[html5] r4580 - [agiow] (0) freeze sandbox='' on document creation
whatwg at whatwg.org
whatwg at whatwg.org
Tue Jan 12 00:16:53 PST 2010
Author: ianh
Date: 2010-01-12 00:16:48 -0800 (Tue, 12 Jan 2010)
New Revision: 4580
Modified:
complete.html
index
source
Log:
[agiow] (0) freeze sandbox='' on document creation
Modified: complete.html
===================================================================
--- complete.html 2010-01-12 02:56:17 UTC (rev 4579)
+++ complete.html 2010-01-12 08:16:48 UTC (rev 4580)
@@ -19762,10 +19762,6 @@
</div>
- <p class=warning>This flag only takes effect when the
- <a href=#nested-browsing-context>nested browsing context</a> of the <code><a href=#the-iframe-element>iframe</a></code> is
- <a href=#navigate title=navigate>navigated</a>.</p>
-
</dd>
@@ -19794,18 +19790,22 @@
<p>This flag <a href=#sandboxScriptBlocked>blocks script
execution</a>.</p>
- <p class=warning>If the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attribute is
- dynamically added after the <code><a href=#the-iframe-element>iframe</a></code> has loaded a page,
- scripts already compiled by that page (whether in
- <code><a href=#script>script</a></code> elements, or in <a href=#event-handlers>event handlers</a>,
- or elsewhere) will continue to run. Only <em>new</em> scripts will
- be prevented from executing by this flag.</p>
+ <p class=warning>This flag only takes effect when the
+ <a href=#nested-browsing-context>nested browsing context</a> of the <code><a href=#the-iframe-element>iframe</a></code> is
+ <a href=#navigate title=navigate>navigated</a>. Removing it has no effect
+ on an already-loaded page.</p>
</dd>
</dl><p>These flags must not be set unless the conditions listed above
define them as being set.</p>
+ <p class=warning>These flags only take effect when the
+ <a href=#nested-browsing-context>nested browsing context</a> of the <code><a href=#the-iframe-element>iframe</a></code> is
+ <a href=#navigate title=navigate>navigated</a>. Removing then, or removing
+ the entire <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code>
+ attribute, has no effect on an already-loaded page.</p>
+
</div>
<div class=example>
@@ -19853,15 +19853,16 @@
be part of the containing document (seamlessly included in the
parent document). <span class=impl>Specifically, when the
attribute is set on an <code><a href=#the-iframe-element>iframe</a></code> element whose owner
- <code>Document</code>'s <a href=#browsing-context>browsing context</a> does not have
- the <a href=#sandboxed-seamless-iframes-flag>sandboxed seamless iframes flag</a> set and while
- either the <a href=#browsing-context>browsing context</a>'s <a href=#active-document>active
- document</a> has the <a href=#same-origin>same origin</a> as the
- <code><a href=#the-iframe-element>iframe</a></code> element's document, or the <a href=#browsing-context>browsing
- context</a>'s <a href=#active-document>active document</a>'s <em><a href="#the-document's-address" title="the
- document's address">address</a></em> has the <a href=#same-origin>same
- origin</a> as the <code><a href=#the-iframe-element>iframe</a></code> element's document, the
- following requirements apply:</span></p>
+ <code>Document</code>'s <a href=#browsing-context>browsing context</a> did not have
+ the <a href=#sandboxed-seamless-iframes-flag>sandboxed seamless iframes flag</a> set when that
+ <code>Document</code> was created, and while either the
+ <a href=#browsing-context>browsing context</a>'s <a href=#active-document>active document</a> has the
+ <a href=#same-origin>same origin</a> as the <code><a href=#the-iframe-element>iframe</a></code> element's
+ document, or the <a href=#browsing-context>browsing context</a>'s <a href=#active-document>active
+ document</a>'s <em><a href="#the-document's-address" title="the document's
+ address">address</a></em> has the <a href=#same-origin>same origin</a> as the
+ <code><a href=#the-iframe-element>iframe</a></code> element's document, the following requirements
+ apply:</span></p>
<div class=impl>
@@ -20112,17 +20113,17 @@
content</a>, any plugins instantiated for the element must be
removed, and the <code><a href=#the-embed-element>embed</a></code> element represents nothing.</p>
- <p id=sandboxPluginEmbed>When the <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing
- context flag</a> is set on the <a href=#browsing-context>browsing context</a> for
- which the <code><a href=#the-embed-element>embed</a></code> element's document is the <a href=#active-document>active
- document</a>, then the user agent must render the
- <code><a href=#the-embed-element>embed</a></code> element in a manner that conveys that the
- <a href=#plugin>plugin</a> was disabled. The user agent may offer the user
- the option to override the sandbox and instantiate the
- <a href=#plugin>plugin</a> anyway; if the user invokes such an option, the
- user agent must act as if the <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing
- context flag</a> was not set for the purposes of this
- element.</p>
+ <p id=sandboxPluginEmbed>If the <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing
+ context flag</a> was set on the <a href=#browsing-context>browsing context</a> for
+ which the <code><a href=#the-embed-element>embed</a></code> element's <code>Document</code> is the
