[html5] r1956 - [] (0) Cleanup around <img> requirements. Disallow scripts to run in <img> images.

whatwg at whatwg.org whatwg at whatwg.org
Tue Jul 29 19:24:03 PDT 2008 

Author: ianh
Date: 2008-07-29 19:24:02 -0700 (Tue, 29 Jul 2008)
New Revision: 1956

Modified:
   index
   source
Log:
[] (0) Cleanup around <img> requirements. Disallow scripts to run in <img> images.

Modified: index
===================================================================
--- index	2008-07-30 02:19:21 UTC (rev 1955)
+++ index	2008-07-30 02:24:02 UTC (rev 1956)
@@ -15436,16 +15436,17 @@
    href="#img">img</a></code> element's <a href="#fallback">fallback
    content</a>.
 
-  <p><strong>Authoring requirements</strong>: The <code title=attr-img-src><a
-   href="#src">src</a></code> attribute must be present, and must contain a
-   <a href="#valid">valid URL</a>. The requirements on the <code
-   title=attr-img-alt><a href="#alt0">alt</a></code> attribute's value are
-   described <a href="#alt">in the next section</a>.
+  <p>The <code title=attr-img-src><a href="#src">src</a></code> attribute
+   must be present, and must contain a <a href="#valid">valid URL</a>.
 
   <p class=big-issue>Should we restrict the URL to pointing to an image?
    What's an image? Is PDF an image? (Safari supports PDFs in <img>
    elements.) How about SVG? (Opera supports those). WMFs? XPMs? HTML?
 
+  <p>The requirements on the <code title=attr-img-alt><a
+   href="#alt0">alt</a></code> attribute's value are described <a
+   href="#alt">in the next section</a>.
+
   <p class=big-issue>There has been some suggestion that the <code
    title="">longdesc</code> attribute from HTML4, or some other mechanism
    that is more powerful than <code title="">alt=""</code>, should be
@@ -15458,11 +15459,10 @@
 
   <hr>
 
-  <p><strong>User agent requirements</strong>: When the <code
-   title=attr-img-alt><a href="#alt0">alt</a></code> attribute is present and
-   its value is the empty string, the image supplements the surrounding
-   content. In such cases, the image may be omitted without affecting the
-   meaning of the document.
+  <p>When the <code title=attr-img-alt><a href="#alt0">alt</a></code>
+   attribute is present and its value is the empty string, the image
+   supplements the surrounding content. In such cases, the image may be
+   omitted in the rendering without affecting the meaning of the document.
 
   <p>When the <code title=attr-img-alt><a href="#alt0">alt</a></code>
    attribute is present and its value is not the empty string, the image is a
@@ -15487,6 +15487,13 @@
    <code title=attr-img-alt><a href="#alt0">alt</a></code> attribute, if any,
    or nothing, if that attribute is empty or absent.
 
+  <p>When the <code title=attr-img-src><a href="#src">src</a></code>
+   attribute is present, the element represents the image given by that
+   attribute.
+
+  <p>The contents of <code><a href="#img">img</a></code> elements, if any,
+   are ignored for the purposes of rendering.
+
   <hr>
 
   <p>When an <code><a href="#img">img</a></code> is created with a <code
@@ -15526,7 +15533,8 @@
   <p class=note>This allows servers to return images with error responses.
 
   <p>User agents must not support non-image resources with the <code><a
-   href="#img">img</a></code> element.
+   href="#img">img</a></code> element. User agents must not run executable
+   code (e.g. scripts) embedded in the image resource.
 
   <hr>
 
@@ -15549,9 +15557,7 @@
    title=attr-hyperlink-href><a href="#href6">href</a></code> attribute.
 
   <p>The <code><a href="#img">img</a></code> element supports <a
-   href="#dimension0">dimension attributes</a>.</p>
-  <!-- XXX contents of <img> should be ignored for rendering but not
-  for semantics, e.g. <script>, <input>, etc. -->
+   href="#dimension0">dimension attributes</a>.
 
   <p>The DOM attributes <dfn id=alt1
    title=dom-img-alt><code>alt</code></dfn>, <dfn id=src0

Modified: source
===================================================================
--- source	2008-07-30 02:19:21 UTC (rev 1955)
+++ source	2008-07-30 02:24:02 UTC (rev 1956)
@@ -12982,17 +12982,18 @@
   title="attr-img-alt"><code>alt</code></dfn> attribute is the
   <code>img</code> element's <span>fallback content</span>.</p>
 
-  <p><strong>Authoring requirements</strong>: The <code
-  title="attr-img-src">src</code> attribute must be present, and must
-  contain a <span>valid URL</span>. The requirements on the <code
-  title="attr-img-alt">alt</code> attribute's value are described <a
-  href="#alt">in the next section</a>.</p>
+  <p>The <code title="attr-img-src">src</code> attribute must be
+  present, and must contain a <span>valid URL</span>.</p>
 
   <p class="big-issue">Should we restrict the URL to pointing to an
   image? What's an image? Is PDF an image? (Safari supports PDFs in
   <img> elements.) How about SVG? (Opera supports those). WMFs?
   XPMs? HTML?</p>
 
+  <p>The requirements on the <code title="attr-img-alt">alt</code>
+  attribute's value are described <a href="#alt">in the next
+  section</a>.</p>
+
   <p class="big-issue">There has been some suggestion that the <code
   title="">longdesc</code> attribute from HTML4, or some other
   mechanism that is more powerful than <code title="">alt=""</code>,
@@ -13005,11 +13006,10 @@
 
   <hr>
 
-  <p><strong>User agent requirements</strong>: When the <code
-  title="attr-img-alt">alt</code> attribute is present and its value
-  is the empty string, the image supplements the surrounding
-  content. In such cases, the image may be omitted without affecting
-  the meaning of the document.</p>
+  <p>When the <code title="attr-img-alt">alt</code> attribute is
+  present and its value is the empty string, the image supplements the
+  surrounding content. In such cases, the image may be omitted in the
+  rendering without affecting the meaning of the document.</p>
 
   <p>When the <code title="attr-img-alt">alt</code> attribute is
   present and its value is not the empty string, the image is a
@@ -13035,6 +13035,13 @@
   element's <code title="attr-img-alt">alt</code> attribute, if any,
   or nothing, if that attribute is empty or absent.</p>
 
+  <p>When the <code title="attr-img-src">src</code> attribute is
+  present, the element represents the image given by that
+  attribute.</p>
+
+  <p>The contents of <code>img</code> elements, if any, are ignored
+  for the purposes of rendering.</p>
+
   <hr>
 
   <p>When an <code>img</code> is created with a <code
@@ -13075,7 +13082,8 @@
   responses.</p>
 
   <p>User agents must not support non-image resources with the
-  <code>img</code> element.</p>
+  <code>img</code> element. User agents must not run executable code
+  (e.g. scripts) embedded in the image resource.</p>
 
   <hr>
 
@@ -13099,9 +13107,6 @@
   <p>The <code>img</code> element supports <span>dimension
   attributes</span>.</p>
 
-  <!-- XXX contents of <img> should be ignored for rendering but not
-  for semantics, e.g. <script>, <input>, etc. -->
-
   <p>The DOM attributes <dfn
   title="dom-img-alt"><code>alt</code></dfn>, <dfn
   title="dom-img-src"><code>src</code></dfn>, <dfn

More information about the Commit-Watchers mailing list