the
- user.</p></li>
+ <li><p>The <var title="">field</var> element is <var title="">submitter</var>, and before
+ this algorithm was invoked the user <span
+ title="concept-input-type-image-coordinate">indicated a coordinate</span>. Let <var
+ title="">x</var> be the <var title="">x</var>-component of the coordinate selected by the
+ user, and let <var title="">y</var> be the <var title="">y</var>-component of the coordinate
+ selected by the user.</p></li>
- <li><p>Append an entry to the <var title="">form data set</var>
- with the name <var title="">name<sub title="">x</sub></var>,
- the value <var title="">x</var>, and the type <var
+ <li><p>Append an entry to the <var title="">form data set</var> with the name <var
+ title="">name<sub title="">x</sub></var>, the value <var title="">x</var>, and the type <var
title="">type</var>.</p></li>
- <li><p>Append an entry to the <var title="">form data set</var>
- with the name <var title="">name<sub title="">y</sub></var> and
- the value <var title="">y</var>, and the type <var
- title="">type</var>.</p></li>
+ <li><p>Append an entry to the <var title="">form data set</var> with the name <var
+ title="">name<sub title="">y</sub></var> and the value <var title="">y</var>, and the type
+ <var title="">type</var>.</p></li>
- <li><p>Skip the remaining substeps for this element: if there
- are any more elements in <var title="">controls</var>, return
- to the top of the <i>loop</i> step, otherwise, jump to the
+ <li><p>Skip the remaining substeps for this element: if there are any more elements in <var
+ title="">controls</var>, return to the top of the <i>loop</i> step, otherwise, jump to the
<i>end</i> step below.</p></li>
</ol>
</li>
- <li><p>Let <var title="">name</var> be the value of the <var
- title="">field</var> element's <code
- title="attr-fe-name">name</code> attribute.</p></li>
+ <li><p>Let <var title="">name</var> be the value of the <var title="">field</var> element's
+ <code title="attr-fe-name">name</code> attribute.</p></li>
- <li><p>If the <var title="">field</var> element is a
- <code>select</code> element, then for each <code>option</code>
- element in the <code>select</code> element whose <span
- title="concept-option-selectedness">selectedness</span> is true and that is not <span title="concept-option-disabled">disabled</span>,
- append an entry to the <var title="">form data set</var> with the
- <var title="">name</var> as the name, the <span
- title="concept-option-value">value</span> of the
- <code>option</code> element as the value, and <var
- title="">type</var> as the type.</p></li>
+ <li><p>If the <var title="">field</var> element is a <code>select</code> element, then for each
+ <code>option</code> element in the <code>select</code> element whose <span
+ title="concept-option-selectedness">selectedness</span> is true and that is not <span
+ title="concept-option-disabled">disabled</span>, append an entry to the <var title="">form data
+ set</var> with the <var title="">name</var> as the name, the <span
+ title="concept-option-value">value</span> of the <code>option</code> element as the value, and
+ <var title="">type</var> as the type.</p></li>
<li>
- <p>Otherwise, if the <var title="">field</var> element is an
- <code>input</code> element whose <code
- title="attr-input-type">type</code> attribute is in the <span
- title="attr-input-type-checkbox">Checkbox</span> state or the
- <span title="attr-input-type-radio">Radio Button</span> state,
- then run these further nested substeps:</p>
+ <p>Otherwise, if the <var title="">field</var> element is an <code>input</code> element whose
+ <code title="attr-input-type">type</code> attribute is in the <span
+ title="attr-input-type-checkbox">Checkbox</span> state or the <span
+ title="attr-input-type-radio">Radio Button</span> state, then run these further nested
+ substeps:</p>
<ol>
<li><p>If the <var title="">field</var> element has a <code
- title="attr-input-value">value</code> attribute specified, then
- let <var title="">value</var> be the value of that attribute;
- otherwise, let <var title="">value</var> be the string
- "<code title="">on</code>".</p></li>
+ title="attr-input-value">value</code> attribute specified, then let <var title="">value</var>
+ be the value of that attribute; otherwise, let <var title="">value</var> be the string "<code
+ title="">on</code>".</p></li>
- <li><p>Append an entry to the <var title="">form data set</var>
- with <var title="">name</var> as the name, <var
- title="">value</var> as the value, and <var title="">type</var>
- as the type.</p></li>
+ <li><p>Append an entry to the <var title="">form data set</var> with <var title="">name</var>
+ as the name, <var title="">value</var> as the value, and <var title="">type</var> as the
+ type.</p></li>
</ol>
</li>
- <li><p>Otherwise, if the <var title="">field</var> element is an
- <code>input</code> element whose <code
- title="attr-input-type">type</code> attribute is in the <span
- title="attr-input-type-file">File Upload</span> state, then for
- each file <span
- title="concept-input-type-file-selected">selected</span> in the
- <code>input</code> element, append an entry to the <var
- title="">form data set</var> with the <var title="">name</var> as
- the name, the file (consisting of the name, the type, and the
- body) as the value, and <var title="">type</var> as the type. If
- there are no <span
- title="concept-input-type-file-selected">selected files</span>,
- then append an entry to the <var title="">form data set</var>
- with the <var title="">name</var> as the name, the empty string
- as the value, and <code>application/octet-stream</code> as the
- type.</p></li>
- <!-- https://bugzilla.mozilla.org/show_bug.cgi?id=529859 -->
+ <li><p>Otherwise, if the <var title="">field</var> element is an <code>input</code> element
+ whose <code title="attr-input-type">type</code> attribute is in the <span
+ title="attr-input-type-file">File Upload</span> state, then for each file <span
+ title="concept-input-type-file-selected">selected</span> in the <code>input</code> element,
+ append an entry to the <var title="">form data set</var> with the <var title="">name</var> as
+ the name, the file (consisting of the name, the type, and the body) as the value, and <var
+ title="">type</var> as the type. If there are no <span
+ title="concept-input-type-file-selected">selected files</span>, then append an entry to the
+ <var title="">form data set</var> with the <var title="">name</var> as the name, the empty
+ string as the value, and <code>application/octet-stream</code> as the type.</p></li> <!--
+ https://bugzilla.mozilla.org/show_bug.cgi?id=529859 -->
- <li><p>Otherwise, if the <var title="">field</var> element is an
- <code>object</code> element: try to obtain a form submission
- value from the <span>plugin</span><!-- using NPAPI's
- NPP_GetValue() entry point with the NPPVformValue variable -->,
- and if that is successful, append an entry to the <var
- title="">form data set</var> with <var title="">name</var> as the
- name, the returned form submission value as the value, and the
- string "<code title="">object</code>" as the type.</p></li>
+ <li><p>Otherwise, if the <var title="">field</var> element is an <code>object</code> element:
+ try to obtain a form submission value from the <span>plugin</span><!-- using NPAPI's
+ NPP_GetValue() entry point with the NPPVformValue variable -->, and if that is successful,
+ append an entry to the <var title="">form data set</var> with <var title="">name</var> as the
+ name, the returned form submission value as the value, and the string "<code
+ title="">object</code>" as the type.</p></li>
- <li><p>Otherwise, append an entry to the <var title="">form data
- set</var> with <var title="">name</var> as the name, the <span
- title="concept-fe-value">value</span> of the <var
- title="">field</var> element as the value, and <var
- title="">type</var> as the type.</p></li>
+ <li><p>Otherwise, append an entry to the <var title="">form data set</var> with <var
+ title="">name</var> as the name, the <span title="concept-fe-value">value</span> of the <var
+ title="">field</var> element as the value, and <var title="">type</var> as the type.</p></li>
<li>
- <p>If the element has a <code
- title="attr-fe-dirname">dirname</code> attribute, and that
- attribute's value is not the empty string, then run these
- substeps:</p>
+ <p>If the element has a <code title="attr-fe-dirname">dirname</code> attribute, and that
+ attribute's value is not the empty string, then run these substeps:</p>
<ol>
- <li><p>Let <var title="">dirname</var> be the value of the
- element's <code title="attr-fe-dirname">dirname</code>
- attribute.</p></li>
+ <li><p>Let <var title="">dirname</var> be the value of the element's <code
+ title="attr-fe-dirname">dirname</code> attribute.</p></li>
- <li><p>Let <var title="">dir</var> be the string "<code
- title="">ltr</code>" if <span>the directionality</span> of the
- element is '<span title="concept-ltr">ltr</span>', and "<code
- title="">rtl</code>" otherwise (i.e. when <span>the
- directionality</span> of the element is '<span
- title="concept-rtl">rtl</span>').</p></li>
+ <li><p>Let <var title="">dir</var> be the string "<code title="">ltr</code>" if <span>the
+ directionality</span> of the element is '<span title="concept-ltr">ltr</span>', and "<code
+ title="">rtl</code>" otherwise (i.e. when <span>the directionality</span> of the element is
+ '<span title="concept-rtl">rtl</span>').</p></li>
- <li><p>Append an entry to the <var title="">form data set</var>
- with <var title="">dirname</var> as the name, <var
- title="">dir</var> as the value, and the string "<code
- title="">direction</code>" as the type.</p></li>
+ <li><p>Append an entry to the <var title="">form data set</var> with <var
+ title="">dirname</var> as the name, <var title="">dir</var> as the value, and the string
+ "<code title="">direction</code>" as the type.</p></li>
</ol>
- <p class="note">An element can only have a <code
- title="attr-fe-dirname">dirname</code> attribute if it is a
- <code>textarea</code> element or an <code>input</code> element
- whose <code title="attr-input-type">type</code> attribute is in
- either the <span title="attr-input-type-text">Text</span> state
- or the <span title="attr-input-type-search">Search</span>
- state.</p>
+ <p class="note">An element can only have a <code title="attr-fe-dirname">dirname</code>
+ attribute if it is a <code>textarea</code> element or an <code>input</code> element whose
+ <code title="attr-input-type">type</code> attribute is in either the <span
+ title="attr-input-type-text">Text</span> state or the <span
+ title="attr-input-type-search">Search</span> state.</p>
</li>
@@ -64929,28 +64797,21 @@
<li>
- <p><i>End</i>: For the name of each entry in the <var
- title="">form data set</var>, and for the value of each entry in
- the <var title="">form data set</var> whose type is not "<code
- title="">file</code>" or "<code title="">textarea</code>", replace
- every occurrence of a U+000D CARRIAGE RETURN (CR) character not
- followed by a U+000A LINE FEED (LF) character, and every
- occurrence of a U+000A LINE FEED (LF) character not preceded by a
- U+000D CARRIAGE RETURN (CR) character, by a two-character string
- consisting of a U+000D CARRIAGE RETURN U+000A LINE FEED (CRLF)
- character pair.</p>
+ <p><i>End</i>: For the name of each entry in the <var title="">form data set</var>, and for the
+ value of each entry in the <var title="">form data set</var> whose type is not "<code
+ title="">file</code>" or "<code title="">textarea</code>", replace every occurrence of a U+000D
+ CARRIAGE RETURN (CR) character not followed by a U+000A LINE FEED (LF) character, and every
+ occurrence of a U+000A LINE FEED (LF) character not preceded by a U+000D CARRIAGE RETURN (CR)
+ character, by a two-character string consisting of a U+000D CARRIAGE RETURN U+000A LINE FEED
+ (CRLF) character pair.</p>
- <p class="note">In the case of the <span
- title="concept-fe-value">value</span> of <code>textarea</code>
- elements, this newline normalization is already performed during
- the conversion of the control's <span
- title="concept-textarea-raw-value">raw value</span> into the
- control's <span title="concept-fe-value">value</span> (which also
- performs any necessary line wrapping). In the case of
- <code>input</code> elements <code
- title="attr-input-type">type</code> attributes in the <span
- title="attr-input-type-file">File Upload</span> state, the value
- is not normalized.</p>
+ <p class="note">In the case of the <span title="concept-fe-value">value</span> of
+ <code>textarea</code> elements, this newline normalization is already performed during the
+ conversion of the control's <span title="concept-textarea-raw-value">raw value</span> into the
+ control's <span title="concept-fe-value">value</span> (which also performs any necessary line
+ wrapping). In the case of <code>input</code> elements <code title="attr-input-type">type</code>
+ attributes in the <span title="attr-input-type-file">File Upload</span> state, the value is not
+ normalized.</p>
</li>
@@ -65013,20 +64874,16 @@
<h5>URL-encoded form data</h5>
- <p class="note">This form data set encoding is in many ways an
- aberrant monstrosity, the result of many years of implementation
- accidents and compromises leading to a set of requirements necessary
- for interoperability, but in no way representing good design
- practices. In particular, readers are cautioned to pay close
- attention to the twisted details involving repeated (and in some
- cases nested) conversions between character encodings and byte
- sequences.</p>
+ <p class="note">This form data set encoding is in many ways an aberrant monstrosity, the result of
+ many years of implementation accidents and compromises leading to a set of requirements necessary
+ for interoperability, but in no way representing good design practices. In particular, readers are
+ cautioned to pay close attention to the twisted details involving repeated (and in some cases
+ nested) conversions between character encodings and byte sequences.</p>
<div class="impl">
- <p>The <dfn><code
- title="">application/x-www-form-urlencoded</code> encoding
- algorithm</dfn> is as follows:</p>
+ <p>The <dfn><code title="">application/x-www-form-urlencoded</code> encoding algorithm</dfn> is as
+ follows:</p>
<ol>
@@ -65054,28 +64911,23 @@
<li>
- <p>For each entry in the <var title="">form data set</var>,
- perform these substeps:</p>
+ <p>For each entry in the <var title="">form data set</var>, perform these substeps:</p>
<ol>
- <li><p>If the entry's name is "<code title="attr-fe-name-charset">_charset_</code>"
- and its type is "<code title="">hidden</code>", replace its value
- with <var title="">charset</var>.</p></li>
+ <li><p>If the entry's name is "<code title="attr-fe-name-charset">_charset_</code>" and its
+ type is "<code title="">hidden</code>", replace its value with <var
+ title="">charset</var>.</p></li>
- <li><p>If the entry's type is "<code title="">file</code>",
- replace its value with the file's filename only.</p></li> <!--
- this is not present in the next section -->
+ <li><p>If the entry's type is "<code title="">file</code>", replace its value with the file's
+ filename only.</p></li> <!-- this is not present in the next section -->
- <li><p>For each character in the entry's name and value that
- cannot be expressed using the selected character encoding,
- replace the character by a string consisting of a U+0026
- AMPERSAND character (&), a U+0023 NUMBER SIGN character (#),
- one or more <span>ASCII digits</span> representing the Unicode code point of the
- character in base ten, and finally a U+003B SEMICOLON character
- (;).</p></li><!-- we should say it should be the shortest
- possible string, no leading zeros. this whole step is asinine,
- though, so... -->
+ <li><p>For each character in the entry's name and value that cannot be expressed using the
+ selected character encoding, replace the character by a string consisting of a U+0026 AMPERSAND
+ character (&), a U+0023 NUMBER SIGN character (#), one or more <span>ASCII digits</span>
+ representing the Unicode code point of the character in base ten, and finally a U+003B
+ SEMICOLON character (;).</p></li><!-- we should say it should be the shortest possible string,
+ no leading zeros. this whole step is asinine, though, so... -->
<!-- this is where the similarities with the next section end -->
@@ -65088,21 +64940,21 @@
<li>
- <p>For each byte in the entry's name and value, apply the
- appropriate subsubsteps from the following list:</p>
+ <p>For each byte in the entry's name and value, apply the appropriate subsubsteps from the
+ following list:</p>
<dl class="switch">
<dt>The byte is 0x20 (U+0020 SPACE if interpreted as ASCII)</dt>
- <dd>Replace the byte with a single 0x2B byte (U+002B PLUS SIGN
- character (+) if interpreted as ASCII).</dd>
+ <dd>Replace the byte with a single 0x2B byte (U+002B PLUS SIGN character (+) if interpreted
+ as ASCII).</dd>
<!-- * - . 0-9 a-z _ A-Z -->
- <dt>If the byte is in the range 0x2A, 0x2D, 0x2E, 0x30 to 0x39,
- 0x41 to 0x5A, 0x5F, 0x61 to 0x7A</dt>
+ <dt>If the byte is in the range 0x2A, 0x2D, 0x2E, 0x30 to 0x39, 0x41 to 0x5A, 0x5F, 0x61 to
+ 0x7A</dt>
<dd><p>Leave the byte as is.</p></dd>
@@ -65117,12 +64969,11 @@
(%) followed by <span>uppercase ASCII hex digits</span> representing the hexadecimal value
of the byte in question (zero-padded if necessary).</p></li>
- <li><p>Encode the string <var title="">s</var> as US-ASCII,
- so that it is now a byte string.</p>
+ <li><p>Encode the string <var title="">s</var> as US-ASCII, so that it is now a byte
+ string.</p>
- <li><p>Replace the byte in question in the name or value
- being processed by the bytes in <var title="">s</var>,
- preserving their relative order.</p></li>
+ <li><p>Replace the byte in question in the name or value being processed by the bytes in
+ <var title="">s</var>, preserving their relative order.</p></li>
</ol>
@@ -65134,60 +64985,48 @@
<li>
- <p>Interpret the entry's name and value as Unicode strings
- encoded in US-ASCII. (All of the bytes in the string will be in
- the range 0x00 to 0x7F; the high bit will be zero throughout.)
+ <p>Interpret the entry's name and value as Unicode strings encoded in US-ASCII. (All of the
+ bytes in the string will be in the range 0x00 to 0x7F; the high bit will be zero throughout.)