+ <a href=#active-document>active document</a> when that <code>Document</code> was
+ created, then the user agent must render the <code><a href=#the-embed-element>embed</a></code>
+ element in a manner that conveys that the <a href=#plugin>plugin</a> was
+ disabled. The user agent may offer the user the option to override
+ the sandbox and instantiate the <a href=#plugin>plugin</a> anyway; if the
+ user invokes such an option, the user agent must act as if the
+ <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing context flag</a> was not set for
+ the purposes of this element.</p>
<p class=warning>Plugins are disabled in sandboxed browsing
contexts because they might not honor the restrictions imposed by
@@ -20137,7 +20138,7 @@
<ul class=brief><li>The element is <a href=#in-a-document title="in a document">in a <code>Document</code></a>.</li>
<li>The element's <code>Document</code> is <a href=#fully-active>fully active</a>.</li>
<li>The element has either a <code title=attr-embed-src><a href=#attr-embed-src>src</a></code> attribute set or a <code title=attr-embed-type><a href=#attr-embed-type>type</a></code> attribute set (or both).</li>
- <li>The element is not in a sandboxed browsing context.</li>
+ <li>The element is not in a <code>Document</code> whose <a href=#browsing-context>browsing context</a> had the <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing context flag</a> set when the <code>Document</code> was created.</li>
<li>The element is not a descendant of a <a href=#media-element>media element</a>.</li>
<li>The element is not a descendant of an <code><a href=#the-object-element>object</a></code> element that is not showing its <a href=#fallback-content>fallback content</a>.</li>
</ul><p>Whenever an <code><a href=#the-embed-element>embed</a></code> element that was not <a href=#concept-embed-active title=concept-embed-active>potentially active</a> becomes <a href=#concept-embed-active title=concept-embed-active>potentially active</a>, and whenever
@@ -20762,11 +20763,11 @@
<a href=#browsing-context>browsing context</a>.</p>
<p id=sandboxPluginObject>If the <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing
- context flag</a> is set on the <a href=#browsing-context>browsing context</a> for
- which the <code><a href=#the-object-element>object</a></code> element's document is the <a href=#active-document>active
- document</a>, then the steps above must always act as if they had
- failed to find a <a href=#plugin>plugin</a>, even if one would otherwise have been
- used.</p>
+ context flag</a> was set on the <code><a href=#the-object-element>object</a></code> element's
+ <code>Document</code>'s <a href=#browsing-context>browsing context</a> when the
+ <code>Document</code> was created, then the steps above must always
+ act as if they had failed to find a <a href=#plugin>plugin</a>, even if one
+ would otherwise have been used.</p>
<p class=note>The above algorithm is independent of CSS properties
(including 'display', 'overflow', and 'visibility'). For example, it
@@ -39441,9 +39442,10 @@
<ol><li id=sandboxSubmitBlocked><p>If <var title="">form</var> is in
a <code>Document</code> that has no associated <a href=#browsing-context>browsing
- context</a> or whose <a href=#browsing-context>browsing context</a> has its
- <a href=#sandboxed-forms-browsing-context-flag>sandboxed forms browsing context flag</a> set, then abort
- these steps without doing anything.</li>
+ context</a> or whose <a href=#browsing-context>browsing context</a> had its
+ <a href=#sandboxed-forms-browsing-context-flag>sandboxed forms browsing context flag</a> set when the
+ <code>Document</code> was created, then abort these steps without
+ doing anything.</li>
<li><p>If <var title="">form</var> is already being submitted
(i.e. the form was <a href=#concept-form-submit title=concept-form-submit>submitted</a> again while processing
@@ -49753,9 +49755,9 @@
happens depends on the user agent's configuration and/or
abilities:</p>
- <dl><dt id=sandboxWindowOpen>If the current browsing context has
- the <a href=#sandboxed-navigation-browsing-context-flag>sandboxed navigation browsing context flag</a>
- set.</dt>
+ <dl><dt id=sandboxWindowOpen>If the current browsing context had
+ the <a href=#sandboxed-navigation-browsing-context-flag>sandboxed navigation browsing context flag</a> set
+ when its <a href=#active-document>active document</a> was created.</dt>
<dd><p>The user agent may offer to create a new <a href=#top-level-browsing-context>top-level
browsing context</a> or reuse an existing <a href=#top-level-browsing-context>top-level
@@ -51022,9 +51024,10 @@
the option to disable scripting globally, or in a finer-grained
manner, e.g. on a per-origin basis.)</li>
- <li id=sandboxScriptBlocked>The <a href=#browsing-context>browsing context</a>
- does not have the <a href=#sandboxed-scripts-browsing-context-flag>sandboxed scripts browsing context
- flag</a> set.</li>
+ <li id=sandboxScriptBlocked>The <a href=#browsing-context>browsing context</a> did
+ not have the <a href=#sandboxed-scripts-browsing-context-flag>sandboxed scripts browsing context flag</a>
+ set when the <a href=#browsing-context>browsing context</a>'s <a href=#active-document>active
+ document</a> was created.</li>
