[html5] r7758 - [giow] (3) Allow custom properties on Location objects to work for the Document [...]

whatwg at whatwg.org whatwg at whatwg.org
Fri Mar 15 16:00:56 PDT 2013


Author: ianh
Date: 2013-03-15 16:00:54 -0700 (Fri, 15 Mar 2013)
New Revision: 7758

Modified:
   complete.html
   index
   source
Log:
[giow] (3) Allow custom properties on Location objects to work for the Document whose Location object it originally was.
Fixing https://www.w3.org/Bugs/Public/show_bug.cgi?id=20701
Affected topics: DOM APIs, Security

Modified: complete.html
===================================================================
--- complete.html	2013-03-15 22:41:36 UTC (rev 7757)
+++ complete.html	2013-03-15 23:00:54 UTC (rev 7758)
@@ -66606,25 +66606,31 @@
   <h5 id=security-location><span class=secno>6.5.3.1 </span>Security</h5>
 
   <p id=security-3>User agents must throw a <code><a href=#securityerror>SecurityError</a></code> exception whenever any
-  properties of a <code><a href=#location>Location</a></code> object are accessed by scripts whose <a href=#effective-script-origin>effective script
-  origin</a> is not the <a href=#same-origin title="same origin">same</a> as the <code><a href=#location>Location</a></code>
-  object's associated <code><a href=#document>Document</a></code>'s <a href=#browsing-context>browsing context</a>'s <a href=#active-document>active
-  document</a>'s <a href=#effective-script-origin>effective script origin</a>, with the following exceptions:</p>
+  properties of a <code><a href=#location>Location</a></code> object are accessed when the <a href=#entry-script>entry script</a>'s
+  <a href=#effective-script-origin>effective script origin</a> is not the <a href=#same-origin title="same origin">same</a> as the
+  <code><a href=#location>Location</a></code> object's associated <code><a href=#document>Document</a></code>'s <a href=#browsing-context>browsing context</a>'s
+  <a href=#active-document>active document</a>'s <a href=#effective-script-origin>effective script origin</a>, with the following
+  exceptions:</p>
 
-  <ul><li>The <code title=dom-location-href><a href=#dom-location-href>href</a></code> setter, if the script is running in a
-   <a href=#browsing-context>browsing context</a> that is <a href=#allowed-to-navigate>allowed to navigate</a> the browsing context with
-   which the <code><a href=#location>Location</a></code> object is associated
+  <ul><li>The <code title=dom-location-href><a href=#dom-location-href>href</a></code> setter, if the <a href=#entry-script>entry script</a>'s
+   <a href="#script's-browsing-context">script's browsing context</a> is <a href=#allowed-to-navigate>allowed to navigate</a> the <a href=#browsing-context>browsing
+   context</a> with which the <code><a href=#location>Location</a></code> object is associated
 
-   <li>The <code title=dom-location-replace><a href=#dom-location-replace>replace()</a></code> method, if the script is running in a
-   <a href=#browsing-context>browsing context</a> that is <a href=#allowed-to-navigate>allowed to navigate</a> the browsing context with
-   which the <code><a href=#location>Location</a></code> object is associated
+   <li>The <code title=dom-location-replace><a href=#dom-location-replace>replace()</a></code> method, if the <a href=#entry-script>entry
+   script</a>'s <a href="#script's-browsing-context">script's browsing context</a> is <a href=#allowed-to-navigate>allowed to navigate</a> the
+   <a href=#browsing-context>browsing context</a> with which the <code><a href=#location>Location</a></code> object is associated
 
-  </ul><p>When a script whose <a href=#effective-script-origin>effective script origin</a> is not the same as the
-  <code><a href=#location>Location</a></code> object's associated <code><a href=#document>Document</a></code>'s <a href=#effective-script-origin>effective script
-  origin</a> attempts to access that <code><a href=#location>Location</a></code> object's methods or attributes, the
-  user agent must act as if any changes to the <code><a href=#location>Location</a></code> object's properties, getters,
-  setters, etc, were not present.</p>
+   <li>Any properties not defined in the IDL for the <code><a href=#location>Location</a></code> object or indirectly via
+   one of those properties (e.g. <code title="">toString()</code>, which is defined via the <code title="">stringifier</code> keyword), if the <a href=#entry-script>entry script</a>'s <a href=#effective-script-origin>effective script
+   origin</a> is the <a href=#same-origin>same origin</a> as the <code><a href=#location>Location</a></code> object's associated
+   <code><a href=#document>Document</a></code>'s <a href=#effective-script-origin>effective script origin</a>
 