The entry's name and value are now Unicode strings again.</p>
</li>
- <li><p>If the entry's name is "<code
- title="attr-fe-name-isindex">isindex</code>", its type is "<code
- title="">text</code>", and this is the first entry in the <var
- title="">form data set</var>, then append the value to <var
- title="">result</var> and skip the rest of the substeps for this
- entry, moving on to the next entry, if any, or the next step in
- the overall algorithm otherwise.</p></li>
+ <li><p>If the entry's name is "<code title="attr-fe-name-isindex">isindex</code>", its type is
+ "<code title="">text</code>", and this is the first entry in the <var title="">form data
+ set</var>, then append the value to <var title="">result</var> and skip the rest of the
+ substeps for this entry, moving on to the next entry, if any, or the next step in the overall
+ algorithm otherwise.</p></li>
- <li><p>If this is not the first entry, append a single U+0026
- AMPERSAND character (&) to <var
- title="">result</var>.</p></li>
+ <li><p>If this is not the first entry, append a single U+0026 AMPERSAND character (&) to
+ <var title="">result</var>.</p></li>
- <li><p>Append the entry's name to <var
- title="">result</var>.</p></li>
+ <li><p>Append the entry's name to <var title="">result</var>.</p></li>
- <li><p>Append a single U+003D EQUALS SIGN character (=) to <var
- title="">result</var>.</p></li>
+ <li><p>Append a single U+003D EQUALS SIGN character (=) to <var title="">result</var>.</p></li>
- <li><p>Append the entry's value to <var
- title="">result</var>.</p></li>
+ <li><p>Append the entry's value to <var title="">result</var>.</p></li>
</ol>
</li>
- <li><p>Encode <var title="">result</var> as US-ASCII and return the
- resulting byte stream.</p></li>
+ <li><p>Encode <var title="">result</var> as US-ASCII and return the resulting byte
+ stream.</p></li>
</ol>
</div>
- <p>To <dfn title="application/x-www-form-urlencoded decoding
- algorithm">decode <code>application/x-www-form-urlencoded</code>
- payloads</dfn>, the following algorithm should be used. This
- algorithm uses as inputs the payload itself, <var
- title="">payload</var>, consisting of a Unicode string using only
- characters in the range U+0000 to U+007F; a default character
- encoding <var title="">encoding</var>; and optionally an <var
- title="">isindex</var> flag indicating that the payload is to be
- processed as if it had been generated for a form containing an <code
- title="attr-fe-name-isindex">isindex</code> control. The output of
- this algorithm is a sorted list of name-value pairs. If the <var
- title="">isindex</var> flag is set and the first control really was
- an <code title="attr-fe-name-isindex">isindex</code> control, then
- the first name-value pair will have as its name the empty
- string.</p>
+ <p>To <dfn title="application/x-www-form-urlencoded decoding algorithm">decode
+ <code>application/x-www-form-urlencoded</code> payloads</dfn>, the following algorithm should be
+ used. This algorithm uses as inputs the payload itself, <var title="">payload</var>, consisting of
+ a Unicode string using only characters in the range U+0000 to U+007F; a default character encoding
+ <var title="">encoding</var>; and optionally an <var title="">isindex</var> flag indicating that
+ the payload is to be processed as if it had been generated for a form containing an <code
+ title="attr-fe-name-isindex">isindex</code> control. The output of this algorithm is a sorted list
+ of name-value pairs. If the <var title="">isindex</var> flag is set and the first control really
+ was an <code title="attr-fe-name-isindex">isindex</code> control, then the first name-value pair
+ will have as its name the empty string.</p>
<ol>
@@ -65196,105 +65035,90 @@
string</span> <var title="">payload</var> on U+0026 AMPERSAND
characters (&).</p></li>
- <li><p>If the <var title="">isindex</var> flag is set and the first
- string in <var title="">strings</var> does not contain a U+003D
- EQUALS SIGN character (=), insert a U+003D EQUALS SIGN character
- (=) at the start of the first string in <var
+ <li><p>If the <var title="">isindex</var> flag is set and the first string in <var
+ title="">strings</var> does not contain a U+003D EQUALS SIGN character (=), insert a U+003D
+ EQUALS SIGN character (=) at the start of the first string in <var
title="">strings</var>.</p></li>
- <li><p>Let <var title="">pairs</var> be an empty list of name-value
- pairs.</p></li>
+ <li><p>Let <var title="">pairs</var> be an empty list of name-value pairs.</p></li>
<li>
- <p>For each string <var title="">string</var> in <var
- title="">strings</var>, run these substeps:</p>
+ <p>For each string <var title="">string</var> in <var title="">strings</var>, run these
+ substeps:</p>
<ol>
<li>
- <p>If <var title="">string</var> contains a U+003D EQUALS SIGN
- character (=), then let <var title="">name</var> be the
- substring of <var title="">string</var> from the start of <var
- title="">string</var> up to but excluding its first U+003D
- EQUALS SIGN character (=), and let <var title="">value</var> be
- the substring from the first character, if any, after the first
- U+003D EQUALS SIGN character (=) up to the end of <var
- title="">string</var>. If the first U+003D EQUALS SIGN character
- (=) is the first character, then <var title="">name</var> will
- be the empty string. If it is the last character, then <var
- title="">value</var> will be the empty string.</p>
+ <p>If <var title="">string</var> contains a U+003D EQUALS SIGN character (=), then let <var
+ title="">name</var> be the substring of <var title="">string</var> from the start of <var
+ title="">string</var> up to but excluding its first U+003D EQUALS SIGN character (=), and let
+ <var title="">value</var> be the substring from the first character, if any, after the first
+ U+003D EQUALS SIGN character (=) up to the end of <var title="">string</var>. If the first
+ U+003D EQUALS SIGN character (=) is the first character, then <var title="">name</var> will be
+ the empty string. If it is the last character, then <var title="">value</var> will be the
+ empty string.</p>
- <p>Otherwise, <var title="">string</var> contains no U+003D
- EQUALS SIGN characters (=). Let <var title="">name</var> have
- the value of <var title="">string</var> and let <var
+ <p>Otherwise, <var title="">string</var> contains no U+003D EQUALS SIGN characters (=). Let
+ <var title="">name</var> have the value of <var title="">string</var> and let <var
title="">value</var> be the empty string.</p>
</li>
<li>
- <p>Replace any U+002B PLUS SIGN characters (+) in <var
- title="">name</var> and <var title="">value</var> with U+0020
- SPACE characters.</p>
+ <p>Replace any U+002B PLUS SIGN characters (+) in <var title="">name</var> and <var
+ title="">value</var> with U+0020 SPACE characters.</p>
</li>
<li>
- <p>Replace any escape in <var title="">name</var> and <var
- title="">value</var> with the character represented by the
- escape. This replacement must not be recursive.</p>
+ <p>Replace any escape in <var title="">name</var> and <var title="">value</var> with the
+ character represented by the escape. This replacement must not be recursive.</p>
- <p>An escape is a U+0025 PERCENT SIGN character (%) followed by
- two <span>ASCII hex digits</span>.</p>
+ <p>An escape is a U+0025 PERCENT SIGN character (%) followed by two <span>ASCII hex
+ digits</span>.</p>
- <p>The character represented by an escape is the Unicode
- character whose code point is equal to the value of the two
- characters after the U+0025 PERCENT SIGN character (%),
- interpreted as a hexadecimal number (in the range 0..255).</p>
+ <p>The character represented by an escape is the Unicode character whose code point is equal
+ to the value of the two characters after the U+0025 PERCENT SIGN character (%), interpreted as
+ a hexadecimal number (in the range 0..255).</p>
- <p class="example">So for instance the string "<code
- title="">A%2BC</code>" would become "<code title="">A+C</code>".
- Similarly, the string "<code title="">100%25AA%21</code>"
- becomes the string "<code title="">100%AA!</code>".</p>
+ <p class="example">So for instance the string "<code title="">A%2BC</code>" would become
+ "<code title="">A+C</code>". Similarly, the string "<code title="">100%25AA%21</code>" becomes
+ the string "<code title="">100%AA!</code>".</p>
</li>
- <li><p>Convert the <var title="">name</var> and <var
- title="">value</var> strings to their byte representation in
- ISO-8859-1 (i.e. convert the Unicode string to a byte string,
- mapping code points to byte values directly).</p></li>
+ <li><p>Convert the <var title="">name</var> and <var title="">value</var> strings to their byte
+ representation in ISO-8859-1 (i.e. convert the Unicode string to a byte string, mapping code
+ points to byte values directly).</p></li>
- <li><p>Add a pair consisting of <var title="">name</var> and <var
- title="">value</var> to <var title="">pairs</var>.</p></li>
+ <li><p>Add a pair consisting of <var title="">name</var> and <var title="">value</var> to <var
+ title="">pairs</var>.</p></li>
</ol>
</li>
- <li><p>If any of the name-value pairs in <var title="">pairs</var>
- have a name component consisting of the string "<code
- title="">_charset_</code>" encoded in US-ASCII, and the value
- component of the first such pair, when decoded as US-ASCII, is the
- name of a supported character encoding, then let <var
- title="">encoding</var> be that character encoding (replacing the
- default passed to the algorithm).</p></li> <!-- XXX -->
+ <li><p>If any of the name-value pairs in <var title="">pairs</var> have a name component
+ consisting of the string "<code title="">_charset_</code>" encoded in US-ASCII, and the value
+ component of the first such pair, when decoded as US-ASCII, is the name of a supported character
+ encoding, then let <var title="">encoding</var> be that character encoding (replacing the default
+ passed to the algorithm).</p></li> <!-- XXX -->
- <li><p>Convert the name and value components of each name-value
- pair in <var title="">pairs</var> to Unicode by interpreting the
- bytes according to the encoding <var
+ <li><p>Convert the name and value components of each name-value pair in <var title="">pairs</var>
+ to Unicode by interpreting the bytes according to the encoding <var
title="">encoding</var>.</p></li>
<li><p>Return <var title="">pairs</var>.</p></li>
</ol>
- <p class="note">Parameters on the
- <code>application/x-www-form-urlencoded</code> MIME type are
- ignored. In particular, this MIME type does not support the <code
- title="">charset</code> parameter.</p>
+ <p class="note">Parameters on the <code>application/x-www-form-urlencoded</code> MIME type are
+ ignored. In particular, this MIME type does not support the <code title="">charset</code>
+ parameter.</p>
@@ -77193,12 +77017,11 @@
<div class="impl">
-<!--CLEANUP-->
<p>The <dfn title="dom-document-domain"><code>domain</code></dfn> attribute on
<code>Document</code> objects must be initialized to <span>the document's domain</span>, if it has
one, and the empty string otherwise. If the value is an IPv6 address, then the square brackets
- from the <span title="concept-url-host">host</span> component must be omitted
- from the attribute's value.</p>
+ from the <span title="concept-url-host">host</span> component must be omitted from the attribute's
+ value.</p>
<p>On getting, the attribute must return its current value, unless the <code>Document</code> has
no <span>browsing context</span>, in which case it must return the empty string.</p>
@@ -77328,10 +77151,10 @@
protects two different sites on the same host will fail, as the ports are ignored when comparing
origins after the <code title="dom-document-domain">document.domain</code> attribute has been
used.</p>
-<!--TOPIC:HTML-->
+<!--TOPIC:HTML-->
<h3>Sandboxing</h3>
@@ -78016,19 +77839,19 @@
<li>If that fails, throw a <code>SecurityError</code> exception and abort these steps.</li>
-<!--CLEANUP-->
- <li>Compare the resulting <span>parsed URL</span> to the result of applying the <span>URL parser</span> algorithm to <span>the document's address</span>. If
- any component of these two <span title="URL">URLs</span> differ other than the <span
- title="concept-url-path">path</span>, <span title="concept-url-query">query</span>, and <span
+ <li>Compare the resulting <span>parsed URL</span> to the result of applying the <span>URL
+ parser</span> algorithm to <span>the document's address</span>. If any component of these two
+ <span title="URL">URLs</span> differ other than the <span title="concept-url-path">path</span>,
+ <span title="concept-url-query">query</span>, and <span
title="concept-url-fragment">fragment</span> components, then throw a
<code>SecurityError</code> exception and abort these steps.</li>
<li>If the <span>origin</span> of the resulting <span>absolute URL</span> is not the same as
the <span>origin</span> of the <span>entry script</span>'s <span title="script's
document">document</span>, and either the <span title="concept-url-path">path</span> or <span
- title="concept-url-query">query</span> components of the two <span title="parsed URL">parsed URLs</span>
- compared in the previous step differ, throw a <code>SecurityError</code> exception and abort
- these steps. (This prevents sandboxed content from spoofing other pages on the same
+ title="concept-url-query">query</span> components of the two <span title="parsed URL">parsed
+ URLs</span> compared in the previous step differ, throw a <code>SecurityError</code> exception
+ and abort these steps. (This prevents sandboxed content from spoofing other pages on the same
origin.)</li>
<li><p>Let <var title="">new URL</var> be the resulting <span>absolute URL</span>.</p></li>
@@ -78037,7 +77860,9 @@
<p>For the purposes of the comparisons in the above substeps, the <span
title="concept-url-path">path</span> and <span title="concept-url-query">query</span> components
- can only be the same if the <span title="concept-url-scheme">scheme</span> component of both <span title="parsed URL">parsed URLs</span> are <span title="concept-url-scheme-relative">relative schemes</span>.</p>
+ can only be the same if the <span title="concept-url-scheme">scheme</span> component of both
+ <span title="parsed URL">parsed URLs</span> are <span
+ title="concept-url-scheme-relative">relative schemes</span>.</p>
</li>
@@ -78138,13 +77963,11 @@
<div class="example">
- <p>Consider a game where the user can navigate along a line, such
- that the user is always at some coordinate, and such that the user
- can bookmark the page corresponding to a particular coordinate, to
- return to it later.</p>
+ <p>Consider a game where the user can navigate along a line, such that the user is always at some
+ coordinate, and such that the user can bookmark the page corresponding to a particular
+ coordinate, to return to it later.</p>
- <p>A static page implementing the x=5 position in such a game could
- look like the following:</p>
+ <p>A static page implementing the x=5 position in such a game could look like the following:</p>
<pre><!DOCTYPE HTML>
<!-- this is http://example.com/line?x=5 -->
@@ -78155,9 +77978,8 @@
<a href="?x=4">retreat to 4</a>?
</p></pre>
- <p>The problem with such a system is that each time the user
- clicks, the whole page has to be reloaded. Here instead is another
- way of doing it, using script:</p>
+ <p>The problem with such a system is that each time the user clicks, the whole page has to be
+ reloaded. Here instead is another way of doing it, using script:</p>
<pre><!DOCTYPE HTML>
<!-- this starts off as http://example.com/line?x=5 -->
@@ -78187,30 +78009,25 @@
}
</script></pre>
- <p>In systems without script, this still works like the previous
- example. However, users that <em>do</em> have script support can
- now navigate much faster, since there is no network access for the
- same experience. Furthermore, contrary to the experience the user
- would have with just a naïve script-based approach,
- bookmarking and navigating the session history still work.</p>
+ <p>In systems without script, this still works like the previous example. However, users that
+ <em>do</em> have script support can now navigate much faster, since there is no network access
+ for the same experience. Furthermore, contrary to the experience the user would have with just a
+ naïve script-based approach, bookmarking and navigating the session history still work.</p>
- <p>In the example above, the <var title="">data</var> argument to
- the <code title="dom-history-pushState">pushState()</code> method
- is the same information as would be sent to the server, but in a
- more convenient form, so that the script doesn't have to parse the
- URL each time the user navigates.</p>
+ <p>In the example above, the <var title="">data</var> argument to the <code
+ title="dom-history-pushState">pushState()</code> method is the same information as would be sent
+ to the server, but in a more convenient form, so that the script doesn't have to parse the URL
+ each time the user navigates.</p>
</div>
<div class="example">
- <p>Applications might not use the same title for a <span>session
- history entry</span> as the value of the document's
- <code>title</code> element at that time. For example, here is a
- simple page that shows a block in the <code>title</code> element.
- Clearly, when navigating backwards to a previous state the user
- does not go back in time, and therefore it would be inappropriate
- to put the time in the session history title.</p>
+ <p>Applications might not use the same title for a <span>session history entry</span> as the
+ value of the document's <code>title</code> element at that time. For example, here is a simple
+ page that shows a block in the <code>title</code> element. Clearly, when navigating backwards to
+ a previous state the user does not go back in time, and therefore it would be inappropriate to
+ put the time in the session history title.</p>
<pre><!DOCTYPE HTML>
<TITLE>Line</TITLE>
@@ -78237,9 +78054,8 @@
<h4>The <code>Location</code> interface</h4>
- <p>Each <code>Document</code> object in a <span>browsing
- context</span>'s session history is associated with a unique
- instance of a <code>Location</code> object.</p>
+ <p>Each <code>Document</code> object in a <span>browsing context</span>'s session history is
+ associated with a unique instance of a <code>Location</code> object.</p>
<dl class="domintro">
@@ -78258,15 +78074,12 @@
<div class="impl">
- <p>The <dfn
- title="dom-document-location"><code>location</code></dfn> attribute
- of the <code>Document</code> interface must return the
- <code>Location</code> object for that <code>Document</code> object,
- if it is in a <span>browsing context</span>, and null otherwise.</p>
+ <p>The <dfn title="dom-document-location"><code>location</code></dfn> attribute of the
+ <code>Document</code> interface must return the <code>Location</code> object for that
+ <code>Document</code> object, if it is in a <span>browsing context</span>, and null otherwise.</p>
- <p>The <dfn title="dom-location"><code>location</code></dfn>
- attribute of the <code>Window</code> interface must return the
- <code>Location</code> object for that <code>Window</code> object's
+ <p>The <dfn title="dom-location"><code>location</code></dfn> attribute of the <code>Window</code>
+ interface must return the <code>Location</code> object for that <code>Window</code> object's
<code>Document</code>.</p>
</div>
@@ -78615,15 +78428,16 @@
<li><p>Let <var title="">gone async</var> be false.</p></li>
-<!--CLEANUP-->
- <li id="navigate-fragid-step"><p><i>Fragment identifiers</i>: Apply the <span>URL parser</span> algorithm to the <span>absolute URL</span> of
- the new resource and the <span title="the document's address">address</span> of the
- <span>active document</span> of the <span>browsing context</span> being navigated. If all the components of the resulting <span title="parsed URL">parsed URLs</span> , ignoring any
- <span title="concept-url-fragment">fragment</span> components, are identical, and the new resource is to be fetched using HTTP GET <span
- title="concept-http-equivalent-get">or equivalent</span>, and the <span>parsed URL</span> of
- the new resource has a <span title="concept-url-fragment">fragment</span> component that is not null (even if it
- is empty), then <span title="navigate-fragid">navigate to that fragment identifier</span> and
- abort these steps.</p></li>
+ <li id="navigate-fragid-step"><p><i>Fragment identifiers</i>: Apply the <span>URL parser</span>
+ algorithm to the <span>absolute URL</span> of the new resource and the <span title="the
+ document's address">address</span> of the <span>active document</span> of the <span>browsing
+ context</span> being navigated. If all the components of the resulting <span title="parsed
+ URL">parsed URLs</span>, ignoring any <span title="concept-url-fragment">fragment</span>
+ components, are identical, and the new resource is to be fetched using HTTP GET <span
+ title="concept-http-equivalent-get">or equivalent</span>, and the <span>parsed URL</span> of the
+ new resource has a <span title="concept-url-fragment">fragment</span> component that is not null
+ (even if it is empty), then <span title="navigate-fragid">navigate to that fragment
+ identifier</span> and abort these steps.</p></li>
<li><p>If <var title="">gone async</var> is false, cancel any preexisting but not yet <span
title="concept-navigate-mature">mature</span> attempt to navigate the <span>browsing
@@ -79145,20 +78959,20 @@
encoding is established, the <span>document's character encoding</span> must be set to that
character encoding.</p>
-<!--CLEANUP-->
<p>If the root element, as parsed according to the XML specifications cited above, is found to be
an <code>html</code> element with an attribute <code title="attr-html-manifest">manifest</code>
whose value is not the empty string, then, as soon as the element is <span title="insert an
element into a document">inserted into the document</span>, the user agent must <span
title="resolve a url">resolve</span> the value of that attribute relative to that element, and if
- that is successful, must apply the <span>URL serializer</span> algorithm to the resulting <span>parsed URL</span> with the <i>exclude fragment flag</i> set to obtain <var title="">manifest URL</var>, and then run the <span title="concept-appcache-init">application cache selection
- algorithm</span> with <var title="">manifest URL</var>
- as the manifest URL, passing in
- the newly-created <code>Document</code>. Otherwise, if the attribute is absent, its value is the
- empty string, or resolving its value fails, then as soon as the root element is <span
- title="insert an element into a document">inserted into the document</span>, the user agent must
- run the <span title="concept-appcache-init">application cache selection algorithm</span> with no
- manifest, and passing in the <code>Document</code>.</p>
+ that is successful, must apply the <span>URL serializer</span> algorithm to the resulting
+ <span>parsed URL</span> with the <i>exclude fragment flag</i> set to obtain <var title="">manifest
+ URL</var>, and then run the <span title="concept-appcache-init">application cache selection
+ algorithm</span> with <var title="">manifest URL</var> as the manifest URL, passing in the
+ newly-created <code>Document</code>. Otherwise, if the attribute is absent, its value is the empty
+ string, or resolving its value fails, then as soon as the root element is <span title="insert an
+ element into a document">inserted into the document</span>, the user agent must run the <span
