[html5] r845 - /

whatwg at whatwg.org whatwg at whatwg.org
Thu May 24 20:54:28 PDT 2007 

Author: ianh
Date: 2007-05-24 20:54:26 -0700 (Thu, 24 May 2007)
New Revision: 845

Modified:
   index
   source
Log:
[] (0) Define window.name and allow framesets to host documents from other domains and then change the frame again

Modified: index
===================================================================
--- index	2007-05-24 22:03:50 UTC (rev 844)
+++ index	2007-05-25 03:54:26 UTC (rev 845)
@@ -22,7 +22,7 @@
 
    <h1 id=html-5>HTML 5</h1>
 
-   <h2 class="no-num no-toc" id=working>Working Draft — 24 May 2007</h2>
+   <h2 class="no-num no-toc" id=working>Working Draft — 25 May 2007</h2>
 
    <p>You can take part in this work. <a
     href="http://www.whatwg.org/mailing-list">Join the working group's
@@ -2506,6 +2506,12 @@
    as per RFC 2109 sections 4.3.1, 4.3.2, and 4.3.3. <a
    href="#refsRFC2109">[RFC2109]</a>
 
+  <p class=note>Since the <code title=dom-document-cookie><a
+   href="#cookie0">cookie</a></code> attribute is accessible across frames,
+   the path restrictions on cookies are only a tool to help manage which
+   cookies are sent to which parts of the site, and are not in any way a
+   security feature.
+
   <h3 id=elements><span class=secno>2.2. </span>Elements</h3>
 
   <p>The nodes representing <a href="#html-elements">HTML elements</a> in the
@@ -22702,16 +22708,29 @@
     <p>If the given browsing context name is not <code title="">_blank</code>
      and there exists a browsing context whose <span title="browsing context
      name">name</span> is the same as the given browsing context name, and
-     the <a href="#origin0">origin</a> of that browsing context's <a
-     href="#active">active document</a> is the same as the <a
-     href="#origin0">origin</a> of the current browsing context's <a
-     href="#active">active document</a>, and the user agent determines that
-     the two browsing contexts are related enough that it is ok if they reach
-     each other, then that browsing context must be the chosen one. If there
-     are multiple matching browsing contexts, the user agent should select
-     one in some arbitrary consistent manner, such as the most recently
-     opened, most recently focused, or more closely related.
+     one of the following is true:
 
+    <ul>
+     <li>Either the <a href="#origin0">origin</a> of that browsing context's
+      <a href="#active">active document</a> is the same as the <a
+      href="#origin0">origin</a> of the current browsing context's <a
+      href="#active">active document</a>,
+
+     <li>Or that browsing context is not a <a href="#top-level">top-level
+      browsing context</a>, and the <a href="#origin0">origin</a> of the <a
+      href="#active">active document</a> of the <a href="#parent">parent
+      browsing context</a> of that browsing context is the same as the <a
+      href="#origin0">origin</a> of the current browsing context's <a
+      href="#active">active document</a>,
+    </ul>
+
+    <p>...and the user agent determines that the two browsing contexts are
+     related enough that it is ok if they reach each other, then that
+     browsing context must be the chosen one. If there are multiple matching
+     browsing contexts, the user agent should select one in some arbitrary
+     consistent manner, such as the most recently opened, most recently
+     focused, or more closely related.</p>
+
    <li>
     <p>Otherwise, a new browsing context is being requested, and what happens
      depends on the user agent's configuration and/or abilities:</p>
@@ -22752,6 +22771,7 @@
   // the current browsing context
   readonly attribute <a href="#window">Window</a> <a href="#window0" title=dom-window>window</a>;
   readonly attribute <a href="#window">Window</a> <a href="#self" title=dom-self>self</a>;
+           attribute DOMString <a href="#name3" title=dom-name>name</a>;
   readonly attribute <a href="#location2">Location</a> <a href="#location0" title=dom-document-location>location</a>;
   readonly attribute <a href="#history1">History</a> <a href="#history0" title=dom-history>history</a>;
   readonly attribute <a href="#undomanager">UndoManager</a> <a href="#undomanager0" title=dom-undoManager>undoManager</a>;
@@ -22977,6 +22997,12 @@
    href="#the-rules">the rules for chosing a browsing context given a
    browsing context name</a>.
 