+  </ul><p>When the <a href=#entry-script>entry script</a>'s <a href=#effective-script-origin>effective script origin</a> is not the <a href=#same-origin>same
+  origin</a> as the <code><a href=#location>Location</a></code> object's associated <code><a href=#document>Document</a></code>'s
+  <a href=#effective-script-origin>effective script origin</a>, attempts to access that <code><a href=#location>Location</a></code> object's
+  methods or attributes must cause the user agent to act as if any changes to the
+  <code><a href=#location>Location</a></code> object's properties, getters, setters, etc, were not present.</p>
+
   <p>For members that return objects (including function objects), each distinct <a href=#effective-script-origin>effective
   script origin</a> that is not the same as the <code><a href=#location>Location</a></code> object's
   <code><a href=#document>Document</a></code>'s <a href=#effective-script-origin>effective script origin</a> must be provided with a separate set

Modified: index
===================================================================
--- index	2013-03-15 22:41:36 UTC (rev 7757)
+++ index	2013-03-15 23:00:54 UTC (rev 7758)
@@ -66606,25 +66606,31 @@
   <h5 id=security-location><span class=secno>6.5.3.1 </span>Security</h5>
 
   <p id=security-3>User agents must throw a <code><a href=#securityerror>SecurityError</a></code> exception whenever any
-  properties of a <code><a href=#location>Location</a></code> object are accessed by scripts whose <a href=#effective-script-origin>effective script
-  origin</a> is not the <a href=#same-origin title="same origin">same</a> as the <code><a href=#location>Location</a></code>
-  object's associated <code><a href=#document>Document</a></code>'s <a href=#browsing-context>browsing context</a>'s <a href=#active-document>active
-  document</a>'s <a href=#effective-script-origin>effective script origin</a>, with the following exceptions:</p>
+  properties of a <code><a href=#location>Location</a></code> object are accessed when the <a href=#entry-script>entry script</a>'s
+  <a href=#effective-script-origin>effective script origin</a> is not the <a href=#same-origin title="same origin">same</a> as the
+  <code><a href=#location>Location</a></code> object's associated <code><a href=#document>Document</a></code>'s <a href=#browsing-context>browsing context</a>'s
+  <a href=#active-document>active document</a>'s <a href=#effective-script-origin>effective script origin</a>, with the following
+  exceptions:</p>
 
-  <ul><li>The <code title=dom-location-href><a href=#dom-location-href>href</a></code> setter, if the script is running in a
-   <a href=#browsing-context>browsing context</a> that is <a href=#allowed-to-navigate>allowed to navigate</a> the browsing context with
-   which the <code><a href=#location>Location</a></code> object is associated
+  <ul><li>The <code title=dom-location-href><a href=#dom-location-href>href</a></code> setter, if the <a href=#entry-script>entry script</a>'s
+   <a href="#script's-browsing-context">script's browsing context</a> is <a href=#allowed-to-navigate>allowed to navigate</a> the <a href=#browsing-context>browsing
+   context</a> with which the <code><a href=#location>Location</a></code> object is associated
 
-   <li>The <code title=dom-location-replace><a href=#dom-location-replace>replace()</a></code> method, if the script is running in a
-   <a href=#browsing-context>browsing context</a> that is <a href=#allowed-to-navigate>allowed to navigate</a> the browsing context with
-   which the <code><a href=#location>Location</a></code> object is associated
+   <li>The <code title=dom-location-replace><a href=#dom-location-replace>replace()</a></code> method, if the <a href=#entry-script>entry
+   script</a>'s <a href="#script's-browsing-context">script's browsing context</a> is <a href=#allowed-to-navigate>allowed to navigate</a> the
+   <a href=#browsing-context>browsing context</a> with which the <code><a href=#location>Location</a></code> object is associated
 
-  </ul><p>When a script whose <a href=#effective-script-origin>effective script origin</a> is not the same as the
-  <code><a href=#location>Location</a></code> object's associated <code><a href=#document>Document</a></code>'s <a href=#effective-script-origin>effective script
-  origin</a> attempts to access that <code><a href=#location>Location</a></code> object's methods or attributes, the
-  user agent must act as if any changes to the <code><a href=#location>Location</a></code> object's properties, getters,
-  setters, etc, were not present.</p>
+   <li>Any properties not defined in the IDL for the <code><a href=#location>Location</a></code> object or indirectly via
+   one of those properties (e.g. <code title="">toString()</code>, which is defined via the <code title="">stringifier</code> keyword), if the <a href=#entry-script>entry script</a>'s <a href=#effective-script-origin>effective script
+   origin</a> is the <a href=#same-origin>same origin</a> as the <code><a href=#location>Location</a></code> object's associated
+   <code><a href=#document>Document</a></code>'s <a href=#effective-script-origin>effective script origin</a>
 