+ title="concept-appcache-init">application cache selection algorithm</span> with no manifest, and
+ passing in the <code>Document</code>.</p>
<p class="note">Because the processing of the <code title="attr-html-manifest">manifest</code>
attribute happens only once the root element is parsed, any URLs referenced by processing
@@ -79425,11 +79239,10 @@
<ol>
-<!--CLEANUP-->
-
<li><p>Apply the <span>URL parser</span> algorithm to the <span>URL</span>, and let <var
title="">fragid</var> be the <span title="concept-url-fragment">fragment</span> component of the
- resulting <span>parsed URL</span>.</p></li><!-- parsing can't fail, since we checked earlier on when navigating -->
+ resulting <span>parsed URL</span>.</p></li><!-- parsing can't fail, since we checked earlier on
+ when navigating -->
<li><p>If <var title="">fragid</var> is the empty string, then <span>the indicated part of the
document</span> is the top of the document; stop the algorithm here.</p></li>
@@ -80742,35 +80555,27 @@
</div>
-<!--CLEANUP-->
<h5>Writing cache manifests</h5>
- <p>Manifests must be served using the
- <code>text/cache-manifest</code> <span>MIME type</span>. All
- resources served using the <code>text/cache-manifest</code>
- <span>MIME type</span> must follow the syntax of application cache
- manifests, as described in this section.</p>
+ <p>Manifests must be served using the <code>text/cache-manifest</code> <span>MIME type</span>. All
+ resources served using the <code>text/cache-manifest</code> <span>MIME type</span> must follow the
+ syntax of application cache manifests, as described in this section.</p>
- <p>An application cache manifest is a text file, whose text is
- encoded using UTF-8. Data in application cache manifests is
- line-based. Newlines must be represented by U+000A LINE FEED (LF)
- characters, U+000D CARRIAGE RETURN (CR) characters, or U+000D
- CARRIAGE RETURN (CR) U+000A LINE FEED (LF) pairs. <a href="#refsRFC3629">[RFC3629]</a></p>
+ <p>An application cache manifest is a text file, whose text is encoded using UTF-8. Data in
+ application cache manifests is line-based. Newlines must be represented by U+000A LINE FEED (LF)
+ characters, U+000D CARRIAGE RETURN (CR) characters, or U+000D CARRIAGE RETURN (CR) U+000A LINE
+ FEED (LF) pairs. <a href="#refsRFC3629">[RFC3629]</a></p>
- <p class="note">This is a <span>willful violation</span> of RFC
- 2046, which requires all <code title="">text/*</code> types to only
- allow CRLF line breaks. This requirement, however, is outdated; the
- use of CR, LF, and CRLF line breaks is commonly supported and indeed
- sometimes CRLF is <em>not</em> supported by text editors. <a
- href="#refsRFC2046">[RFC2046]</a></p>
+ <p class="note">This is a <span>willful violation</span> of RFC 2046, which requires all <code
+ title="">text/*</code> types to only allow CRLF line breaks. This requirement, however, is
+ outdated; the use of CR, LF, and CRLF line breaks is commonly supported and indeed sometimes CRLF
+ is <em>not</em> supported by text editors. <a href="#refsRFC2046">[RFC2046]</a></p>
- <p>The first line of an application cache manifest must consist of
- the string "CACHE", a single U+0020 SPACE character, the string
- "MANIFEST", and either a U+0020 SPACE character, a U+0009 CHARACTER
- TABULATION (tab) character, a U+000A LINE FEED (LF) character, or a
- U+000D CARRIAGE RETURN (CR) character. The first line may optionally
- be preceded by a U+FEFF BYTE ORDER MARK (BOM) character. If any
- other text is found on the first line, it is ignored.</p>
+ <p>The first line of an application cache manifest must consist of the string "CACHE", a single
+ U+0020 SPACE character, the string "MANIFEST", and either a U+0020 SPACE character, a U+0009
+ CHARACTER TABULATION (tab) character, a U+000A LINE FEED (LF) character, or a U+000D CARRIAGE
+ RETURN (CR) character. The first line may optionally be preceded by a U+FEFF BYTE ORDER MARK (BOM)
+ character. If any other text is found on the first line, it is ignored.</p>
<p>Subsequent lines, if any, must all be one of the following:</p>
@@ -80782,21 +80587,17 @@
<dt>A comment
<dd>
- <p>Comment lines must consist of zero or more U+0020 SPACE and
- U+0009 CHARACTER TABULATION (tab) characters, followed by a single
- U+0023 NUMBER SIGN character (#), followed by zero or more
- characters other than U+000A LINE FEED (LF) and U+000D CARRIAGE
- RETURN (CR) characters.</p>
+ <p>Comment lines must consist of zero or more U+0020 SPACE and U+0009 CHARACTER TABULATION (tab)
+ characters, followed by a single U+0023 NUMBER SIGN character (#), followed by zero or more
+ characters other than U+000A LINE FEED (LF) and U+000D CARRIAGE RETURN (CR) characters.</p>
- <p class="note">Comments must be on a line on their own. If they
- were to be included on a line with a URL, the "#" would be
- mistaken for part of a fragment identifier.</p>
+ <p class="note">Comments must be on a line on their own. If they were to be included on a line
+ with a URL, the "#" would be mistaken for part of a fragment identifier.</p>
<dt>A section header
<dd>
- <p>Section headers change the current section. There are four
- possible section headers:
+ <p>Section headers change the current section. There are four possible section headers:
<dl>
@@ -80814,309 +80615,245 @@
</dl>
- <p>Section header lines must consist of zero or more U+0020 SPACE
- and U+0009 CHARACTER TABULATION (tab) characters, followed by one
- of the names above (including the U+003A COLON character (:))
- followed by zero or more U+0020 SPACE and U+0009 CHARACTER
- TABULATION (tab) characters.</p>
+ <p>Section header lines must consist of zero or more U+0020 SPACE and U+0009 CHARACTER
+ TABULATION (tab) characters, followed by one of the names above (including the U+003A COLON
+ character (:)) followed by zero or more U+0020 SPACE and U+0009 CHARACTER TABULATION (tab)
+ characters.</p>
- <p>Ironically, by default, the current section is the
- <span title="concept-appcache-manifest-explicit">explicit section</span>.</p>
+ <p>Ironically, by default, the current section is the <span
+ title="concept-appcache-manifest-explicit">explicit section</span>.</p>
<dt>Data for the current section
<dd>
- <p>The format that data lines must take depends on the current
- section.</p>
- <p>When the current section is the <span
- title="concept-appcache-manifest-explicit">explicit
- section</span>, data lines must consist of zero or more U+0020
- SPACE and U+0009 CHARACTER TABULATION (tab) characters, a
- <span>valid URL</span> identifying a resource other than the
- manifest itself, and then zero or more U+0020 SPACE and U+0009
- CHARACTER TABULATION (tab) characters.</p>
+ <p>The format that data lines must take depends on the current section.</p>
- <p>When the current section is the <span
- title="concept-appcache-manifest-fallback">fallback
- section</span>, data lines must consist of zero or more U+0020
- SPACE and U+0009 CHARACTER TABULATION (tab) characters, a
- <span>valid URL</span> identifying a resource other than the
- manifest itself, one or more U+0020 SPACE and U+0009 CHARACTER
- TABULATION (tab) characters, another <span>valid URL</span>
- identifying a resource other than the manifest itself, and then
- zero or more U+0020 SPACE and U+0009 CHARACTER TABULATION (tab)
+ <p>When the current section is the <span title="concept-appcache-manifest-explicit">explicit
+ section</span>, data lines must consist of zero or more U+0020 SPACE and U+0009 CHARACTER
+ TABULATION (tab) characters, a <span>valid URL</span> identifying a resource other than the
+ manifest itself, and then zero or more U+0020 SPACE and U+0009 CHARACTER TABULATION (tab)
characters.</p>
- <p>When the current section is the <span
- title="concept-appcache-manifest-network">online whitelist
- section</span>, data lines must consist of zero or more U+0020
- SPACE and U+0009 CHARACTER TABULATION (tab) characters, either a
- single U+002A ASTERISK character (*) <!--
- concept-appcache-onlinewhitelist-wildcard --> or a <span>valid
- URL</span> identifying a resource other than the manifest itself,
- and then zero or more U+0020 SPACE and U+0009 CHARACTER TABULATION
- (tab) characters.</p>
+ <p>When the current section is the <span title="concept-appcache-manifest-fallback">fallback
+ section</span>, data lines must consist of zero or more U+0020 SPACE and U+0009 CHARACTER
+ TABULATION (tab) characters, a <span>valid URL</span> identifying a resource other than the
+ manifest itself, one or more U+0020 SPACE and U+0009 CHARACTER TABULATION (tab) characters,
+ another <span>valid URL</span> identifying a resource other than the manifest itself, and then
+ zero or more U+0020 SPACE and U+0009 CHARACTER TABULATION (tab) characters.</p>
- <p>When the current section is the <span
- title="concept-appcache-manifest-settings">settings
- section</span>, data lines must consist of zero or more U+0020
- SPACE and U+0009 CHARACTER TABULATION (tab) characters, a <span
- title="concept-appcache-manifest-setting">setting</span>, and then
- zero or more U+0020 SPACE and U+0009 CHARACTER TABULATION (tab)
- characters.</p>
+ <p>When the current section is the <span title="concept-appcache-manifest-network">online
+ whitelist section</span>, data lines must consist of zero or more U+0020 SPACE and U+0009
+ CHARACTER TABULATION (tab) characters, either a single U+002A ASTERISK character (*) <!--
+ concept-appcache-onlinewhitelist-wildcard --> or a <span>valid URL</span> identifying a resource
+ other than the manifest itself, and then zero or more U+0020 SPACE and U+0009 CHARACTER
+ TABULATION (tab) characters.</p>
- <p>Currently only one <dfn
- title="concept-appcache-manifest-setting">setting</dfn> is
+ <p>When the current section is the <span title="concept-appcache-manifest-settings">settings
+ section</span>, data lines must consist of zero or more U+0020 SPACE and U+0009 CHARACTER
+ TABULATION (tab) characters, a <span title="concept-appcache-manifest-setting">setting</span>,
+ and then zero or more U+0020 SPACE and U+0009 CHARACTER TABULATION (tab) characters.</p>
+
+ <p>Currently only one <dfn title="concept-appcache-manifest-setting">setting</dfn> is
defined:</p>
<dl>
<dt>The cache mode setting</dt>
- <dd>This consists of the string "<code
- title="">prefer-online</code>". It sets the <span
+ <dd>This consists of the string "<code title="">prefer-online</code>". It sets the <span
title="concept-appcache-mode">cache mode</span> to <span
- title="concept-appcache-mode-prefer-online">prefer-online</span>.
- (The <span title="concept-appcache-mode">cache mode</span>
- defaults to <span
+ title="concept-appcache-mode-prefer-online">prefer-online</span>. (The <span
+ title="concept-appcache-mode">cache mode</span> defaults to <span
title="concept-appcache-mode-fast">fast</span>.)</dd>
</dl>
- <p>Within a <span
- title="concept-appcache-manifest-settings">settings
- section</span>, each <span
- title="concept-appcache-manifest-setting">setting</span> must
- occur no more than once.</p>
+ <p>Within a <span title="concept-appcache-manifest-settings">settings section</span>, each <span
+ title="concept-appcache-manifest-setting">setting</span> must occur no more than once.</p>
<!--
- <p class="note">The URLs in data lines can't be empty strings,
- since those would be relative URLs to the manifest itself. Such
- lines would be confused with blank or invalid lines, anyway.</p>
+ <p class="note">The URLs in data lines can't be empty strings, since those would be relative
+ URLs to the manifest itself. Such lines would be confused with blank or invalid lines,
+ anyway.</p>
-->
</dl>
- <p>Manifests may contain sections more than once. Sections may be
- empty.</p>
+ <p>Manifests may contain sections more than once. Sections may be empty.</p>
<p>URLs that are to be fallback pages associated with <span
- title="concept-appcache-fallback-ns">fallback namespaces</span>, and
- those namespaces themselves, must be given in <span
- title="concept-appcache-manifest-fallback">fallback sections</span>,
- with the namespace being the first URL of the data line, and the
- corresponding fallback page being the second URL. All the other
- pages to be cached must be listed in <span
- title="concept-appcache-manifest-explicit">explicit
- sections</span>.</p>
+ title="concept-appcache-fallback-ns">fallback namespaces</span>, and those namespaces themselves,
+ must be given in <span title="concept-appcache-manifest-fallback">fallback sections</span>, with
+ the namespace being the first URL of the data line, and the corresponding fallback page being the
+ second URL. All the other pages to be cached must be listed in <span
+ title="concept-appcache-manifest-explicit">explicit sections</span>.</p>
- <p><span title="concept-appcache-fallback-ns">Fallback
- namespaces</span> and <span
- title="concept-appcache-fallback">fallback entries</span> must have
- the <span>same origin</span> as the manifest itself.</p>
+ <p><span title="concept-appcache-fallback-ns">Fallback namespaces</span> and <span
+ title="concept-appcache-fallback">fallback entries</span> must have the <span>same origin</span>
+ as the manifest itself.</p>
- <p>A <span title="concept-appcache-fallback-ns">fallback
- namespace</span> must not be listed more than once.</p>
+ <p>A <span title="concept-appcache-fallback-ns">fallback namespace</span> must not be listed more
+ than once.</p>
<p>Namespaces that the user agent is to put into the <span
- title="concept-appcache-onlinewhitelist">online whitelist</span>
- must all be specified in <span
- title="concept-appcache-manifest-network">online whitelist
- sections</span>. (This is needed for any URL that the page is
- intending to use to communicate back to the server.) To specify that
- all URLs are automatically whitelisted in this way, a U+002A
- ASTERISK character (*) may be specified as one of the URLs. <!--
- concept-appcache-onlinewhitelist-wildcard --></p>
+ title="concept-appcache-onlinewhitelist">online whitelist</span> must all be specified in <span
+ title="concept-appcache-manifest-network">online whitelist sections</span>. (This is needed for
+ any URL that the page is intending to use to communicate back to the server.) To specify that all
+ URLs are automatically whitelisted in this way, a U+002A ASTERISK character (*) may be specified
+ as one of the URLs. <!-- concept-appcache-onlinewhitelist-wildcard --></p>
<p>Authors should not include namespaces in the <span
- title="concept-appcache-onlinewhitelist">online whitelist</span> for
- which another namespace in the <span
- title="concept-appcache-onlinewhitelist">online whitelist</span> is
- a <span>prefix match</span>.</p>
+ title="concept-appcache-onlinewhitelist">online whitelist</span> for which another namespace in
+ the <span title="concept-appcache-onlinewhitelist">online whitelist</span> is a <span>prefix
+ match</span>.</p>
<p><span title="relative URL">Relative URLs</span> must be given relative to the manifest's own
- URL. All URLs in the manifest must have the same <span
- title="concept-url-scheme">scheme</span> as the manifest itself
- (either explicitly or implicitly, through the use of <span title="relative url">relative
- URLs</span>). <a href="#refsURL">[URL]</a></p>
+ URL. All URLs in the manifest must have the same <span title="concept-url-scheme">scheme</span> as
+ the manifest itself (either explicitly or implicitly, through the use of <span title="relative
+ url">relative URLs</span>). <a href="#refsURL">[URL]</a></p>
- <p>URLs in manifests must not have fragment identifiers (i.e. the
- U+0023 NUMBER SIGN character isn't allowed in URLs in
- manifests).</p>
+ <p>URLs in manifests must not have fragment identifiers (i.e. the U+0023 NUMBER SIGN character
+ isn't allowed in URLs in manifests).</p>
- <p><span title="concept-appcache-fallback-ns">Fallback
- namespaces</span> and namespaces in the <span
- title="concept-appcache-onlinewhitelist">online whitelist</span> are
- matched by <span>prefix match</span>.</p>
+ <p><span title="concept-appcache-fallback-ns">Fallback namespaces</span> and namespaces in the
+ <span title="concept-appcache-onlinewhitelist">online whitelist</span> are matched by <span>prefix
+ match</span>.</p>
-<!--CLEANUP-->
<div class="impl">
<h5>Parsing cache manifests</h5>
- <p>When a user agent is to <dfn>parse a manifest</dfn>, it means
- that the user agent must run the following steps:</p>
+ <p>When a user agent is to <dfn>parse a manifest</dfn>, it means that the user agent must run the
+ following steps:</p>
<ol>
- <li><p>Decode the byte stream corresponding
- with the manifest to be parsed <span title="decoded as UTF-8, with
- error handling">as UTF-8, with error handling</span>. <!--All
- U+0000 NULL characters must be replaced by U+FFFD REPLACEMENT
- CHARACTERs. (this isn't black-box testable since neither U+0000 nor
- U+FFFD are valid anywhere in the syntax and thus both will be
- treated the same anyway)--></p></li>
+ <li><p>Decode the byte stream corresponding with the manifest to be parsed <span title="decoded
+ as UTF-8, with error handling">as UTF-8, with error handling</span>. <!--All U+0000 NULL
+ characters must be replaced by U+FFFD REPLACEMENT CHARACTERs. (this isn't black-box testable
+ since neither U+0000 nor U+FFFD are valid anywhere in the syntax and thus both will be treated
+ the same anyway)--></p></li>
- <li><p>Let <var title="">base URL</var> be the <span>absolute
- URL</span> representing the manifest.</p></li>
+ <li><p>Let <var title="">base URL</var> be the <span>absolute URL</span> representing the
+ manifest.</p></li>
<li><p>Apply the <span>URL parser</span> steps to the <var title="">base URL</var>, so that the
components from its <span>parsed URL</span> can be used by the subseqent steps of this
algorithm.</p></li>
- <li><p>Let <var title="">explicit URLs</var> be an initially empty
- list of <span title="absolute URL">absolute URLs</span> for <span
- title="concept-appcache-explicit">explicit entries</span>.</p></li>
+ <li><p>Let <var title="">explicit URLs</var> be an initially empty list of <span title="absolute
+ URL">absolute URLs</span> for <span title="concept-appcache-explicit">explicit
+ entries</span>.</p></li>
- <li><p>Let <var title="">fallback URLs</var> be an initially empty
- mapping of <span title="concept-appcache-fallback-ns">fallback
- namespaces</span> to <span title="absolute URL">absolute
- URLs</span> for <span title="concept-appcache-fallback">fallback
+ <li><p>Let <var title="">fallback URLs</var> be an initially empty mapping of <span
+ title="concept-appcache-fallback-ns">fallback namespaces</span> to <span title="absolute
+ URL">absolute URLs</span> for <span title="concept-appcache-fallback">fallback
entries</span>.</p></li>
- <li><p>Let <var title="">online whitelist namespaces</var> be an
- initially empty list of <span title="absolute URL">absolute
- URLs</span> for an <span
- title="concept-appcache-onlinewhitelist">online
- whitelist</span>.</p></li>
+ <li><p>Let <var title="">online whitelist namespaces</var> be an initially empty list of <span
+ title="absolute URL">absolute URLs</span> for an <span
+ title="concept-appcache-onlinewhitelist">online whitelist</span>.</p></li>
- <li><p>Let <var title="">online whitelist wildcard flag</var> be <i
- title="">blocking</i>. <!--
+ <li><p>Let <var title="">online whitelist wildcard flag</var> be <i title="">blocking</i>. <!--
concept-appcache-onlinewhitelist-wildcard --></p></li>
- <li><p>Let <var title="">cache mode flag</var> be <i
- title="">fast</i>. <!-- concept-appcache-mode-fast --></p></li>
+ <li><p>Let <var title="">cache mode flag</var> be <i title="">fast</i>. <!--
+ concept-appcache-mode-fast --></p></li>
- <li><p>Let <var title="">input</var> be the decoded text of the
- manifest's byte stream.</p></li>
+ <li><p>Let <var title="">input</var> be the decoded text of the manifest's byte stream.</p></li>
- <li><p>Let <var title="">position</var> be a pointer into <var
- title="">input</var>, initially pointing at the first
- character.</p></li>
+ <li><p>Let <var title="">position</var> be a pointer into <var title="">input</var>, initially
+ pointing at the first character.</p></li>
- <li><p>If <var title="">position</var> is pointing at a U+FEFF BYTE
- ORDER MARK (BOM) character, then advance <var
- title="">position</var> to the next character.</p></li>
+ <li><p>If <var title="">position</var> is pointing at a U+FEFF BYTE ORDER MARK (BOM) character,
+ then advance <var title="">position</var> to the next character.</p></li>
- <li><p>If the characters starting from <var title="">position</var>
- are "CACHE", followed by a U+0020 SPACE character, followed by
- "MANIFEST", then advance <var title="">position</var> to the next
- character after those. Otherwise, this isn't a cache manifest;
- abort this algorithm with a failure while checking for the magic
- signature.</p></li>
+ <li><p>If the characters starting from <var title="">position</var> are "CACHE", followed by a
+ U+0020 SPACE character, followed by "MANIFEST", then advance <var title="">position</var> to the
+ next character after those. Otherwise, this isn't a cache manifest; abort this algorithm with a
+ failure while checking for the magic signature.</p></li>
- <li><p>If the character at <var title="">position</var> is neither
- a U+0020 SPACE character, a U+0009 CHARACTER TABULATION (tab)
- character, U+000A LINE FEED (LF) character, nor a U+000D CARRIAGE
- RETURN (CR) character, then this isn't a cache manifest; abort this
- algorithm with a failure while checking for the magic
- signature.</p></li>
+ <li><p>If the character at <var title="">position</var> is neither a U+0020 SPACE character, a
+ U+0009 CHARACTER TABULATION (tab) character, U+000A LINE FEED (LF) character, nor a U+000D
+ CARRIAGE RETURN (CR) character, then this isn't a cache manifest; abort this algorithm with a
+ failure while checking for the magic signature.</p></li>
<li><p>This is a cache manifest. The algorithm cannot fail beyond
this point (though bogus lines can get ignored).</p></li>
- <li><p><span>Collect a sequence of characters</span> that are
- <em>not</em> U+000A LINE FEED (LF) or U+000D CARRIAGE RETURN (CR)
- characters, and ignore those characters. (Extra text on the first
+ <li><p><span>Collect a sequence of characters</span> that are <em>not</em> U+000A LINE FEED (LF)
+ or U+000D CARRIAGE RETURN (CR) characters, and ignore those characters. (Extra text on the first
line, after the signature, is ignored.)</p></li>
<li><p>Let <var title="">mode</var> be "explicit".</p></li>
- <li><p><i>Start of line</i>: If <var title="">position</var> is
- past the end of <var title="">input</var>, then jump to the last
- step. Otherwise, <span>collect a sequence of characters</span> that
- are U+000A LINE FEED (LF), U+000D CARRIAGE RETURN (CR), U+0020
- SPACE, or U+0009 CHARACTER TABULATION (tab) characters.</p></li>
+ <li><p><i>Start of line</i>: If <var title="">position</var> is past the end of <var
+ title="">input</var>, then jump to the last step. Otherwise, <span>collect a sequence of
+ characters</span> that are U+000A LINE FEED (LF), U+000D CARRIAGE RETURN (CR), U+0020 SPACE, or
+ U+0009 CHARACTER TABULATION (tab) characters.</p></li>
<!-- strips leading spaces, ignores space-only lines, ignores blank lines -->
- <li><p>Now, <span>collect a sequence of characters</span> that are
- <em>not</em> U+000A LINE FEED (LF) or U+000D CARRIAGE RETURN (CR)
- characters, and let the result be <var
+ <li><p>Now, <span>collect a sequence of characters</span> that are <em>not</em> U+000A LINE FEED
+ (LF) or U+000D CARRIAGE RETURN (CR) characters, and let the result be <var
title="">line</var>.</p></li>
- <li><p>Drop any trailing U+0020 SPACE and U+0009 CHARACTER