+  <p>The <dfn id=name3 title=dom-name><code>name</code></dfn> attribute of
+   the <code><a href="#window">Window</a></code> object must, on getting,
+   return the current name of the <a href="#browsing0">browsing context</a>,
+   and, on setting, set the name of the <a href="#browsing0">browsing
+   context</a> to the new value.
+
   <h4 id=accessing><span class=secno>4.2.4. </span>Accessing other browsing
    contexts</h4>
 

Modified: source
===================================================================
--- source	2007-05-24 22:03:50 UTC (rev 844)
+++ source	2007-05-25 03:54:26 UTC (rev 845)
@@ -1012,8 +1012,14 @@
   value, as per RFC 2109 sections 4.3.1, 4.3.2, and 4.3.3. <a
   href="#refsRFC2109">[RFC2109]</a></p>
 
+  <p class="note">Since the <code
+  title="dom-document-cookie">cookie</code> attribute is accessible
+  across frames, the path restrictions on cookies are only a tool to
+  help manage which cookies are sent to which parts of the site, and
+  are not in any way a security feature.</p>
 
 
+
   <h3>Elements</h3>
 
   <p>The nodes representing <span>HTML elements</span> in the DOM must
@@ -20364,20 +20370,37 @@
    most <span>top-level browsing context</span> of the current
    one.</p></li>
 
-   <li><p>If the given browsing context name is not <code
-   title="">_blank</code> and there exists a browsing context whose
-   <span title="browsing context name">name</span> is the same as the
-   given browsing context name, and the <span>origin</span> of that
-   browsing context's <span>active document</span> is the same as the
-   <span>origin</span> of the current browsing context's <span>active
-   document</span>, and the user agent determines that the two
-   browsing contexts are related enough that it is ok if they reach
-   each other, then that browsing context must be the chosen one. If
-   there are multiple matching browsing contexts, the user agent
-   should select one in some arbitrary consistent manner, such as the
-   most recently opened, most recently focused, or more closely
-   related.</p></li>
+   <li>
 
+    <p>If the given browsing context name is not <code
+    title="">_blank</code> and there exists a browsing context whose
+    <span title="browsing context name">name</span> is the same as the
+    given browsing context name, and one of the following is true:
+
+    <ul>
+
+     <li>Either the <span>origin</span> of that browsing context's
+     <span>active document</span> is the same as the
+     <span>origin</span> of the current browsing context's
+     <span>active document</span>,
+
+     <li>Or that browsing context is not a <span>top-level browsing
+     context</span>, and the <span>origin</span> of the <span>active
+     document</span> of the <span>parent browsing context</span> of
+     that browsing context is the same as the <span>origin</span> of
+     the current browsing context's <span>active document</span>,
+
+    </ul>
+
+    <p>...and the user agent determines that the two browsing contexts
+    are related enough that it is ok if they reach each other, then
+    that browsing context must be the chosen one. If there are
+    multiple matching browsing contexts, the user agent should select
+    one in some arbitrary consistent manner, such as the most recently
+    opened, most recently focused, or more closely related.</p>
+
+   </li>
+
    <li>
 
     <p>Otherwise, a new browsing context is being requested, and what
@@ -20429,6 +20452,7 @@
   // the current browsing context
   readonly attribute <span>Window</span> <span title="dom-window">window</span>;
   readonly attribute <span>Window</span> <span title="dom-self">self</span>;
+           attribute DOMString <span title="dom-name">name</span>;
   readonly attribute <span>Location</span> <span title="dom-document-location">location</span>;
   readonly attribute <span>History</span> <span title="dom-history">history</span>;
   readonly attribute <span>UndoManager</span> <span title="dom-undoManager">undoManager</span>;
@@ -20649,8 +20673,14 @@
   <span>the rules for chosing a browsing context given a browsing
   context name</span>.</p>
 
+  <p>The <dfn title="dom-name"><code>name</code></dfn> attribute of
+  the <code>Window</code> object must, on getting, return the current
+  name of the <span>browsing context</span>, and, on setting, set the
+  name of the <span>browsing context</span> to the new value.</p>
 
 
+
+
   <h4>Accessing other browsing contexts</h4>
 
   <p>In ECMAScript implementations, objects that implement the

More information about the Commit-Watchers mailing list