+  </ul><p>When the <a href=#entry-script>entry script</a>'s <a href=#effective-script-origin>effective script origin</a> is not the <a href=#same-origin>same
+  origin</a> as the <code><a href=#location>Location</a></code> object's associated <code><a href=#document>Document</a></code>'s
+  <a href=#effective-script-origin>effective script origin</a>, attempts to access that <code><a href=#location>Location</a></code> object's
+  methods or attributes must cause the user agent to act as if any changes to the
+  <code><a href=#location>Location</a></code> object's properties, getters, setters, etc, were not present.</p>
+
   <p>For members that return objects (including function objects), each distinct <a href=#effective-script-origin>effective
   script origin</a> that is not the same as the <code><a href=#location>Location</a></code> object's
   <code><a href=#document>Document</a></code>'s <a href=#effective-script-origin>effective script origin</a> must be provided with a separate set

Modified: source
===================================================================
--- source	2013-03-15 22:41:36 UTC (rev 7757)
+++ source	2013-03-15 23:00:54 UTC (rev 7758)
@@ -79224,28 +79224,35 @@
   <h5 id="security-location">Security</h5>
 
   <p id="security-3">User agents must throw a <code>SecurityError</code> exception whenever any
-  properties of a <code>Location</code> object are accessed by scripts whose <span>effective script
-  origin</span> is not the <span title="same origin">same</span> as the <code>Location</code>
-  object's associated <code>Document</code>'s <span>browsing context</span>'s <span>active
-  document</span>'s <span>effective script origin</span>, with the following exceptions:</p>
+  properties of a <code>Location</code> object are accessed when the <span>entry script</span>'s
+  <span>effective script origin</span> is not the <span title="same origin">same</span> as the
+  <code>Location</code> object's associated <code>Document</code>'s <span>browsing context</span>'s
+  <span>active document</span>'s <span>effective script origin</span>, with the following
+  exceptions:</p>
 
   <ul>
 
-   <li>The <code title="dom-location-href">href</code> setter, if the script is running in a
-   <span>browsing context</span> that is <span>allowed to navigate</span> the browsing context with
-   which the <code>Location</code> object is associated
+   <li>The <code title="dom-location-href">href</code> setter, if the <span>entry script</span>'s
+   <span>script's browsing context</span> is <span>allowed to navigate</span> the <span>browsing
+   context</span> with which the <code>Location</code> object is associated
 
-   <li>The <code title="dom-location-replace">replace()</code> method, if the script is running in a
-   <span>browsing context</span> that is <span>allowed to navigate</span> the browsing context with
-   which the <code>Location</code> object is associated
+   <li>The <code title="dom-location-replace">replace()</code> method, if the <span>entry
+   script</span>'s <span>script's browsing context</span> is <span>allowed to navigate</span> the
+   <span>browsing context</span> with which the <code>Location</code> object is associated
 
+   <li>Any properties not defined in the IDL for the <code>Location</code> object or indirectly via
+   one of those properties (e.g. <code title="">toString()</code>, which is defined via the <code
+   title="">stringifier</code> keyword), if the <span>entry script</span>'s <span>effective script
+   origin</span> is the <span>same origin</span> as the <code>Location</code> object's associated
+   <code>Document</code>'s <span>effective script origin</span>
+
   </ul>
 
-  <p>When a script whose <span>effective script origin</span> is not the same as the
-  <code>Location</code> object's associated <code>Document</code>'s <span>effective script
-  origin</span> attempts to access that <code>Location</code> object's methods or attributes, the
-  user agent must act as if any changes to the <code>Location</code> object's properties, getters,
-  setters, etc, were not present.</p>
+  <p>When the <span>entry script</span>'s <span>effective script origin</span> is not the <span>same
+  origin</span> as the <code>Location</code> object's associated <code>Document</code>'s
+  <span>effective script origin</span>, attempts to access that <code>Location</code> object's
+  methods or attributes must cause the user agent to act as if any changes to the
+  <code>Location</code> object's properties, getters, setters, etc, were not present.</p>
 
   <p>For members that return objects (including function objects), each distinct <span>effective
   script origin</span> that is not the same as the <code>Location</code> object's




More information about the Commit-Watchers mailing list