- TABULATION (tab) characters at the end of <var
- title="">line</var>.</p></li>
+ <li><p>Drop any trailing U+0020 SPACE and U+0009 CHARACTER TABULATION (tab) characters at the end
+ of <var title="">line</var>.</p></li>
- <li><p>If <var title="">line</var> is the empty string, then jump
- back to the step labeled "start of line".</p></li>
+ <li><p>If <var title="">line</var> is the empty string, then jump back to the step labeled "start
+ of line".</p></li>
- <li><p>If the first character in <var title="">line</var> is a
- U+0023 NUMBER SIGN character (#), then jump back to the step
- labeled "start of line".</p></li>
+ <li><p>If the first character in <var title="">line</var> is a U+0023 NUMBER SIGN character (#),
+ then jump back to the step labeled "start of line".</p></li>
- <li><p>If <var title="">line</var> equals "CACHE:" (the word
- "CACHE" followed by a U+003A COLON character (:)), then set <var
- title="">mode</var> to "explicit" and jump back to the step
- labeled "start of line".</p></li>
+ <li><p>If <var title="">line</var> equals "CACHE:" (the word "CACHE" followed by a U+003A COLON
+ character (:)), then set <var title="">mode</var> to "explicit" and jump back to the step labeled
+ "start of line".</p></li>
- <li><p>If <var title="">line</var> equals "FALLBACK:" (the word
- "FALLBACK" followed by a U+003A COLON character (:)), then set <var
- title="">mode</var> to "fallback" and jump back to the step
+ <li><p>If <var title="">line</var> equals "FALLBACK:" (the word "FALLBACK" followed by a U+003A
+ COLON character (:)), then set <var title="">mode</var> to "fallback" and jump back to the step
labeled "start of line".</p></li>
- <li><p>If <var title="">line</var> equals "NETWORK:" (the word
- "NETWORK" followed by a U+003A COLON character (:)), then set <var
- title="">mode</var> to "online whitelist" and jump back to the step
+ <li><p>If <var title="">line</var> equals "NETWORK:" (the word "NETWORK" followed by a U+003A
+ COLON character (:)), then set <var title="">mode</var> to "online whitelist" and jump back to
+ the step labeled "start of line".</p></li>
+
+ <li><p>If <var title="">line</var> equals "SETTINGS:" (the word "SETTINGS" followed by a U+003A
+ COLON character (:)), then set <var title="">mode</var> to "settings" and jump back to the step
labeled "start of line".</p></li>
- <li><p>If <var title="">line</var> equals "SETTINGS:" (the word
- "SETTINGS" followed by a U+003A COLON character (:)), then set <var
- title="">mode</var> to "settings" and jump back to the step labeled
- "start of line".</p></li>
+ <li><p>If <var title="">line</var> ends with a U+003A COLON character (:), then set <var
+ title="">mode</var> to "unknown" and jump back to the step labeled "start of line".</p></li>
- <li><p>If <var title="">line</var> ends with a U+003A COLON
- character (:), then set <var title="">mode</var> to "unknown" and
- jump back to the step labeled "start of line".</p></li>
+ <li><p>This is either a data line or it is syntactically incorrect.</p></li>
- <li><p>This is either a data line or it is syntactically
- incorrect.</p></li>
+ <li><p>Let <var title="">position</var> be a pointer into <var title="">line</var>, initially
+ pointing at the start of the string.</p></li>
- <li><p>Let <var title="">position</var> be a pointer into <var
- title="">line</var>, initially pointing at the start of the
- string.</p></li>
+ <li><p>Let <var title="">tokens</var> be a list of strings, initially empty.</p></li>
- <li><p>Let <var title="">tokens</var> be a list of strings,
- initially empty.</p></li>
-
<li>
- <p>While <var title="">position</var> doesn't point past the end
- of <var title="">line</var>:</p>
+ <p>While <var title="">position</var> doesn't point past the end of <var
+ title="">line</var>:</p>
<ol>
- <li><p>Let <var title="">current token</var> be an empty
- string.</p></li>
+ <li><p>Let <var title="">current token</var> be an empty string.</p></li>
- <li><p>While <var title="">position</var> doesn't point past the
- end of <var title="">line</var> and the character at <var
- title="">position</var> is neither a U+0020 SPACE nor a U+0009
- CHARACTER TABULATION (tab) character, add the character at <var
- title="">position</var> to <var title="">current token</var> and
- advance <var title="">position</var> to the next character in
- <var title="">input</var>.</p></li>
+ <li><p>While <var title="">position</var> doesn't point past the end of <var
+ title="">line</var> and the character at <var title="">position</var> is neither a U+0020 SPACE
+ nor a U+0009 CHARACTER TABULATION (tab) character, add the character at <var
+ title="">position</var> to <var title="">current token</var> and advance <var
+ title="">position</var> to the next character in <var title="">input</var>.</p></li>
- <li><p>Add <var title="">current token</var> to the <var
- title="">tokens</var> list.</p></li>
+ <li><p>Add <var title="">current token</var> to the <var title="">tokens</var> list.</p></li>
- <li><p>While <var title="">position</var> doesn't point past the
- end of <var title="">line</var> and the character at <var
- title="">position</var> is either a U+0020 SPACE or a U+0009
- CHARACTER TABULATION (tab) character, advance <var
- title="">position</var> to the next character in <var
- title="">input</var>.</p></li>
+ <li><p>While <var title="">position</var> doesn't point past the end of <var
+ title="">line</var> and the character at <var title="">position</var> is either a U+0020 SPACE
+ or a U+0009 CHARACTER TABULATION (tab) character, advance <var title="">position</var> to the
+ next character in <var title="">input</var>.</p></li>
</ol>
@@ -81132,23 +80869,20 @@
<dd>
- <p><span title="resolve a url">Resolve</span> the first item in
- <var title="">tokens</var>, relative to <var title="">base
- URL</var>; ignore the rest.</p>
+ <p><span title="resolve a url">Resolve</span> the first item in <var title="">tokens</var>,
+ relative to <var title="">base URL</var>; ignore the rest.</p>
- <p>If this fails, then jump back to the step labeled "start of
- line".</p>
+ <p>If this fails, then jump back to the step labeled "start of line".</p>
- <p>If the resulting <span>parsed URL</span> has a different
- <span title="concept-url-scheme">scheme</span> component than
- <var title="">base URL</var> (the manifest's URL), then jump back to the step
- labeled "start of line".</p>
+ <p>If the resulting <span>parsed URL</span> has a different <span
+ title="concept-url-scheme">scheme</span> component than <var title="">base URL</var> (the
+ manifest's URL), then jump back to the step labeled "start of line".</p>
<p>Let <var title="">new URL</var> be the result of applying the <span>URL serializer</span>
- algorithm to the resulting <span>parsed URL</span>, with the <i>exclude fragment flag</i> set.</p>
+ algorithm to the resulting <span>parsed URL</span>, with the <i>exclude fragment flag</i>
+ set.</p>
- <p>Add <var title="">new URL</var> to the <var
- title="">explicit URLs</var>.</p>
+ <p>Add <var title="">new URL</var> to the <var title="">explicit URLs</var>.</p>
</dd>
@@ -81156,22 +80890,17 @@
<dd>
- <p>Let <var title="">part one</var> be the first token in <var
- title="">tokens</var>, and let <var title="">part two</var> be
- the second token in <var title="">tokens</var>.</p>
+ <p>Let <var title="">part one</var> be the first token in <var title="">tokens</var>, and let
+ <var title="">part two</var> be the second token in <var title="">tokens</var>.</p>
- <p><span title="resolve a url">Resolve</span> <var title="">part
- one</var> and <var title="">part two</var>, relative to <var
- title="">base URL</var>.</p>
+ <p><span title="resolve a url">Resolve</span> <var title="">part one</var> and <var
+ title="">part two</var>, relative to <var title="">base URL</var>.</p>
- <p>If either fails, then jump back to the step labeled "start of
- line".</p>
+ <p>If either fails, then jump back to the step labeled "start of line".</p>
- <p>If the <span>absolute URL</span> corresponding to either <var
- title="">part one</var> or <var title="">part two</var> does not
- have the <span>same origin</span> as the manifest's URL, then
- jump back to the step labeled "start of line".</p> <!-- SECURITY
- -->
+ <p>If the <span>absolute URL</span> corresponding to either <var title="">part one</var> or
+ <var title="">part two</var> does not have the <span>same origin</span> as the manifest's URL,
+ then jump back to the step labeled "start of line".</p> <!-- SECURITY -->
<p>Let <var title="">part one</var> be the result of applying the <span>URL serializer</span>
algorithm to the first resulting <span>parsed URL</span>, with the <i>exclude fragment
@@ -81181,19 +80910,14 @@
algorithm to the second resulting <span>parsed URL</span>, with the <i>exclude fragment
flag</i> set.</p>
- <p>If <var
- title="">part one</var> is already in the <var title="">fallback
- URLs</var> mapping as a <span
- title="concept-appcache-fallback-ns">fallback namespace</span>,
- then jump back to the step labeled "start of line".</p>
+ <p>If <var title="">part one</var> is already in the <var title="">fallback URLs</var> mapping
+ as a <span title="concept-appcache-fallback-ns">fallback namespace</span>, then jump back to
+ the step labeled "start of line".</p>
- <p>Otherwise, add
- <var title="">part one</var> to the <var title="">fallback
- URLs</var> mapping as a <span
- title="concept-appcache-fallback-ns">fallback namespace</span>,
- mapped to <var
- title="">part two</var> as the <span
- title="concept-appcache-fallback">fallback entry</span>.</p>
+ <p>Otherwise, add <var title="">part one</var> to the <var title="">fallback URLs</var>
+ mapping as a <span title="concept-appcache-fallback-ns">fallback namespace</span>, mapped to
+ <var title="">part two</var> as the <span title="concept-appcache-fallback">fallback
+ entry</span>.</p>
</dd>
@@ -81201,28 +80925,24 @@
<dd>
- <p>If the first item in <var title="">tokens</var> is a U+002A
- ASTERISK character (*), then set <var title="">online whitelist
- wildcard flag</var> to <i title="">open</i> and jump back to the
- step labeled "start of line".</p>
+ <p>If the first item in <var title="">tokens</var> is a U+002A ASTERISK character (*), then
+ set <var title="">online whitelist wildcard flag</var> to <i title="">open</i> and jump back
+ to the step labeled "start of line".</p>
- <p>Otherwise, <span title="resolve a url">resolve</span> the
- first item in <var title="">tokens</var>, relative to <var
- title="">base URL</var>; ignore the rest.</p>
+ <p>Otherwise, <span title="resolve a url">resolve</span> the first item in <var
+ title="">tokens</var>, relative to <var title="">base URL</var>; ignore the rest.</p>
- <p>If this fails, then jump back to the step labeled "start of
- line".</p>
+ <p>If this fails, then jump back to the step labeled "start of line".</p>
- <p>If the resulting <span>parsed URL</span> has a different
- <span title="concept-url-scheme">scheme</span> component than
- <var title="">base URL</var> (the manifest's URL), then jump back to the step
- labeled "start of line".</p>
+ <p>If the resulting <span>parsed URL</span> has a different <span
+ title="concept-url-scheme">scheme</span> component than <var title="">base URL</var> (the
+ manifest's URL), then jump back to the step labeled "start of line".</p>
<p>Let <var title="">new URL</var> be the result of applying the <span>URL serializer</span>
- algorithm to the resulting <span>parsed URL</span>, with the <i>exclude fragment flag</i> set.</p>
+ algorithm to the resulting <span>parsed URL</span>, with the <i>exclude fragment flag</i>
+ set.</p>
- <p>Add <var title="">new URL</var> to the <var
- title="">online whitelist namespaces</var>.</p>
+ <p>Add <var title="">new URL</var> to the <var title="">online whitelist namespaces</var>.</p>
</dd>
@@ -81230,14 +80950,12 @@
<dd>
- <p>If <var title="">tokens</var> contains a single token, and
- that token is a <span>case-sensitive</span> match for the string
- "<code title="">prefer-online</code>", then set <var
- title="">cache mode flag</var> to <i title="">prefer-online</i>
- and jump back to the step labeled "start of line".</p>
+ <p>If <var title="">tokens</var> contains a single token, and that token is a
+ <span>case-sensitive</span> match for the string "<code title="">prefer-online</code>", then
+ set <var title="">cache mode flag</var> to <i title="">prefer-online</i> and jump back to the
+ step labeled "start of line".</p>
- <p>Otherwise, the line is an unsupported setting: do nothing;
- the line is ignored.</p>
+ <p>Otherwise, the line is an unsupported setting: do nothing; the line is ignored.</p>
</dd>
@@ -81253,54 +80971,38 @@
</li>
- <li><p>Jump back to the step labeled "start of line". (That step
- jumps to the next, and last, step when the end of the file is
- reached.)</p></li>
+ <li><p>Jump back to the step labeled "start of line". (That step jumps to the next, and last,
+ step when the end of the file is reached.)</p></li>
- <li><p>Return the <var title="">explicit URLs</var> list, the <var
- title="">fallback URLs</var> mapping, the <var title="">online
- whitelist namespaces</var>, the <var title="">online whitelist
- wildcard flag</var>, and the <var title="">cache mode
- flag</var>.</p></li>
+ <li><p>Return the <var title="">explicit URLs</var> list, the <var title="">fallback URLs</var>
+ mapping, the <var title="">online whitelist namespaces</var>, the <var title="">online whitelist
+ wildcard flag</var>, and the <var title="">cache mode flag</var>.</p></li>
</ol>
<div class="note">
<p>The resource that declares the manifest (with the <code
- title="attr-html-manifest">manifest</code> attribute) will always
- get taken from the cache, whether it is listed in the cache or not,
- even if it is listed in an <span
- title="concept-appcache-onlinewhitelist">online whitelist
- namespace</span>.</p>
+ title="attr-html-manifest">manifest</code> attribute) will always get taken from the cache,
+ whether it is listed in the cache or not, even if it is listed in an <span
+ title="concept-appcache-onlinewhitelist">online whitelist namespace</span>.</p>
- <p>If a resource is listed in the <span
- title="concept-appcache-manifest-explicit">explicit section</span>
- or as a <span title="concept-appcache-fallback">fallback
- entry</span> in the <span
- title="concept-appcache-manifest-fallback">fallback section</span>,
- the resource will always be taken from the cache, regardless of any
- other matching entries in the <span
- title="concept-appcache-fallback-ns">fallback namespaces</span> or
- <span title="concept-appcache-onlinewhitelist">online whitelist
- namespaces</span>.</p>
+ <p>If a resource is listed in the <span title="concept-appcache-manifest-explicit">explicit
+ section</span> or as a <span title="concept-appcache-fallback">fallback entry</span> in the <span
+ title="concept-appcache-manifest-fallback">fallback section</span>, the resource will always be
+ taken from the cache, regardless of any other matching entries in the <span
+ title="concept-appcache-fallback-ns">fallback namespaces</span> or <span
+ title="concept-appcache-onlinewhitelist">online whitelist namespaces</span>.</p>
- <p>When a <span title="concept-appcache-fallback-ns">fallback
- namespace</span> and an <span
- title="concept-appcache-onlinewhitelist">online whitelist
- namespace</span> overlap, the <span
- title="concept-appcache-onlinewhitelist">online whitelist
- namespace</span> has priority.</p>
+ <p>When a <span title="concept-appcache-fallback-ns">fallback namespace</span> and an <span
+ title="concept-appcache-onlinewhitelist">online whitelist namespace</span> overlap, the <span
+ title="concept-appcache-onlinewhitelist">online whitelist namespace</span> has priority.</p>
- <p>The <span
- title="concept-appcache-onlinewhitelist-wildcard">online whitelist
- wildcard flag</span> is applied last, only for URLs that match
- neither the <span title="concept-appcache-onlinewhitelist">online
- whitelist namespace</span> nor the <span
- title="concept-appcache-fallback-ns">fallback namespace</span> and
- that are not listed in the <span
- title="concept-appcache-manifest-explicit">explicit
- section</span>.</p>
+ <p>The <span title="concept-appcache-onlinewhitelist-wildcard">online whitelist wildcard
+ flag</span> is applied last, only for URLs that match neither the <span
+ title="concept-appcache-onlinewhitelist">online whitelist namespace</span> nor the <span
+ title="concept-appcache-fallback-ns">fallback namespace</span> and that are not listed in the
+ <span title="concept-appcache-manifest-explicit">explicit section</span>.</p>
</div>
@@ -81564,14 +81266,16 @@
<span>shows caching progress</span>, the display of some sort of user interface indicating to
the user that the user agent failed to save the application for offline use.</p>
-<!--CLEANUP-->
<p>Otherwise, associate the <code>Document</code> for this entry with <var
title="">cache</var>; store the resource for this entry in <var title="">cache</var>, if it
isn't already there, and categorize its entry as a <span
- title="concept-appcache-master">master entry</span>. If applying the <span>URL parser</span> algorithm to the resource's <span>URL</span> results in a <span>parsed URL</span> that has a non-null
- <span title="concept-url-fragment">fragment</span> component, the <span>URL</span> used for the
- entry in <var title="">cache</var> must instead be the <span>absolute URL</span> obtained from applying the <span>URL serializer</span> algorith, to the <span>parsed URL</span> with the <i>exclude fragment flag</i> set (application caches never include fragment
- identifiers).</p>
+ title="concept-appcache-master">master entry</span>. If applying the <span>URL parser</span>
+ algorithm to the resource's <span>URL</span> results in a <span>parsed URL</span> that has a
+ non-null <span title="concept-url-fragment">fragment</span> component, the <span>URL</span>
+ used for the entry in <var title="">cache</var> must instead be the <span>absolute URL</span>
+ obtained from applying the <span>URL serializer</span> algorith, to the <span>parsed
+ URL</span> with the <i>exclude fragment flag</i> set (application caches never include
+ fragment identifiers).</p>
</li>
@@ -82768,7 +82472,6 @@
</div>
-<!--CLEANUP-->
<div class="impl">
@@ -82777,17 +82480,15 @@
<h5>Definitions</h5>
- <p>This specification describes three kinds of <span
- title="JavaScript global environment">JavaScript global
- environments</span>: the <dfn>document environment</dfn>, the
- <dfn>dedicated worker environment</dfn>, and the <dfn>shared worker
- environment</dfn>. The <span>dedicated worker environment</span> and
- the <span>shared worker environment</span> are both types of <dfn
- title="worker environment">worker environments</dfn>.</p>
+ <p>This specification describes three kinds of <span title="JavaScript global
+ environment">JavaScript global environments</span>: the <dfn>document environment</dfn>, the
+ <dfn>dedicated worker environment</dfn>, and the <dfn>shared worker environment</dfn>. The
+ <span>dedicated worker environment</span> and the <span>shared worker environment</span> are both
+ types of <dfn title="worker environment">worker environments</dfn>.</p>
- <p>Except where otherwise specified, a <span>JavaScript global
- environment</span> is a <span>document environment</span>.</p> <!--
- note that we never actually say where one of these is created... -->
+ <p>Except where otherwise specified, a <span>JavaScript global environment</span> is a
+ <span>document environment</span>.</p> <!-- note that we never actually say where one of these is
+ created... -->
<hr>
@@ -82799,13 +82500,12 @@
<dd>
- <p>The characteristics of the script execution environment depend
- on the language, and are not defined by this specification.</p>
+ <p>The characteristics of the script execution environment depend on the language, and are not
+ defined by this specification.</p>
- <p class="example">In JavaScript, the script execution environment
- consists of the interpreter, the stack of <i>execution
- contexts</i>, the <i>global code</i> and <i>function code</i> and
- the <code>Function</code> objects resulting, and so forth.</p>
+ <p class="example">In JavaScript, the script execution environment consists of the interpreter,
+ the stack of <i>execution contexts</i>, the <i>global code</i> and <i>function code</i> and the
+ <code>Function</code> objects resulting, and so forth.</p>
</dd>
@@ -82813,21 +82513,18 @@
<dd>
- <p>Each code entry-point represents a block of executable code
- that the script exposes to other scripts and to the user
- agent.</p>
+ <p>Each code entry-point represents a block of executable code that the script exposes to other
+ scripts and to the user agent.</p>
- <p class="example">Each <code>Function</code> object in a
- JavaScript <span>script execution environment</span> has a
- corresponding code entry-point, for instance.</p>
+ <p class="example">Each <code>Function</code> object in a JavaScript <span>script execution
+ environment</span> has a corresponding code entry-point, for instance.</p>
- <p>The main program code of the script, if any, is the
- <dfn><i>initial code entry-point</i></dfn>. Typically, the code
- corresponding to this entry-point is executed immediately after
- the script is parsed.</p>
+ <p>The main program code of the script, if any, is the <dfn><i>initial code
+ entry-point</i></dfn>. Typically, the code corresponding to this entry-point is executed
+ immediately after the script is parsed.</p>
- <p class="example">In JavaScript, this corresponds to the
- execution context of the global code.</p>
+ <p class="example">In JavaScript, this corresponds to the execution context of the global
+ code.</p>
</dd>
@@ -82837,29 +82534,23 @@
<p>An object that provides the APIs that the code can use.</p>
- <p class="example">This is typically a <code>Window</code>
- object. In JavaScript, this corresponds to the <i>global
- object</i>.</p>
+ <p class="example">This is typically a <code>Window</code> object. In JavaScript, this
+ corresponds to the <i>global object</i>.</p>
- <p class="note">When a <span>script's global object</span> is an
- empty object, it can't do anything that interacts with the
- environment.</p>
+ <p class="note">When a <span>script's global object</span> is an empty object, it can't do
+ anything that interacts with the environment.</p>
- <p>If the <span>script's global object</span> is a
- <code>Window</code> object, then in JavaScript, the ThisBinding of
- the global execution context for this script must be the
- <code>Window</code> object's <code>WindowProxy</code> object,
- rather than the global object. <a
+ <p>If the <span>script's global object</span> is a <code>Window</code> object, then in
+ JavaScript, the ThisBinding of the global execution context for this script must be the
+ <code>Window</code> object's <code>WindowProxy</code> object, rather than the global object. <a
href="#refsECMA262">[ECMA262]</a></p>
- <p class="note">This is a <span>willful violation</span> of the
- JavaScript specification current at the time of writing
- (ECMAScript edition 5, as defined in section 10.4.1.1 Initial
- Global Execution Context, step 3). The JavaScript specification
- requires that the <code title="">this</code> keyword in the global
- scope return the global object, but this is not compatible with
- the security design prevalent in implementations as specified
- herein. <a href="#refsECMA262">[ECMA262]</a></p>
+ <p class="note">This is a <span>willful violation</span> of the JavaScript specification current
+ at the time of writing (ECMAScript edition 5, as defined in section 10.4.1.1 Initial Global
+ Execution Context, step 3). The JavaScript specification requires that the <code
+ title="">this</code> keyword in the global scope return the global object, but this is not
+ compatible with the security design prevalent in implementations as specified herein. <a
+ href="#refsECMA262">[ECMA262]</a></p>
</dd>
@@ -82867,15 +82558,13 @@
<dd>
- <p>A <span>browsing context</span> that is assigned responsibility
- for actions taken by the script.</p>
+ <p>A <span>browsing context</span> that is assigned responsibility for actions taken by the
+ script.</p>
- <p class="example">When a script creates and <span
- title="navigate">navigates</span> a new <span>top-level browsing
- context</span>, the <code title="dom-opener">opener</code>
- attribute of the new <span>browsing context</span>'s
- <code>Window</code> object will be set to the <span>script's
- browsing context</span>'s <code>WindowProxy</code> object.</p>
+ <p class="example">When a script creates and <span title="navigate">navigates</span> a new
+ <span>top-level browsing context</span>, the <code title="dom-opener">opener</code> attribute of
+ the new <span>browsing context</span>'s <code>Window</code> object will be set to the
+ <span>script's browsing context</span>'s <code>WindowProxy</code> object.</p>
</dd>
@@ -82883,14 +82572,11 @@
<dd>
- <p>A <code>Document</code> that is assigned responsibility for
- actions taken by the script.</p>
+ <p>A <code>Document</code> that is assigned responsibility for actions taken by the script.</p>
- <p class="example">For example, the <span title="the document's
- address">address</span> of the <span>script's document</span> is
- used to set the <span title="the document's
- address">address</span> of any <code>Document</code> elements
- created using <code
+ <p class="example">For example, the <span title="the document's address">address</span> of the
+ <span>script's document</span> is used to set the <span title="the document's
+ address">address</span> of any <code>Document</code> elements created using <code
title="dom-DOMImplementation-createDocument">createDocument()</code>.</p>
</dd>
@@ -82899,11 +82585,10 @@
<dd>
- <p>Either a <code>Document</code> (specifically, the
- <span>script's document</span>), or a <span>URL</span>, which is
- used by some APIs to determine what value to use for the <code
- title="http-referer">Referer</code> (sic) header in calls to the
- <span title="fetch">fetching</span> algorithm.</p>
+ <p>Either a <code>Document</code> (specifically, the <span>script's document</span>), or a
+ <span>URL</span>, which is used by some APIs to determine what value to use for the <code
+ title="http-referer">Referer</code> (sic) header in calls to the <span
+ title="fetch">fetching</span> algorithm.</p>
</dd>
@@ -82911,12 +82596,11 @@
<dd>
- <p>A character encoding, set when the script is created, used to
- encode URLs. <span id="sce-not-copy" title="">If the character
- encoding is set from another source, e.g. a <span>document's
- character encoding</span>, then the <span>script's URL character
- encoding</span> must follow the source, so that if the source's
- changes, so does the script's.</span></p>
+ <p>A character encoding, set when the script is created, used to encode URLs. <span
+ id="sce-not-copy" title="">If the character encoding is set from another source, e.g. a
+ <span>document's character encoding</span>, then the <span>script's URL character
+ encoding</span> must follow the source, so that if the source's changes, so does the
+ script's.</span></p>
</dd>
@@ -82924,12 +82608,10 @@
<dd>
- <p>A <span>URL</span>, set when the script is created, used to
- resolve <span title="relative url">relative URLs</span>. <span id="sbu-not-copy" title="">If the
- base URL is set from another source, e.g. a <span>document base
- URL</span>, then the <span>script's base URL</span> must follow
- the source, so that if the source's changes, so does the
- script's.</span></p>
+ <p>A <span>URL</span>, set when the script is created, used to resolve <span title="relative
+ url">relative URLs</span>. <span id="sbu-not-copy" title="">If the base URL is set from another
+ source, e.g. a <span>document base URL</span>, then the <span>script's base URL</span> must
+ follow the source, so that if the source's changes, so does the script's.</span></p>
</dd>
@@ -85818,8 +85500,8 @@
</div>
-<!--CLEANUP-->
+
<h5 id="custom-handlers">Custom scheme and content handlers</h5>
<pre class="idl">[NoInterfaceObject]
@@ -85834,21 +85516,18 @@
};</pre>
<p>The <dfn
- title="dom-navigator-registerProtocolHandler"><code>registerProtocolHandler()</code></dfn>
- method allows Web sites to register themselves as possible handlers
- for particular schemes. For example, an online telephone messaging
- service could register itself as a handler of the <code>sms:</code>
- scheme, so that if the user clicks on such a link, he is given the
- opportunity to use that Web site. Analogously, the <dfn
- title="dom-navigator-registerContentHandler"><code>registerContentHandler()</code></dfn>
- method allows Web sites to register themselves as possible handlers
- for content in a particular <span>MIME type</span>. For example, the
- same online telephone messaging service could register itself as a
- handler for <code>text/vcard</code> files, so that if the user has
- no native application capable of handling vCards, his Web browser
- can instead suggest he use that site to view contact information
- stored on vCards that he opens. <a href="#refsRFC5724">[RFC5724]</a>
- <a href="#refsRFC6350">RFC6350</a></p>
+ title="dom-navigator-registerProtocolHandler"><code>registerProtocolHandler()</code></dfn> method
+ allows Web sites to register themselves as possible handlers for particular schemes. For example,
+ an online telephone messaging service could register itself as a handler of the <code>sms:</code>
+ scheme, so that if the user clicks on such a link, he is given the opportunity to use that Web
+ site. Analogously, the <dfn
+ title="dom-navigator-registerContentHandler"><code>registerContentHandler()</code></dfn> method
+ allows Web sites to register themselves as possible handlers for content in a particular
+ <span>MIME type</span>. For example, the same online telephone messaging service could register
+ itself as a handler for <code>text/vcard</code> files, so that if the user has no native
+ application capable of handling vCards, his Web browser can instead suggest he use that site to
+ view contact information stored on vCards that he opens. <a href="#refsRFC5724">[RFC5724]</a> <a
+ href="#refsRFC6350">RFC6350</a></p>
<dl class="domintro">
@@ -85875,25 +85554,21 @@
<div class="impl">
- <p>User agents may, within the constraints described in this
- section, do whatever they like when the methods are called. A UA
- could, for instance, prompt the user and offer the user the
- opportunity to add the site to a shortlist of handlers, or make the
- handlers his default, or cancel the request. UAs could provide such
- a UI through modal UI or through a non-modal transient notification
- interface. UAs could also simply silently collect the information,
- providing it only when relevant to the user.</p>
+ <p>User agents may, within the constraints described in this section, do whatever they like when
+ the methods are called. A UA could, for instance, prompt the user and offer the user the
+ opportunity to add the site to a shortlist of handlers, or make the handlers his default, or
+ cancel the request. UAs could provide such a UI through modal UI or through a non-modal transient
+ notification interface. UAs could also simply silently collect the information, providing it only
+ when relevant to the user.</p>
- <p>User agents should keep track of which sites have registered
- handlers (even if the user has declined such registrations) so that
- the user is not repeatedly prompted with the same request.</p>
+ <p>User agents should keep track of which sites have registered handlers (even if the user has
+ declined such registrations) so that the user is not repeatedly prompted with the same
+ request.</p>
- <p>The arguments to the methods have the following meanings and
- corresponding implementation requirements. The requirements that
- involve throwing exceptions must be processed in the order given
- below, stopping at the first exception thrown. (So the exceptions
- for the first argument take precedence over the exceptions for the
- second argument.)</p>
+ <p>The arguments to the methods have the following meanings and corresponding implementation
+ requirements. The requirements that involve throwing exceptions must be processed in the order
+ given below, stopping at the first exception thrown. (So the exceptions for the first argument
+ take precedence over the exceptions for the second argument.)</p>
<dl>
@@ -85901,15 +85576,12 @@
<dd>
- <p>A scheme, such as <code>mailto</code> or <code>web+auth</code>.
- The scheme must be compared in an <span>ASCII
- case-insensitive</span> manner by user agents for the purposes of
- comparing with the scheme part of URLs that they consider against
- the list of registered handlers.</p>
+ <p>A scheme, such as <code>mailto</code> or <code>web+auth</code>. The scheme must be compared
+ in an <span>ASCII case-insensitive</span> manner by user agents for the purposes of comparing
+ with the scheme part of URLs that they consider against the list of registered handlers.</p>
- <p>The <var title="">scheme</var> value, if it contains a colon
- (as in "<code>mailto:</code>"), will never match anything, since
- schemes don't contain colons.</p>
+ <p>The <var title="">scheme</var> value, if it contains a colon (as in "<code>mailto:</code>"),
+ will never match anything, since schemes don't contain colons.</p>
<p>If the <code title="dom-navigator-registerProtocolHandler">registerProtocolHandler()</code>
method is invoked with a scheme that is neither a <span>whitelisted scheme</span> nor a scheme
@@ -85918,8 +85590,7 @@
the "<code title="">web+</code>" prefix), the user agent must throw a <code>SecurityError</code>
exception.</p>
- <p>The following schemes are the <dfn title="whitelisted
- scheme">whitelisted schemes</dfn>:</p>
+ <p>The following schemes are the <dfn title="whitelisted scheme">whitelisted schemes</dfn>:</p>
<ul class="brief">
<li><code title="">irc</code></li>
@@ -85939,18 +85610,15 @@
<li><code title="">xmpp</code></li>
</ul>
- <p class="note">This list can be changed. If there are schemes
- that should be added, please send feedback.</p>
+ <p class="note">This list can be changed. If there are schemes that should be added, please send
+ feedback.</p>
- <p class="note">This list excludes any schemes that could
- reasonably be expected to be supported inline, e.g. in an
- <code>iframe</code>, such as <code title="">http</code> or (more
- theoretically) <code title="">gopher</code>. If those were
- supported, they could potentially be used in man-in-the-middle
- attacks, by replacing pages that have frames with such content
- with content under the control of the protocol handler. If the
- user agent has native support for the schemes, this could further
- be used for cookie-theft attacks.</p>
+ <p class="note">This list excludes any schemes that could reasonably be expected to be supported
+ inline, e.g. in an <code>iframe</code>, such as <code title="">http</code> or (more
+ theoretically) <code title="">gopher</code>. If those were supported, they could potentially be
+ used in man-in-the-middle attacks, by replacing pages that have frames with such content with
+ content under the control of the protocol handler. If the user agent has native support for the
+ schemes, this could further be used for cookie-theft attacks.</p>
</dd>
@@ -85958,34 +85626,26 @@
<dd>
- <p>A <span>MIME type</span>, such as
- <code>model/vnd.flatland.3dml</code> or
- <code>application/vnd.google-earth.kml+xml</code>. The <span>MIME
- type</span> must be compared in an <span>ASCII
- case-insensitive</span> manner by user agents for the purposes of
- comparing with MIME types of documents that they consider against
- the list of registered handlers.</p>
+ <p>A <span>MIME type</span>, such as <code>model/vnd.flatland.3dml</code> or
+ <code>application/vnd.google-earth.kml+xml</code>. The <span>MIME type</span> must be compared
+ in an <span>ASCII case-insensitive</span> manner by user agents for the purposes of comparing
+ with MIME types of documents that they consider against the list of registered handlers.</p>
- <p>User agents must compare the given values only to the MIME
- type/subtype parts of content types, not to the complete type
- including parameters. Thus, if <var title="">mimeType</var> values
- passed to this method include characters such as commas or
- whitespace, or include MIME parameters, then the handler being
- registered will never be used.</p>
+ <p>User agents must compare the given values only to the MIME type/subtype parts of content
+ types, not to the complete type including parameters. Thus, if <var title="">mimeType</var>
+ values passed to this method include characters such as commas or whitespace, or include MIME
+ parameters, then the handler being registered will never be used.</p>
- <p class="note">The type is compared to the <span>MIME type</span>
- used by the user agent <em>after</em> the sniffing algorithms have
- been applied.</p>
+ <p class="note">The type is compared to the <span>MIME type</span> used by the user agent
+ <em>after</em> the sniffing algorithms have been applied.</p>
- <p>If the <code
- title="dom-navigator-registerContentHandler">registerContentHandler()</code>
- method is invoked with a <span>MIME type</span> that is in the
- <span>type blacklist</span> or that the user agent has deemed a
- privileged type, the user agent must throw a
+ <p>If the <code title="dom-navigator-registerContentHandler">registerContentHandler()</code>
+ method is invoked with a <span>MIME type</span> that is in the <span>type blacklist</span> or
+ that the user agent has deemed a privileged type, the user agent must throw a
<code>SecurityError</code> exception.</p>
- <p>The following <span title="MIME type">MIME types</span> are in
- the <dfn>type blacklist</dfn>:</p>
+ <p>The following <span title="MIME type">MIME types</span> are in the <dfn>type
+ blacklist</dfn>:</p>
<ul class="brief">
@@ -86007,8 +85667,8 @@
</ul>
- <p class="note">This list can be changed. If there are MIME types
- that should be added, please send feedback.</p>
+ <p class="note">This list can be changed. If there are MIME types that should be added, please
+ send feedback.</p>
</dd>
@@ -86017,83 +85677,66 @@
<dd>
- <p>A string used to build the <span>URL</span> of the page that
- will handle the requests.</p>
+ <p>A string used to build the <span>URL</span> of the page that will handle the requests.</p>
- <p>User agents must throw a <code>SyntaxError</code> exception if
- the <var title="">url</var> argument passed to one of these
- methods does not contain the exact literal string
+ <p>User agents must throw a <code>SyntaxError</code> exception if the <var title="">url</var>
+ argument passed to one of these methods does not contain the exact literal string
"<code>%s</code>".</p>
- <p>User agents must throw a <code>SyntaxError</code> if <span
- title="resolve a url">resolving</span> the <var title="">url</var>
- argument relative to the <span>entry script</span>'s <span
- title="script's base URL">base URL</span>, is not successful.</p>
+ <p>User agents must throw a <code>SyntaxError</code> if <span title="resolve a
+ url">resolving</span> the <var title="">url</var> argument relative to the <span>entry
+ script</span>'s <span title="script's base URL">base URL</span>, is not successful.</p>
- <p class="note">The resulting <span>absolute URL</span> would by
- definition not be a <span>valid URL</span> as it would include the
- string "<code title="">%s</code>" which is not a valid component
- in a URL.</p>
+ <p class="note">The resulting <span>absolute URL</span> would by definition not be a <span>valid
+ URL</span> as it would include the string "<code title="">%s</code>" which is not a valid
+ component in a URL.</p>
- <p>User agents must throw a <code>SecurityError</code> exception if
- the resulting <span>absolute URL</span> has an <span>origin</span>
- that differs from the <span>origin</span> of the <span>entry
- script</span>.</p>
+ <p>User agents must throw a <code>SecurityError</code> exception if the resulting <span>absolute
+ URL</span> has an <span>origin</span> that differs from the <span>origin</span> of the
+ <span>entry script</span>.</p>
- <p class="note">This is forcibly the case if the <code
- title="">%s</code> placeholder is in the scheme, host, or port
- parts of the URL.</p>
+ <p class="note">This is forcibly the case if the <code title="">%s</code> placeholder is in the
+ scheme, host, or port parts of the URL.</p>
- <p>The resulting <span>absolute URL</span> is the
- <dfn>proto-URL</dfn>. It identifies the handler for the purposes
- of the methods described below.</p>
+ <p>The resulting <span>absolute URL</span> is the <dfn>proto-URL</dfn>. It identifies the
+ handler for the purposes of the methods described below.</p>
- <p>When the user agent uses this handler, it must replace the
- first occurrence of the exact literal string "<code
- title="">%s</code>" in the <var title="">url</var> argument with
- an escaped version of the <span>absolute URL</span> of the content
- in question (as defined below), then <span title="resolve a
- url">resolve</span> the resulting URL, relative to the <span
- title="script's base URL">base URL</span> of the <span>entry
- script</span> at the time the <code
- title="dom-navigator-registerContentHandler">registerContentHandler()</code>
- or <code
- title="dom-navigator-registerProtocolHandler">registerProtocolHandler()</code>
- methods were invoked, and then <span>navigate</span><!--DONAV
- user--> an appropriate <span>browsing context</span> to the
- resulting URL using the GET method (<span
- title="concept-http-equivalent-get">or equivalent</span> for
- non-HTTP URLs).</p>
+ <p>When the user agent uses this handler, it must replace the first occurrence of the exact
+ literal string "<code title="">%s</code>" in the <var title="">url</var> argument with an
+ escaped version of the <span>absolute URL</span> of the content in question (as defined below),
+ then <span title="resolve a url">resolve</span> the resulting URL, relative to the <span
+ title="script's base URL">base URL</span> of the <span>entry script</span> at the time the <code
+ title="dom-navigator-registerContentHandler">registerContentHandler()</code> or <code
+ title="dom-navigator-registerProtocolHandler">registerProtocolHandler()</code> methods were
+ invoked, and then <span>navigate</span><!--DONAV user--> an appropriate <span>browsing
+ context</span> to the resulting URL using the GET method (<span
+ title="concept-http-equivalent-get">or equivalent</span> for non-HTTP URLs).</p>
<p>To get the escaped version of the <span>absolute URL</span> of the content in question, the
user agent must replace every character in that <span>absolute URL</span> that is not a
- character in the URL <span>default encode set</span> with the result of <span title="UTF-8 percent
- encode">UTF-8 percent encoding</span> that character.</p>
+ character in the URL <span>default encode set</span> with the result of <span title="UTF-8
+ percent encode">UTF-8 percent encoding</span> that character.</p>
<div class="example">
- <p>If the user had visited a site at <code
- title="">http://example.com/</code> that made the following
- call:</p>
+ <p>If the user had visited a site at <code title="">http://example.com/</code> that made the
+ following call:</p>
<pre>navigator.registerContentHandler('application/x-soup', 'soup?url=%s', 'SoupWeb™')</pre>
- <p>...and then, much later, while visiting <code
- title="">http://www.example.net/</code>, clicked on a link such
- as:</p>
+ <p>...and then, much later, while visiting <code title="">http://www.example.net/</code>,
+ clicked on a link such as:</p>
<pre><a href="chickenkïwi.soup">Download our Chicken Kïwi soup!</a></pre>
- <p>...then, assuming this <code>chickenkïwi.soup</code> file
- was served with the <span>MIME type</span>
- <code>application/x-soup</code>, the UA might navigate to the
- following URL:</p>
+ <p>...then, assuming this <code>chickenkïwi.soup</code> file was served with the
+ <span>MIME type</span> <code>application/x-soup</code>, the UA might navigate to the following
+ URL:</p>
<pre>http://example.com/soup?url=http://www.example.net/chickenk%C3%AFwi.soup</pre>
- <p>This site could then fetch the <code>chickenkïwi.soup</code>
- file and do whatever it is that it does with soup (synthesize it
- and ship it to the user, or whatever).</p>
+ <p>This site could then fetch the <code>chickenkïwi.soup</code> file and do whatever it is
+ that it does with soup (synthesize it and ship it to the user, or whatever).</p>
</div>
@@ -86103,34 +85746,29 @@
<dd>
- <p>A descriptive title of the handler, which the UA might use to
- remind the user what the site in question is.</p>
+ <p>A descriptive title of the handler, which the UA might use to remind the user what the site
+ in question is.</p>
</dd>
</dl>
- <p>This section does not define how the pages registered by these
- methods are used, beyond the requirements on how to process the <var
- title="">url</var> value (see above). To some extent, the <span
- title="navigate">processing model for navigating across
- documents</span> defines some cases where these methods are
- relevant, but in general UAs may use this information wherever they
- would otherwise consider handing content to native plugins or helper
- applications.</p>
+ <p>This section does not define how the pages registered by these methods are used, beyond the
+ requirements on how to process the <var title="">url</var> value (see above). To some extent, the
+ <span title="navigate">processing model for navigating across documents</span> defines some cases
+ where these methods are relevant, but in general UAs may use this information wherever they would
+ otherwise consider handing content to native plugins or helper applications.</p>
- <p>UAs must not use registered content handlers to handle content
- that was returned as part of a non-GET transaction (or rather, as
- part of any non-idempotent transaction), as the remote site would
- not be able to fetch the same data.</p>
+ <p>UAs must not use registered content handlers to handle content that was returned as part of a
+ non-GET transaction (or rather, as part of any non-idempotent transaction), as the remote site
+ would not be able to fetch the same data.</p>
<hr>
</div>
- <p>In addition to the registration methods, there are also methods
- for determining if particular handlers have been registered, and for
- unregistering handlers.</p>
+ <p>In addition to the registration methods, there are also methods for determining if particular
+ handlers have been registered, and for unregistering handlers.</p>
<dl class="domintro">
@@ -86139,27 +85777,27 @@
<dd>
- <p>Returns one of the following strings describing the state of
- the handler given by the arguments:</p>
+ <p>Returns one of the following strings describing the state of the handler given by the
+ arguments:</p>
<dl>
<dt><code title="">new</code>
- <dd>Indicates that no attempt has been made to register the given
- handler (or that the handler has been unregistered). It would be
- appropriate to promote the availability of the handler or to just
- automatically register the handler.
+ <dd>Indicates that no attempt has been made to register the given handler (or that the handler
+ has been unregistered). It would be appropriate to promote the availability of the handler or
+ to just automatically register the handler.
+
<dt><code title="">registered</code>
- <dd>Indicates that the given handler has been registered or that
- the site is blocked from registering the handler. Trying to
- register the handler again would have no effect.
+ <dd>Indicates that the given handler has been registered or that the site is blocked from
+ registering the handler. Trying to register the handler again would have no effect.
+
<dt><code title="">declined</code>
- <dd>Indicates that the given handler has been offered but was
- rejected. Trying to register the handler again may prompt the
- user again.
+ <dd>Indicates that the given handler has been offered but was rejected. Trying to register the
+ handler again may prompt the user again.
+
</dl>
</dd>
@@ -86179,110 +85817,94 @@
<p>The <dfn
title="dom-navigator-isProtocolHandlerRegistered"><code>isProtocolHandlerRegistered()</code></dfn>
- method must return the <span>handler state string</span> that most
- closely describes the current state of the handler described by the
- two arguments to the method, where the first argument gives the
- scheme and the second gives the string used to build the
- <span>URL</span> of the page that will handle the requests.
+ method must return the <span>handler state string</span> that most closely describes the current
+ state of the handler described by the two arguments to the method, where the first argument gives
+ the scheme and the second gives the string used to build the <span>URL</span> of the page that
+ will handle the requests.
<!--INSERT FINGERPRINT-->
</p>
- <p>The first argument must be compared to the schemes for which
- custom protocol handlers are registered in an <span>ASCII
- case-insensitive</span> manner to find the relevant handlers.</p>
+ <p>The first argument must be compared to the schemes for which custom protocol handlers are
+ registered in an <span>ASCII case-insensitive</span> manner to find the relevant handlers.</p>
- <p>The second argument must be preprocessed as described below, and
- if that is successful, must then be matched against the <span
- title="proto-URL">proto-URLs</span> of the relevant handlers to find
- the described handler.</p>
+ <p>The second argument must be preprocessed as described below, and if that is successful, must
+ then be matched against the <span title="proto-URL">proto-URLs</span> of the relevant handlers to
+ find the described handler.</p>
<hr>
<p>The <dfn
title="dom-navigator-isContentHandlerRegistered"><code>isContentHandlerRegistered()</code></dfn>
- method must return the <span>handler state string</span> that most
- closely describes the current state of the handler described by the
- two arguments to the method, where the first argument gives the
- <span>MIME type</span> and the second gives the string used to build
- the <span>URL</span> of the page that will handle the requests.
+ method must return the <span>handler state string</span> that most closely describes the current
+ state of the handler described by the two arguments to the method, where the first argument gives
+ the <span>MIME type</span> and the second gives the string used to build the <span>URL</span> of
+ the page that will handle the requests.
<!--INSERT FINGERPRINT-->
</p>
- <p>The first argument must be compared to the <span title="MIME
- type">MIME types</span> for which custom content handlers are
- registered in an <span>ASCII case-insensitive</span> manner to find
+ <p>The first argument must be compared to the <span title="MIME type">MIME types</span> for which
+ custom content handlers are registered in an <span>ASCII case-insensitive</span> manner to find
the relevant handlers.</p>
- <p>The second argument must be preprocessed as described below, and
- if that is successful, must then be matched against the
- <span title="proto-URL">proto-URLs</span> of the relevant handlers to
+ <p>The second argument must be preprocessed as described below, and if that is successful, must
+ then be matched against the <span title="proto-URL">proto-URLs</span> of the relevant handlers to
find the described handler.</p>
<hr>
- <p>The <dfn title="handler state string">handler state strings</dfn>
- are the following strings. Each string describes several situations,
- as given by the following list.</p>
+ <p>The <dfn title="handler state string">handler state strings</dfn> are the following strings.
+ Each string describes several situations, as given by the following list.</p>
<dl>
<dt><code title="">new</code>
- <dd>The described handler has never been registered for the given
- scheme or type.
+ <dd>The described handler has never been registered for the given scheme or type.
- <dd>The described handler was once registered for the given scheme
- or type, but the site has since unregistered it. If the handler
- were to be reregistered, the user would be notified accordingly.
+ <dd>The described handler was once registered for the given scheme or type, but the site has
+ since unregistered it. If the handler were to be reregistered, the user would be notified
+ accordingly.
- <dd>The described handler was once registered for the given scheme
- or type, but the site has since unregistered it, but the user has
- indicated that the site is to be blocked from registering the type
- again, so the user agent would ignore further registration attempts.
+ <dd>The described handler was once registered for the given scheme or type, but the site has
+ since unregistered it, but the user has indicated that the site is to be blocked from registering
+ the type again, so the user agent would ignore further registration attempts.
<dt><code title="">registered</code>
- <dd>An attempt was made to register the described handler for the
- given scheme or type, but the user has not yet been notified, and
- the user agent would ignore further registration attempts. (Maybe
- the user agent batches registration requests to display them when
- the user requests to be notified about them, and the user has not
- yet requested that the user agent notify it of the previous
- registration attempt.)
+ <dd>An attempt was made to register the described handler for the given scheme or type, but the
+ user has not yet been notified, and the user agent would ignore further registration attempts.
+ (Maybe the user agent batches registration requests to display them when the user requests to be
+ notified about them, and the user has not yet requested that the user agent notify it of the
+ previous registration attempt.)
- <dd>The described handler is registered for the given scheme or
- type (maybe, or maybe not, as the default handler).
+ <dd>The described handler is registered for the given scheme or type (maybe, or maybe not, as the
+ default handler).
- <dd>The described handler is permanently blocked from being
- (re)registered. (Maybe the user marked the registration attempt as
- spam, or blocked the site for other reasons.)
+ <dd>The described handler is permanently blocked from being (re)registered. (Maybe the user
+ marked the registration attempt as spam, or blocked the site for other reasons.)
<dt><code title="">declined</code>
- <dd>An attempt was made to register the described handler for the
- given scheme or type, but the user has not yet been notified;
- however, the user might be notified if another registration attempt
- were to be made. (Maybe the last registration attempt was made
- while the page was in the background and the user closed the page
- without looking at it, and the user agent requires confirmation for
- this registration attempt.)
+ <dd>An attempt was made to register the described handler for the given scheme or type, but the
+ user has not yet been notified; however, the user might be notified if another registration
+ attempt were to be made. (Maybe the last registration attempt was made while the page was in the
+ background and the user closed the page without looking at it, and the user agent requires
+ confirmation for this registration attempt.)
- <dd>An attempt was made to register the described handler for the
- given scheme or type, but the user has not yet responded.
+ <dd>An attempt was made to register the described handler for the given scheme or type, but the
+ user has not yet responded.
- <dd>An attempt was made to register the described handler for the
- given scheme or type, but the user declined the offer. The user has
- not indicated that the handler is to be permanently blocked,
- however, so another attempt to register the described handler might
- result in the user being prompted again.
+ <dd>An attempt was made to register the described handler for the given scheme or type, but the
+ user declined the offer. The user has not indicated that the handler is to be permanently
+ blocked, however, so another attempt to register the described handler might result in the user
+ being prompted again.
- <dd>The described handler was once registered for the given scheme
- or type, but the user has since removed it. The user has not
- indicated that the handler is to be permanently blocked, however,
- so another attempt to register the described handler might result
- in the user being prompted again.
+ <dd>The described handler was once registered for the given scheme or type, but the user has
+ since removed it. The user has not indicated that the handler is to be permanently blocked,
+ however, so another attempt to register the described handler might result in the user being
+ prompted again.
</dl>
@@ -86290,64 +85912,54 @@
<p>The <dfn
title="dom-navigator-unregisterProtocolHandler"><code>unregisterProtocolHandler()</code></dfn>
- method must unregister the handler described by the two arguments to
- the method, where the first argument gives the scheme and the second
- gives the string used to build the <span>URL</span> of the page that
- will handle the requests.</p>
+ method must unregister the handler described by the two arguments to the method, where the first
+ argument gives the scheme and the second gives the string used to build the <span>URL</span> of
+ the page that will handle the requests.</p>
- <p>The first argument must be compared to the schemes for which
- custom protocol handlers are registered in an <span>ASCII
- case-insensitive</span> manner to find the relevant handlers.</p>
+ <p>The first argument must be compared to the schemes for which custom protocol handlers are
+ registered in an <span>ASCII case-insensitive</span> manner to find the relevant handlers.</p>
- <p>The second argument must be preprocessed as described below, and
- if that is successful, must then be matched against the <span
- title="proto-URL">proto-URLs</span> of the relevant handlers to find
- the described handler.</p>
+ <p>The second argument must be preprocessed as described below, and if that is successful, must
+ then be matched against the <span title="proto-URL">proto-URLs</span> of the relevant handlers to
+ find the described handler.</p>
<hr>
<p>The <dfn
title="dom-navigator-unregisterContentHandler"><code>unregisterContentHandler()</code></dfn>
- method must unregister the handler described by the two arguments to
- the method, where the first argument gives the <span>MIME
- type</span> and the second gives the string used to build the
+ method must unregister the handler described by the two arguments to the method, where the first
+ argument gives the <span>MIME type</span> and the second gives the string used to build the
<span>URL</span> of the page that will handle the requests.</p>
- <p>The first argument must be compared to the <span title="MIME
- type">MIME types</span> for which custom content handlers are
- registered in an <span>ASCII case-insensitive</span> manner to find
+ <p>The first argument must be compared to the <span title="MIME type">MIME types</span> for which
+ custom content handlers are registered in an <span>ASCII case-insensitive</span> manner to find
the relevant handlers.</p>
- <p>The second argument must be preprocessed as described below, and
- if that is successful, must then be matched against the
- <span title="proto-URL">proto-URLs</span> of the relevant handlers to
+ <p>The second argument must be preprocessed as described below, and if that is successful, must
+ then be matched against the <span title="proto-URL">proto-URLs</span> of the relevant handlers to
find the described handler.</p>
<hr>
- <p>The second argument of the four methods described above must be
- preprocessed as follows:</p>
+ <p>The second argument of the four methods described above must be preprocessed as follows:</p>
<ol>
- <li><p>If the string does not contain the substring "<code
- title="">%s</code>", abort these steps. There's no matching
- handler.</p></li>
+ <li><p>If the string does not contain the substring "<code title="">%s</code>", abort these
+ steps. There's no matching handler.</p></li>
- <li><p><span title="resolve a URL">Resolve</span> the string
- relative to the <span title="script's base URL">base URL</span> of
- the <span>entry script</span>.</p></li>
+ <li><p><span title="resolve a URL">Resolve</span> the string relative to the <span
+ title="script's base URL">base URL</span> of the <span>entry script</span>.</p></li>
- <li><p>If this fails, then throw a <code>SyntaxError</code>
- exception, aborting the method.</p></li>
+ <li><p>If this fails, then throw a <code>SyntaxError</code> exception, aborting the
+ method.</p></li>
- <li><p>If the resoluting <span>absolute URL</span>'s
- <span>origin</span> is not the <span>same origin</span> as that of
- the <span>entry script</span> throw a <span>SecurityError</span>
+ <li><p>If the resoluting <span>absolute URL</span>'s <span>origin</span> is not the <span>same
+ origin</span> as that of the <span>entry script</span> throw a <span>SecurityError</span>
exception, aborting the method.</p></li>
- <li><p>Return the resulting <span>absolute URL</span> as the result
- of preprocessing the argument.</p></li>
+ <li><p>Return the resulting <span>absolute URL</span> as the result of preprocessing the
+ argument.</p></li>
</ol>
@@ -86360,87 +85972,71 @@
<h6>Security and privacy</h6>
- <p>These mechanisms can introduce a number of concerns, in
- particular privacy concerns.</p>
+ <p>These mechanisms can introduce a number of concerns, in particular privacy concerns.</p>
- <p><strong>Hijacking all Web usage.</strong> User agents should not
- allow schemes that are key to its normal operation, such as
- <code>http</code> or <code>https</code>, to be rerouted through
- third-party sites. This would allow a user's activities to be
- trivially tracked, and would allow user information, even in secure
- connections, to be collected.</p>
+ <p><strong>Hijacking all Web usage.</strong> User agents should not allow schemes that are key to
+ its normal operation, such as <code>http</code> or <code>https</code>, to be rerouted through
+ third-party sites. This would allow a user's activities to be trivially tracked, and would allow
+ user information, even in secure connections, to be collected.</p>
<p><strong>Hijacking defaults.</strong> User agents are strongly urged to not automatically change
any defaults, as this could lead the user to send data to remote hosts that the user is not
expecting. New handlers registering themselves should never automatically cause those sites to be
used.</p>
- <p><strong>Registration spamming.</strong> User agents should
- consider the possibility that a site will attempt to register a
- large number of handlers, possibly from multiple domains (e.g. by
- redirecting through a series of pages each on a different domain,
- and each registering a handler for <code>video/mpeg</code> —
- analogous practices abusing other Web browser features have been
- used by pornography Web sites for many years). User agents should
- gracefully handle such hostile attempts, protecting the user.</p>
+ <p><strong>Registration spamming.</strong> User agents should consider the possibility that a site
+ will attempt to register a large number of handlers, possibly from multiple domains (e.g. by
+ redirecting through a series of pages each on a different domain, and each registering a handler
+ for <code>video/mpeg</code> — analogous practices abusing other Web browser features have
+ been used by pornography Web sites for many years). User agents should gracefully handle such
+ hostile attempts, protecting the user.</p>
- <p><strong>Misleading titles.</strong> User agents should not rely
- wholly on the <var title="">title</var> argument to the methods when
- presenting the registered handlers to the user, since sites could
- easily lie. For example, a site <code>hostile.example.net</code>
- could claim that it was registering the "Cuddly Bear Happy Content
- Handler". User agents should therefore use the handler's domain in
- any UI along with any title.</p>
+ <p><strong>Misleading titles.</strong> User agents should not rely wholly on the <var
+ title="">title</var> argument to the methods when presenting the registered handlers to the user,
+ since sites could easily lie. For example, a site <code>hostile.example.net</code> could claim
+ that it was registering the "Cuddly Bear Happy Content Handler". User agents should therefore use
+ the handler's domain in any UI along with any title.</p>
- <p><strong>Hostile handler metadata.</strong> User agents should
- protect against typical attacks against strings embedded in their
- interface, for example ensuring that markup or escape characters in
- such strings are not executed, that null bytes are properly handled,
- that over-long strings do not cause crashes or buffer overruns, and
- so forth.</p>
+ <p><strong>Hostile handler metadata.</strong> User agents should protect against typical attacks
+ against strings embedded in their interface, for example ensuring that markup or escape characters
+ in such strings are not executed, that null bytes are properly handled, that over-long strings do
+ not cause crashes or buffer overruns, and so forth.</p>
- <p><strong>Leaking Intranet URLs.</strong> The mechanism described
- in this section can result in secret Intranet URLs being leaked, in
- the following manner:</p>
+ <p><strong>Leaking Intranet URLs.</strong> The mechanism described in this section can result in
+ secret Intranet URLs being leaked, in the following manner:</p>
<ol>
- <li>The user registers a third-party content handler as the default
- handler for a content type.</li>
+ <li>The user registers a third-party content handler as the default handler for a content
+ type.</li>
- <li>The user then browses his corporate Intranet site and accesses
- a document that uses that content type.</li>
+ <li>The user then browses his corporate Intranet site and accesses a document that uses that
+ content type.</li>
- <li>The user agent contacts the third party and hands the third
- party the URL to the Intranet content.</li>
+ <li>The user agent contacts the third party and hands the third party the URL to the Intranet
+ content.</li>
</ol>
- <p>No actual confidential file data is leaked in this manner, but
- the URLs themselves could contain confidential information. For
- example, the URL could be
- <code>http://www.corp.example.com/upcoming-aquisitions/the-sample-company.egf</code>,
- which might tell the third party that Example Corporation is
- intending to merge with The Sample Company. Implementors might wish
- to consider allowing administrators to disable this feature for
- certain subdomains, content types, or schemes.</p>
+ <p>No actual confidential file data is leaked in this manner, but the URLs themselves could
+ contain confidential information. For example, the URL could be
+ <code>http://www.corp.example.com/upcoming-aquisitions/the-sample-company.egf</code>, which might
+ tell the third party that Example Corporation is intending to merge with The Sample Company.
+ Implementors might wish to consider allowing administrators to disable this feature for certain
+ subdomains, content types, or schemes.</p>
- <p><strong>Leaking secure URLs.</strong> User agents should not send
- HTTPS URLs to third-party sites registered as content handlers
- without the user's informed consent, for the same reason that user
- agents sometimes avoid sending <code
- title="http-referer">Referer</code> (sic) HTTP headers from secure
- sites to third-party sites.</p>
+ <p><strong>Leaking secure URLs.</strong> User agents should not send HTTPS URLs to third-party
+ sites registered as content handlers without the user's informed consent, for the same reason that
+ user agents sometimes avoid sending <code title="http-referer">Referer</code> (sic) HTTP headers
+ from secure sites to third-party sites.</p>
- <p><strong>Leaking credentials.</strong> User agents must never send
- username or password information in the URLs that are escaped and
- included sent to the handler sites. User agents may even avoid
- attempting to pass to Web-based handlers the URLs of resources
- that are known to require authentication to access, as such sites
- would be unable to access the resources in question without
- prompting the user for credentials themselves (a practice that would
- require the user to know whether to trust the third-party handler, a
- decision many users are unable to make or even understand).</p>
+ <p><strong>Leaking credentials.</strong> User agents must never send username or password
+ information in the URLs that are escaped and included sent to the handler sites. User agents may
+ even avoid attempting to pass to Web-based handlers the URLs of resources that are known to
+ require authentication to access, as such sites would be unable to access the resources in
+ question without prompting the user for credentials themselves (a practice that would require the
+ user to know whether to trust the third-party handler, a decision many users are unable to make or
+ even understand).</p>
<p><strong>Interface interference.</strong> User agents should be prepared to handle intentionally
long arguments to the methods. For example, if the user interface exposed consists of an "accept"
@@ -86463,47 +86059,38 @@
<!--END dev-html--><p><i>This section is non-normative.</i></p><!--START dev-html-->
- <p>A simple implementation of this feature for a desktop Web browser
- might work as follows.</p>
+ <p>A simple implementation of this feature for a desktop Web browser might work as follows.</p>
- <p>The <code
- title="dom-navigator-registerContentHandler">registerContentHandler()</code>
- method could display a modal dialog box:</p>
+ <p>The <code title="dom-navigator-registerContentHandler">registerContentHandler()</code> method
+ could display a modal dialog box:</p>
<p><img src="images/sample-content-handler-registration.png" width="534" height="374" alt="The modal dialog box could have the title 'Content Handler Registration', and could say 'This Web page: Kittens at work http://kittens.example.org/ ...would like permission to handle files of type: application/x-meowmeow using the following Web-based application: Kittens-at-work displayer http://kittens.example.org/?show=%s Do you trust the administrators of the "kittens.example.org" domain?' with two buttons, 'Trust kittens.example.org' and 'Cancel'."></p>
- <p>In this dialog box, "Kittens at work" is the title of the page
- that invoked the method, "http://kittens.example.org/" is the URL of
- that page, "application/x-meowmeow" is the string that was passed to
- the <code
- title="dom-navigator-registerContentHandler">registerContentHandler()</code>
- method as its first argument (<var title="">mimeType</var>),
- "http://kittens.example.org/?show=%s" was the second argument (<var
- title="">url</var>), and "Kittens-at-work displayer" was the third
- argument (<var title="">title</var>).</p>
+ <p>In this dialog box, "Kittens at work" is the title of the page that invoked the method,
+ "http://kittens.example.org/" is the URL of that page, "application/x-meowmeow" is the string that
+ was passed to the <code
+ title="dom-navigator-registerContentHandler">registerContentHandler()</code> method as its first
+ argument (<var title="">mimeType</var>), "http://kittens.example.org/?show=%s" was the second
+ argument (<var title="">url</var>), and "Kittens-at-work displayer" was the third argument (<var
+ title="">title</var>).</p>
- <p>If the user clicks the Cancel button, then nothing further
- happens. If the user clicks the "Trust" button, then the handler is
- remembered.</p>
+ <p>If the user clicks the Cancel button, then nothing further happens. If the user clicks the
+ "Trust" button, then the handler is remembered.</p>
- <p>When the user then attempts to fetch a URL that uses the
- "application/x-meowmeow" <span>MIME type</span>, then it might
- display a dialog as follows:</p>
+ <p>When the user then attempts to fetch a URL that uses the "application/x-meowmeow" <span>MIME
+ type</span>, then it might display a dialog as follows:</p>
<p><img src="images/sample-content-handler.png" width="577" height="428" alt="The dialog box could have the title 'Unknown File Type' and could say 'You have attempted to access:' followed by a URL, followed by a prompt such as 'How would you like FerretBrowser to handle this resource?' with three radio buttons, one saying 'Contact the FerretBrowser plugin registry to see if there is an official way to handle this resource.', one saying 'Pass this URL to a local application' with an application selector, and one saying 'Pass this URL to the "Kittens-at-work displayer" application at "kittens.example.org"', with a checkbox labeled 'Always do this for resources using the "application/x-meowmeow" type in future.', and with two buttons, 'Ok' and 'Cancel'."></p>
- <p>In this dialog, the third option is the one that was primed by
- the site registering itself earlier.</p>
+ <p>In this dialog, the third option is the one that was primed by the site registering itself
+ earlier.</p>
- <p>If the user does select that option, then the browser, in
- accordance with the requirements described in the previous two
- sections, will redirect the user to
+ <p>If the user does select that option, then the browser, in accordance with the requirements
+ described in the previous two sections, will redirect the user to
"http://kittens.example.org/?show=data%3Aapplication/x-meowmeow;base64,S2l0dGVucyBhcmUgdGhlIGN1dGVzdCE%253D".</p>
- <p>The <code
- title="dom-navigator-registerProtocolHandler">registerProtocolHandler()</code>
- method would work equivalently, but for schemes instead of unknown
- content types.</p>
+ <p>The <code title="dom-navigator-registerProtocolHandler">registerProtocolHandler()</code> method
+ would work equivalently, but for schemes instead of unknown content types.</p>
</div>
@@ -91443,52 +91030,42 @@
</div>
-->
-<!--CLEANUP-->
<!--ADD-TOPIC:Security-->
<div class="impl">
<h4>Security risks in the drag-and-drop model</h4>
- <p>User agents must not make the data added to the
- <code>DataTransfer</code> object during the <code
- title="event-dragstart">dragstart</code> event available to scripts
- until the <code title="event-drop">drop</code> event, because
- otherwise, if a user were to drag sensitive information from one
- document to a second document, crossing a hostile third document in
- the process, the hostile document could intercept the data.</p>
+ <p>User agents must not make the data added to the <code>DataTransfer</code> object during the
+ <code title="event-dragstart">dragstart</code> event available to scripts until the <code
+ title="event-drop">drop</code> event, because otherwise, if a user were to drag sensitive
+ information from one document to a second document, crossing a hostile third document in the
+ process, the hostile document could intercept the data.</p>
- <p>For the same reason, user agents must consider a drop to be
- successful only if the user specifically ended the drag operation
- — if any scripts end the drag operation, it must be considered
- unsuccessful (canceled) and the <code title="event-drop">drop</code>
- event must not be fired.</p>
+ <p>For the same reason, user agents must consider a drop to be successful only if the user
+ specifically ended the drag operation — if any scripts end the drag operation, it must be
+ considered unsuccessful (canceled) and the <code title="event-drop">drop</code> event must not be
+ fired.</p>
- <p>User agents should take care to not start drag-and-drop
- operations in response to script actions. For example, in a
- mouse-and-window environment, if a script moves a window while the
- user has his mouse button depressed, the UA would not consider that
- to start a drag. This is important because otherwise UAs could cause
- data to be dragged from sensitive sources and dropped into hostile
- documents without the user's consent.</p>
+ <p>User agents should take care to not start drag-and-drop operations in response to script
+ actions. For example, in a mouse-and-window environment, if a script moves a window while the user
+ has his mouse button depressed, the UA would not consider that to start a drag. This is important
+ because otherwise UAs could cause data to be dragged from sensitive sources and dropped into
+ hostile documents without the user's consent.</p>
- <p>User agents should filter potentially active (scripted) content
- (e.g. HTML) when it is dragged and when it is dropped, using a
- whitelist of known-safe features. Similarly, <span title="relative url">relative URLs</span> should be
- turned into absolute URLs to avoid references changing in unexpected
- ways. This specification does not specify how this is performed.</p>
+ <p>User agents should filter potentially active (scripted) content (e.g. HTML) when it is dragged
+ and when it is dropped, using a whitelist of known-safe features. Similarly, <span title="relative
+ url">relative URLs</span> should be turned into absolute URLs to avoid references changing in
+ unexpected ways. This specification does not specify how this is performed.</p>
<div class="example">
- <p>Consider a hostile page providing some content and getting the
- user to select and drag and drop (or indeed, copy and paste) that
- content to a victim page's <code
- title="attr-contenteditable">contenteditable</code> region. If the
- browser does not ensure that only safe content is dragged,
- potentially unsafe content such as scripts and event handlers in
- the selection, once dropped (or pasted) into the victim site, get
- the privileges of the victim site. This would thus enable a
- cross-site scripting attack.</p>
+ <p>Consider a hostile page providing some content and getting the user to select and drag and
+ drop (or indeed, copy and paste) that content to a victim page's <code
+ title="attr-contenteditable">contenteditable</code> region. If the browser does not ensure that
+ only safe content is dragged, potentially unsafe content such as scripts and event handlers in
+ the selection, once dropped (or pasted) into the victim site, get the privileges of the victim
+ site. This would thus enable a cross-site scripting attack.</p>
</div>
@@ -92600,7 +92177,6 @@
-<!--CLEANUP-->
<h5>Dedicated workers and the <code>Worker</code> interface</h5>
<pre class="idl">[<span title="dom-Worker">Constructor</span>(DOMString scriptURL)]
@@ -92613,20 +92189,16 @@
};
<span>Worker</span> implements <span>AbstractWorker</span>;</pre>
- <p>The <dfn
- title="dom-Worker-terminate"><code>terminate()</code></dfn> method,
- when invoked, must cause the "<span>terminate a worker</span>"
- algorithm to be run on the worker with with the object is
- associated.</p>
+ <p>The <dfn title="dom-Worker-terminate"><code>terminate()</code></dfn> method, when invoked, must
+ cause the "<span>terminate a worker</span>" algorithm to be run on the worker with with the object
+ is associated.</p>
- <p><code>Worker</code> objects act as if they had an implicit
- <code>MessagePort</code> associated with them. This port is part of
- a channel that is set up when the worker is created, but it is not
- exposed. This object must never be garbage collected before the
- <code>Worker</code> object.</p>
+ <p><code>Worker</code> objects act as if they had an implicit <code>MessagePort</code> associated
+ with them. This port is part of a channel that is set up when the worker is created, but it is not
+ exposed. This object must never be garbage collected before the <code>Worker</code> object.</p>
- <p>All messages received by that port must immediately be retargeted
- at the <code>Worker</code> object.</p>
+ <p>All messages received by that port must immediately be retargeted at the <code>Worker</code>
+ object.</p>
<p>The <dfn title="dom-Worker-postMessage"><code>postMessage()</code></dfn> method on
<code>Worker</code> objects must act as if, when invoked, it immediately invoked <span
@@ -92649,10 +92221,9 @@
</div>
- <p>The following are the <span>event handlers</span> (and their
- corresponding <span title="event handler event type">event handler
- event types</span>) that must be supported, as IDL attributes, by
- objects implementing the <code>Worker</code> interface:</p>
+ <p>The following are the <span>event handlers</span> (and their corresponding <span title="event
+ handler event type">event handler event types</span>) that must be supported, as IDL attributes,
+ by objects implementing the <code>Worker</code> interface:</p>
<table>
<thead>
@@ -92673,124 +92244,103 @@
the request violates a policy decision (e.g. if the user agent is configured to not allow the
page to start dedicated workers).</p></li>
- <li><p><span title="resolve a url">Resolve</span> the <var
- title="">scriptURL</var> argument relative to the <span>entry
- script</span>'s <span title="script's base URL">base URL</span>,
- when the method is invoked.</p></li>
+ <li><p><span title="resolve a url">Resolve</span> the <var title="">scriptURL</var> argument
+ relative to the <span>entry script</span>'s <span title="script's base URL">base URL</span>, when
+ the method is invoked.</p></li>
- <li><p>If this fails, throw a <code>SyntaxError</code>
- exception.</p></li>
+ <li><p>If this fails, throw a <code>SyntaxError</code> exception.</p></li>
<li>
- <p>If the <span title="concept-url-scheme">scheme</span> component of
- the resulting <span>parsed URL</span> is not "<code
- title="data-protocol">data</code>", and the <span>origin</span> of
- the resulting <span>absolute URL</span> is not the <span
- title="same origin">same</span> as the origin of the <span>entry
- script</span>, then throw a <code>SecurityError</code> exception
- and abort these steps.</p>
+ <p>If the <span title="concept-url-scheme">scheme</span> component of the resulting <span>parsed
+ URL</span> is not "<code title="data-protocol">data</code>", and the <span>origin</span> of the
+ resulting <span>absolute URL</span> is not the <span title="same origin">same</span> as the
+ origin of the <span>entry script</span>, then throw a <code>SecurityError</code> exception and
+ abort these steps.</p>
- <p class="note">Thus, scripts must either be external files with
- the same scheme, host, and port as the original page, or <span
- title="data protocol"><code title="">data:</code> URLs</span>. For
- example, you can't load a script from a <span title="javascript
- protocol"><code title="">javascript:</code> URL</span>, and an
- <code>https:</code> page couldn't start workers using scripts with
- <code>http:</code> URLs.</p>
+ <p class="note">Thus, scripts must either be external files with the same scheme, host, and port
+ as the original page, or <span title="data protocol"><code title="">data:</code> URLs</span>.
+ For example, you can't load a script from a <span title="javascript protocol"><code
+ title="">javascript:</code> URL</span>, and an <code>https:</code> page couldn't start workers
+ using scripts with <code>http:</code> URLs.</p>
</li>
- <li><p>Create a new <code>DedicatedWorkerGlobalScope</code> object
- whose <span>worker origin</span> is the origin of the <span>entry
- script</span>. Let <var title="">worker global scope</var> be this
- new object.</p></li>
+ <li><p>Create a new <code>DedicatedWorkerGlobalScope</code> object whose <span>worker
+ origin</span> is the origin of the <span>entry script</span>. Let <var title="">worker global
+ scope</var> be this new object.</p></li>
- <li><p>Create a new <code>Worker</code> object, associated with
- <var title="">worker global scope</var>. Let <var
- title="">worker</var> be this new object.</p></li>
+ <li><p>Create a new <code>Worker</code> object, associated with <var title="">worker global
+ scope</var>. Let <var title="">worker</var> be this new object.</p></li>
- <li><p><span>Create a new <code>MessagePort</code> object</span>
- owned by the <span title="script's global object">global
- object</span> of the <span title="concept-script">script</span> that
- invoked the constructor. Let this be the <var title="">outside
- port</var>.</p></li>
+ <li><p><span>Create a new <code>MessagePort</code> object</span> owned by the <span
+ title="script's global object">global object</span> of the <span
+ title="concept-script">script</span> that invoked the constructor. Let this be the <var
+ title="">outside port</var>.</p></li>
- <li><p>Associate the <var title="">outside port</var> with <var
- title="">worker</var>.</p></li>
+ <li><p>Associate the <var title="">outside port</var> with <var title="">worker</var>.</p></li>
- <li><p><span>Create a new <code>MessagePort</code> object</span>
- owned by <var title="">worker global scope</var>. Let <var
- title="">inside port</var> be this new object.</p></li>
+ <li><p><span>Create a new <code>MessagePort</code> object</span> owned by <var title="">worker
+ global scope</var>. Let <var title="">inside port</var> be this new object.</p></li>
- <li><p>Associate <var title="">inside port</var> with <var
- title="">worker global scope</var>.</p></li>
+ <li><p>Associate <var title="">inside port</var> with <var title="">worker global
+ scope</var>.</p></li>
- <li><p><span>Entangle</span> <var title="">outside port</var> and
- <var title="">inside port</var>.</p></li>
+ <li><p><span>Entangle</span> <var title="">outside port</var> and <var title="">inside
+ port</var>.</p></li>
- <li><p>Return <var title="">worker</var>, and run the following
- steps asynchronously.</p></li>
+ <li><p>Return <var title="">worker</var>, and run the following steps asynchronously.</p></li>
<!-- (this is done by the "run a worker" algorithm)
- <li><p>Enable <var title="">inside port</var>'s <span>port message
- queue</span>.</p></li>
+ <li><p>Enable <var title="">inside port</var>'s <span>port message queue</span>.</p></li>
-->
- <li><p>Enable <var title="">outside port</var>'s <span>port message
- queue</span>.</p></li>
+ <li><p>Enable <var title="">outside port</var>'s <span>port message queue</span>.</p></li>
<li>
- <p>Let <var title="">docs</var> be the <span>list of relevant
- <code>Document</code> objects to add</span> given the <span
- title="script's global object">global object</span> of the <span
- title="concept-script">script</span> that invoked the
- constructor.</p>
+ <p>Let <var title="">docs</var> be the <span>list of relevant <code>Document</code> objects to
+ add</span> given the <span title="script's global object">global object</span> of the <span
+ title="concept-script">script</span> that invoked the constructor.</p>
</li>
<li>
- <p><span title="add a document to the worker's documents">Add to
- <var title="">worker global scope</var>'s list of <span>the
- worker's <code>Document</code>s</span></span> the
+ <p><span title="add a document to the worker's documents">Add to <var title="">worker global
+ scope</var>'s list of <span>the worker's <code>Document</code>s</span></span> the
<code>Document</code> objects in <var title="">docs</var>.</p>
</li>
<li>
- <p>If the <span title="script's global object">global object</span>
- of the <span title="concept-script">script</span> that invoked the
- constructor is a <code>WorkerGlobalScope</code> object (i.e. we
- are creating a nested worker), add <var title="">worker global
- scope</var> to the list of <span>the worker's workers</span> of the
- <code>WorkerGlobalScope</code> object that is the <span
- title="script's global object">global object</span> of the <span
- title="concept-script">script</span> that invoked the
+ <p>If the <span title="script's global object">global object</span> of the <span
+ title="concept-script">script</span> that invoked the constructor is a
+ <code>WorkerGlobalScope</code> object (i.e. we are creating a nested worker), add <var
+ title="">worker global scope</var> to the list of <span>the worker's workers</span> of the
+ <code>WorkerGlobalScope</code> object that is the <span title="script's global object">global
+ object</span> of the <span title="concept-script">script</span> that invoked the
constructor.</p>
</li>
<li>
- <p><span>Run a worker</span> for the resulting <span>absolute
- URL</span>, with the <span>script's browsing context</span> of the
- script that invoked the method as the <var title="">owner browsing
- context</var>, with the <span>script's document</span> of the
- script that invoked the method as the <var title="">owner
- document</var>, with the <span>origin</span> of the <span>entry
- script</span> as the <var title="">owner origin</var>, and with
- <var title="">worker global scope</var> as the global scope.</p>
+ <p><span>Run a worker</span> for the resulting <span>absolute URL</span>, with the
+ <span>script's browsing context</span> of the script that invoked the method as the <var
+ title="">owner browsing context</var>, with the <span>script's document</span> of the script
+ that invoked the method as the <var title="">owner document</var>, with the <span>origin</span>
+ of the <span>entry script</span> as the <var title="">owner origin</var>, and with <var
+ title="">worker global scope</var> as the global scope.</p>
</li>
</ol>
- <p>This constructor must be visible when the <span>script's global
- object</span> is either a <code>Window</code> object or an object
- implementing the <code>WorkerGlobalScope</code> interface.</p>
+ <p>This constructor must be visible when the <span>script's global object</span> is either a
+ <code>Window</code> object or an object implementing the <code>WorkerGlobalScope</code>
+ interface.</p>
<h5>Shared workers and the <code>SharedWorker</code> interface</h5>
@@ -92801,14 +92351,12 @@
};
<span>SharedWorker</span> implements <span>AbstractWorker</span>;</pre>
- <p>The <dfn title="dom-SharedWorker-port"><code>port</code></dfn>
- attribute must return the value it was assigned by the object's
- constructor. It represents the <code>MessagePort</code> for
+ <p>The <dfn title="dom-SharedWorker-port"><code>port</code></dfn> attribute must return the value
+ it was assigned by the object's constructor. It represents the <code>MessagePort</code> for
communicating with the shared worker.</p>
- <p>When the <dfn title="dom-SharedWorker"><code>SharedWorker(<var
- title="">scriptURL</var>, <var title="">name</var>)</code></dfn>
- constructor is invoked, the user agent must run the following
+ <p>When the <dfn title="dom-SharedWorker"><code>SharedWorker(<var title="">scriptURL</var>, <var
+ title="">name</var>)</code></dfn> constructor is invoked, the user agent must run the following
steps:</p>
<ol>
@@ -92817,47 +92365,38 @@
the request violates a policy decision (e.g. if the user agent is configured to not allow the
page to start shared workers).</p></li>
- <li><p><span title="resolve a url">Resolve</span> the <var
- title="">scriptURL</var> argument.</p></li>
+ <li><p><span title="resolve a url">Resolve</span> the <var title="">scriptURL</var>
+ argument.</p></li>
- <li><p>If this fails, throw a <code>SyntaxError</code>
- exception.</p></li>
+ <li><p>If this fails, throw a <code>SyntaxError</code> exception.</p></li>
- <li><p>Otherwise, let <var title="">scriptURL</var> be the
- resulting <span>absolute URL</span> and <var title="">parsed scriptURL</var> be the
- resulting <span>parsed URL</span>.</p></li>
+ <li><p>Otherwise, let <var title="">scriptURL</var> be the resulting <span>absolute URL</span>
+ and <var title="">parsed scriptURL</var> be the resulting <span>parsed URL</span>.</p></li>
- <li><p>Let <var title="">name</var> be the value of the second
- argument, or the empty string if the second argument was
- omitted.</p></li>
+ <li><p>Let <var title="">name</var> be the value of the second argument, or the empty string if
+ the second argument was omitted.</p></li>
<li>
- <p>If the <span title="concept-url-scheme">scheme</span> component of
- <var title="">parsed scriptURL</var> is not "<code
- title="data-protocol">data</code>", and the <span>origin</span> of
- <var title="">scriptURL</var> is not the <span title="same
- origin">same</span> as the origin of the <span>entry
- script</span>, then throw a <code>SecurityError</code> exception
- and abort these steps.</p>
+ <p>If the <span title="concept-url-scheme">scheme</span> component of <var title="">parsed
+ scriptURL</var> is not "<code title="data-protocol">data</code>", and the <span>origin</span> of
+ <var title="">scriptURL</var> is not the <span title="same origin">same</span> as the origin of
+ the <span>entry script</span>, then throw a <code>SecurityError</code> exception and abort these
+ steps.</p>
- <p class="note">Thus, scripts must either be external files with
- the same scheme, host, and port as the original page, or <span
- title="data protocol"><code title="">data:</code> URLs</span>. For
- example, you can't load a script from a <span title="javascript
- protocol"><code title="">javascript:</code> URL</span>, and an
- <code>https:</code> page couldn't start workers using scripts with
- <code>http:</code> URLs.</p>
+ <p class="note">Thus, scripts must either be external files with the same scheme, host, and port
+ as the original page, or <span title="data protocol"><code title="">data:</code> URLs</span>.
+ For example, you can't load a script from a <span title="javascript protocol"><code
+ title="">javascript:</code> URL</span>, and an <code>https:</code> page couldn't start workers
+ using scripts with <code>http:</code> URLs.</p>
</li>
<li>
- <p>Let <var title="">docs</var> be the <span>list of relevant
- <code>Document</code> objects to add</span> given the <span
- title="script's global object">global object</span> of the <span
- title="concept-script">script</span> that invoked the
- constructor.</p>
+ <p>Let <var title="">docs</var> be the <span>list of relevant <code>Document</code> objects to
+ add</span> given the <span title="script's global object">global object</span> of the <span
+ title="concept-script">script</span> that invoked the constructor.</p>
</li>
@@ -92867,94 +92406,74 @@
<ol>
- <li><p>Create a new <code>SharedWorker</code> object, which will
- shortly be associated with a <code>SharedWorkerGlobalScope</code>
- object. Let this <code>SharedWorker</code> object be <var
+ <li><p>Create a new <code>SharedWorker</code> object, which will shortly be associated with a
+ <code>SharedWorkerGlobalScope</code> object. Let this <code>SharedWorker</code> object be <var
title="">worker</var>.</p></li>
- <li><p><span>Create a new <code>MessagePort</code> object</span>
- owned by the <span title="script's global object">global
- object</span> of the script that invoked the method. Let this be
- the <var title="">outside port</var>.</p></li>
+ <li><p><span>Create a new <code>MessagePort</code> object</span> owned by the <span
+ title="script's global object">global object</span> of the script that invoked the method. Let
+ this be the <var title="">outside port</var>.</p></li>
<li><p>Assign <var title="">outside port</var> to the <code
- title="dom-SharedWorker-port">port</code> attribute of <var
- title="">worker</var>.</p></li>
+ title="dom-SharedWorker-port">port</code> attribute of <var title="">worker</var>.</p></li>
- <li><p>Let <var title="">worker global scope</var> be
- null.</p></li>
+ <li><p>Let <var title="">worker global scope</var> be null.</p></li>
<li>
- <p>If <var title="">name</var> is not the empty string and there
- exists a <code>SharedWorkerGlobalScope</code> object whose <span
- title="dom-WorkerGlobalScope-closing">closing</span> flag is
- false, whose <code
- title="dom-WorkerGlobalScope-name">name</code> attribute is
- exactly equal to <var title="">name</var>, and whose
- <span>worker origin</span> is the <span>same origin</span> as
- <var title="">scriptURL</var>, then let <var title="">worker
- global scope</var> be that <code>SharedWorkerGlobalScope</code>
- object.</p>
+ <p>If <var title="">name</var> is not the empty string and there exists a
+ <code>SharedWorkerGlobalScope</code> object whose <span
+ title="dom-WorkerGlobalScope-closing">closing</span> flag is false, whose <code
+ title="dom-WorkerGlobalScope-name">name</code> attribute is exactly equal to <var
+ title="">name</var>, and whose <span>worker origin</span> is the <span>same origin</span> as
+ <var title="">scriptURL</var>, then let <var title="">worker global scope</var> be that
+ <code>SharedWorkerGlobalScope</code> object.</p>
- <p>Otherwise, if <var title="">name</var> is the empty string
- and there exists a <code>SharedWorkerGlobalScope</code> object
- whose <span title="dom-WorkerGlobalScope-closing">closing</span>
- flag is false, whose <code
- title="dom-WorkerGlobalScope-name">name</code> attribute is the
- empty string, and whose <code
- title="dom-WorkerGlobalScope-location">location</code> attribute
- represents an <span>absolute URL</span> that is exactly equal to
- <var title="">scriptURL</var>, then let <var title="">worker
- global scope</var> be that <code>SharedWorkerGlobalScope</code>
- object.</p>
+ <p>Otherwise, if <var title="">name</var> is the empty string and there exists a
+ <code>SharedWorkerGlobalScope</code> object whose <span
+ title="dom-WorkerGlobalScope-closing">closing</span> flag is false, whose <code
+ title="dom-WorkerGlobalScope-name">name</code> attribute is the empty string, and whose <code
+ title="dom-WorkerGlobalScope-location">location</code> attribute represents an <span>absolute
+ URL</span> that is exactly equal to <var title="">scriptURL</var>, then let <var
+ title="">worker global scope</var> be that <code>SharedWorkerGlobalScope</code> object.</p>
</li>
<li>
- <p>If <var title="">worker global scope</var> is not null, but
- the user agent has been configured to disallow communication
- between the <span title="concept-script">script</span> that
- invoked the constructor and the worker represented by the <var
- title="">worker global scope</var>, then set <var
- title="">worker global scope</var> to null.</p>
+ <p>If <var title="">worker global scope</var> is not null, but the user agent has been
+ configured to disallow communication between the <span title="concept-script">script</span>
+ that invoked the constructor and the worker represented by the <var title="">worker global
+ scope</var>, then set <var title="">worker global scope</var> to null.</p>
- <p class="note">For example, a user agent could have a
- development mode that isolates a particular <span>top-level
- browsing context</span> from all other pages, and scripts in
- that development mode could be blocked from connecting to shared
- workers running in the normal browser mode.</p>
+ <p class="note">For example, a user agent could have a development mode that isolates a
+ particular <span>top-level browsing context</span> from all other pages, and scripts in that
+ development mode could be blocked from connecting to shared workers running in the normal
+ browser mode.</p>
</li>
<li>
- <p>If <var title="">worker global scope</var> is not null, then
- run these steps:</p>
+ <p>If <var title="">worker global scope</var> is not null, then run these steps:</p>
<ol>
<li><p>If <var title="">worker global scope</var>'s <code
- title="dom-WorkerGlobalScope-location">location</code>
- attribute represents an <span>absolute URL</span> that is not
- exactly equal to <var title="">scriptURL</var>, then throw a
- <code>URLMismatchError</code> exception and abort all these
- steps.</p></li>
+ title="dom-WorkerGlobalScope-location">location</code> attribute represents an <span>absolute
+ URL</span> that is not exactly equal to <var title="">scriptURL</var>, then throw a
+ <code>URLMismatchError</code> exception and abort all these steps.</p></li>
- <li><p>Associate <var title="">worker</var> with <var
- title="">worker global scope</var>.</p></li>
+ <li><p>Associate <var title="">worker</var> with <var title="">worker global
+ scope</var>.</p></li>
- <li><p><span>Create a new <code>MessagePort</code>
- object</span> owned by <var title="">worker global
- scope</var>. Let this be the <var title="">inside
- port</var>.</p></li>
+ <li><p><span>Create a new <code>MessagePort</code> object</span> owned by <var
+ title="">worker global scope</var>. Let this be the <var title="">inside port</var>.</p></li>
<li><p><span>Entangle</span> <var title="">outside port</var>
and <var title="">inside port</var>.</p></li>
- <li><p>Return <var title="">worker</var> and perform the next
- step asynchronously.</p></li>
+ <li><p>Return <var title="">worker</var> and perform the next step asynchronously.</p></li>
<li><p>Create a <span title="concept-events-trusted">trusted</span> event that uses the
<code>MessageEvent</code> interface, with the name <code
@@ -92970,24 +92489,20 @@
<li>
- <p><span title="add a document to the worker's documents">Add to
- <var title="">worker global scope</var>'s list of <span>the
- worker's <code>Document</code>s</span></span> the
+ <p><span title="add a document to the worker's documents">Add to <var title="">worker global
+ scope</var>'s list of <span>the worker's <code>Document</code>s</span></span> the
<code>Document</code> objects in <var title="">docs</var>.</p>
</li>
<li>
- <p>If the <span title="script's global object">global
- object</span> of the <span title="concept-script">script</span>
- that invoked the constructor is a
- <code>WorkerGlobalScope</code> object, add <var
- title="">worker global scope</var> to the list of <span>the
- worker's workers</span> of the <code>WorkerGlobalScope</code>
- object that is the <span title="script's global object">global
- object</span> of the <span title="concept-script">script</span>
- that invoked the constructor.</p>
+ <p>If the <span title="script's global object">global object</span> of the <span
+ title="concept-script">script</span> that invoked the constructor is a
+ <code>WorkerGlobalScope</code> object, add <var title="">worker global scope</var> to the
+ list of <span>the worker's workers</span> of the <code>WorkerGlobalScope</code> object that
+ is the <span title="script's global object">global object</span> of the <span
+ title="concept-script">script</span> that invoked the constructor.</p>
</li>
@@ -92997,32 +92512,27 @@
</li>
- <li><p>Create a new <code>SharedWorkerGlobalScope</code> object
- whose <span>worker origin</span> is the origin of the <span>entry
- script</span>. Let <var title="">worker global scope</var> be
- this new object.</p></li>
+ <li><p>Create a new <code>SharedWorkerGlobalScope</code> object whose <span>worker
+ origin</span> is the origin of the <span>entry script</span>. Let <var title="">worker global
+ scope</var> be this new object.</p></li>
- <li><p>Associate <var title="">worker</var> with <var
- title="">worker global scope</var>.</p></li>
+ <li><p>Associate <var title="">worker</var> with <var title="">worker global
+ scope</var>.</p></li>
- <li><p>Set the <code
- title="dom-SharedWorkerGlobalScope-name">name</code> attribute of
- <var title="">worker global scope</var> to <var
- title="">name</var>.</p></li>
+ <li><p>Set the <code title="dom-SharedWorkerGlobalScope-name">name</code> attribute of <var
+ title="">worker global scope</var> to <var title="">name</var>.</p></li>
- <li><p><span>Create a new <code>MessagePort</code> object</span>
- owned by <var title="">worker global scope</var>. Let <var
- title="">inside port</var> be this new object.</p></li>
+ <li><p><span>Create a new <code>MessagePort</code> object</span> owned by <var title="">worker
+ global scope</var>. Let <var title="">inside port</var> be this new object.</p></li>
- <li><p><span>Entangle</span> <var title="">outside port</var> and
- <var title="">inside port</var>.</p></li>
+ <li><p><span>Entangle</span> <var title="">outside port</var> and <var title="">inside
+ port</var>.</p></li>
</ol>
</li>
- <li><p>Return <var title="">worker</var> and perform the remaining
- steps asynchronously.</p></li>
+ <li><p>Return <var title="">worker</var> and perform the remaining steps asynchronously.</p></li>
<li><p>Create a <span title="concept-events-trusted">trusted</span> event that uses the
<code>MessageEvent</code> interface, with the name <code title="event-connect">connect</code>,
@@ -93037,47 +92547,42 @@
<li>
- <p><span title="add a document to the worker's documents">Add to
- <var title="">worker global scope</var>'s list of <span>the
- worker's <code>Document</code>s</span></span> the
+ <p><span title="add a document to the worker's documents">Add to <var title="">worker global
+ scope</var>'s list of <span>the worker's <code>Document</code>s</span></span> the
<code>Document</code> objects in <var title="">docs</var>.</p>
</li>
<li>
- <p>If the <span title="script's global object">global object</span>
- of the <span title="concept-script">script</span> that invoked the
- constructor is a <code>WorkerGlobalScope</code> object, add <var
- title="">worker global scope</var> to the list of <span>the
- worker's workers</span> of the <code>WorkerGlobalScope</code>
- object that is the <span title="script's global object">global
- object</span> of the <span title="concept-script">script</span>
- that invoked the constructor.</p>
+ <p>If the <span title="script's global object">global object</span> of the <span
+ title="concept-script">script</span> that invoked the constructor is a
+ <code>WorkerGlobalScope</code> object, add <var title="">worker global scope</var> to the list
+ of <span>the worker's workers</span> of the <code>WorkerGlobalScope</code> object that is the
+ <span title="script's global object">global object</span> of the <span
+ title="concept-script">script</span> that invoked the constructor.</p>
</li>
<li>
- <p><span>Run a worker</span> for <var title="">scriptURL</var>,
- with the <span>script's browsing context</span> of the script that
- invoked the method as the <var title="">owner browsing
- context</var>, with the <span>script's document</span> of the
- script that invoked the method as the <var title="">owner
- document</var>, with the <span>origin</span> of the <span>entry
- script</span> as the <var title="">owner origin</var>, and with
- <var title="">worker global scope</var> as the global scope.</p>
+ <p><span>Run a worker</span> for <var title="">scriptURL</var>, with the <span>script's browsing
+ context</span> of the script that invoked the method as the <var title="">owner browsing
+ context</var>, with the <span>script's document</span> of the script that invoked the method as
+ the <var title="">owner document</var>, with the <span>origin</span> of the <span>entry
+ script</span> as the <var title="">owner origin</var>, and with <var title="">worker global
+ scope</var> as the global scope.</p>
</li>
</ol>
- <p>This constructor must be visible when the <span>script's global
- object</span> is either a <code>Window</code> object or an object
- implementing the <code>WorkerGlobalScope</code> interface.</p>
+ <p>This constructor must be visible when the <span>script's global object</span> is either a
+ <code>Window</code> object or an object implementing the <code>WorkerGlobalScope</code>
+ interface.</p>
- <p>The <span>task source</span> for the tasks mentioned above is the
- <span>DOM manipulation task source</span>.</p>
+ <p>The <span>task source</span> for the tasks mentioned above is the <span>DOM manipulation task
+ source</span>.</p>
@@ -95178,7 +94683,6 @@
https://www.w3.org/Bugs/Public/show_bug.cgi?id=17264 -->
-<!--CLEANUP-->
<h4>Parsing WebSocket URLs</h4>
<p>The steps to <dfn>parse a WebSocket URL's components</dfn> from a string <var
@@ -95202,40 +94706,43 @@
</li>
- <li><p>If the resulting <span>parsed URL</span> does not have a <span title="concept-url-scheme">scheme</span>
- component whose value, when <span>converted to ASCII lowercase</span>, is either "<code
- title="">ws</code>" or "<code title="">wss</code>", then fail this algorithm.</p></li>
+ <li><p>If the resulting <span>parsed URL</span> does not have a <span
+ title="concept-url-scheme">scheme</span> component whose value, when <span>converted to ASCII
+ lowercase</span>, is either "<code title="">ws</code>" or "<code title="">wss</code>", then fail
+ this algorithm.</p></li>
- <li><p>If the resulting <span>parsed URL</span> has a non-null <span title="concept-url-fragment">fragment</span>
- component, then fail this algorithm.</p></li>
+ <li><p>If the resulting <span>parsed URL</span> has a non-null <span
+ title="concept-url-fragment">fragment</span> component, then fail this algorithm.</p></li>
- <li><p>If the <span title="concept-url-scheme">scheme</span> component of the resulting <span>parsed URL</span>
- is "<code title="">ws</code>", set <var title="">secure</var> to false; otherwise, the <span
- title="concept-url-scheme">scheme</span> component is "<code title="">wss</code>", set <var
- title="">secure</var> to true.</p></li>
+ <li><p>If the <span title="concept-url-scheme">scheme</span> component of the resulting
+ <span>parsed URL</span> is "<code title="">ws</code>", set <var title="">secure</var> to false;
+ otherwise, the <span title="concept-url-scheme">scheme</span> component is "<code
+ title="">wss</code>", set <var title="">secure</var> to true.</p></li>
<li><p>Let <var title="">host</var> be the value of the resulting <span>parsed URL</span>'s <span
- title="concept-url-host">host</span> component, <span>converted to
- ASCII lowercase</span>.</p></li> <!-- at this point this is Punycode-encoded already -->
+ title="concept-url-host">host</span> component, <span>converted to ASCII
+ lowercase</span>.</p></li> <!-- at this point this is Punycode-encoded already -->
- <li><p>If the resulting <span>parsed URL</span> has a <span title="concept-url-port">port</span> component that is not the empty string,
- then let <var title="">port</var> be that component's value; otherwise, there is no explicit <var
- title="">port</var>.</p></li>
+ <li><p>If the resulting <span>parsed URL</span> has a <span title="concept-url-port">port</span>
+ component that is not the empty string, then let <var title="">port</var> be that component's
+ value; otherwise, there is no explicit <var title="">port</var>.</p></li>
<li><p>If there is no explicit <var title="">port</var>, then: if <var title="">secure</var> is
false, let <var title="">port</var> be 80, otherwise let <var title="">port</var> be
443.</p></li>
- <li><p>Let <var title="">resource name</var> be the value of the resulting <span>parsed URL</span>'s <span
- title="concept-url-path">path</span> component (which might be empty).</p></li> <!-- at this point this is UTF-8 encoded and percent encoded -->
+ <li><p>Let <var title="">resource name</var> be the value of the resulting <span>parsed
+ URL</span>'s <span title="concept-url-path">path</span> component (which might be
+ empty).</p></li> <!-- at this point this is UTF-8 encoded and percent encoded -->
<li><p>If <var title="">resource name</var> is the empty string, set it to a single character
U+002F SOLIDUS (/).</p></li>
- <li><p>If the resulting <span>parsed URL</span> has a non-null <span title="concept-url-query">query</span> component,
- then append a single U+003F QUESTION MARK character (?) to <var title="">resource name</var>,
- followed by the value of the <span title="concept-url-query">query</span> component.</p></li>
- <!-- at this point this is UTF-8 encoded and percent encoded -->
+ <li><p>If the resulting <span>parsed URL</span> has a non-null <span
+ title="concept-url-query">query</span> component, then append a single U+003F QUESTION MARK
+ character (?) to <var title="">resource name</var>, followed by the value of the <span
+ title="concept-url-query">query</span> component.</p></li> <!-- at this point this is UTF-8
+ encoded and percent encoded -->
<li><p>Return <var title="">host</var>, <var title="">port</var>, <var title="">resource
name</var>, and <var title="">secure</var>.</p></li>
More information about the Commit-Watchers
mailing list