</ul><p><dfn id=concept-bc-noscript title=concept-bc-noscript>Scripting is disabled</dfn> in a
<a href=#browsing-context>browsing context</a> when any of the above conditions are
@@ -56116,15 +56119,16 @@
being navigated, and the <a href=#source-browsing-context>source browsing context</a> is
not one of the <a href=#ancestor-browsing-context title="ancestor browsing context">ancestor
browsing contexts</a> of the <a href=#browsing-context>browsing context</a> being
- navigated, and the <a href=#source-browsing-context>source browsing context</a> has its
- <a href=#sandboxed-navigation-browsing-context-flag>sandboxed navigation browsing context flag</a> set, then
- abort these steps. The user agent may offer to open the new
- resource in a new <a href=#top-level-browsing-context>top-level browsing context</a> or in the
- <a href=#top-level-browsing-context>top-level browsing context</a> of the <a href=#source-browsing-context>source
- browsing context</a>, at the user's option, in which case the
- user agent must <a href=#navigate>navigate</a> that designated
- <a href=#top-level-browsing-context>top-level browsing context</a> to the new resource as if
- the user had requested it independently.</li>
+ navigated, and the <a href=#source-browsing-context>source browsing context</a> had its
+ <a href=#sandboxed-navigation-browsing-context-flag>sandboxed navigation browsing context flag</a> set when
+ its <a href=#active-document>active document</a> was created, then abort these
+ steps. The user agent may offer to open the new resource in a new
+ <a href=#top-level-browsing-context>top-level browsing context</a> or in the <a href=#top-level-browsing-context>top-level
+ browsing context</a> of the <a href=#source-browsing-context>source browsing
+ context</a>, at the user's option, in which case the user agent
+ must <a href=#navigate>navigate</a> that designated <a href=#top-level-browsing-context>top-level browsing
+ context</a> to the new resource as if the user had requested it
+ independently.</li>
<li id=seamlessLinks><p>If the <a href=#source-browsing-context>source browsing
context</a> is the same as the <a href=#browsing-context>browsing context</a>
@@ -56712,8 +56716,9 @@
the document a <code><a href=#the-title-element-0>title</a></code>.</p>
<p class=note id=sandboxPluginNavigate>If the <a href=#sandboxed-plugins-browsing-context-flag>sandboxed
- plugins browsing context flag</a> is set on the <a href=#browsing-context>browsing
- context</a>, the synthesized <code><a href=#the-embed-element>embed</a></code> element will <a href=#sandboxPluginEmbed>fail to render the content</a>.</p>
+ plugins browsing context flag</a> was set on the <a href=#browsing-context>browsing
+ context</a> when the <code>Document</code> was created, the
+ synthesized <code><a href=#the-embed-element>embed</a></code> element will <a href=#sandboxPluginEmbed>fail to render the content</a>.</p>
<h4 id=read-ua-inline><span class=secno>6.11.7 </span><dfn title=navigate-ua-inline>Page load processing model for inline content that doesn't have a DOM</dfn></h4>
@@ -82374,10 +82379,10 @@
<p id=sandboxPluginApplet>When the element is not <a href=#in-a-document>in a
<code>Document</code></a>, and when the element's document is not
- <a href=#fully-active>fully active</a>, and when the <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins
- browsing context flag</a> is set on the <a href=#browsing-context>browsing
- context</a> for which the <code><a href=#the-applet-element>applet</a></code> element's document
- is the <a href=#active-document>active document</a>, and when the element has an
+ <a href=#fully-active>fully active</a>, and when the element's
+ <code>Document</code>'s <a href=#browsing-context>browsing context</a> had its
+ <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing context flag</a> when that
+ <code>Document</code> was created, and when the element has an
ancestor <a href=#media-element>media element</a>, and when the element has an
ancestor <code><a href=#the-object-element>object</a></code> element that is <em>not</em> showing
its <a href=#fallback-content>fallback content</a>, and when no Java Language runtime
Modified: index
===================================================================
--- index 2010-01-12 02:56:17 UTC (rev 4579)
+++ index 2010-01-12 08:16:48 UTC (rev 4580)
@@ -19662,10 +19662,6 @@
</div>
- <p class=warning>This flag only takes effect when the
- <a href=#nested-browsing-context>nested browsing context</a> of the <code><a href=#the-iframe-element>iframe</a></code> is
- <a href=#navigate title=navigate>navigated</a>.</p>
-
</dd>
@@ -19694,18 +19690,22 @@
<p>This flag <a href=#sandboxScriptBlocked>blocks script
execution</a>.</p>
- <p class=warning>If the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attribute is
- dynamically added after the <code><a href=#the-iframe-element>iframe</a></code> has loaded a page,
- scripts already compiled by that page (whether in
- <code><a href=#script>script</a></code> elements, or in <a href=#event-handlers>event handlers</a>,
- or elsewhere) will continue to run. Only <em>new</em> scripts will
- be prevented from executing by this flag.</p>
+ <p class=warning>This flag only takes effect when the
+ <a href=#nested-browsing-context>nested browsing context</a> of the <code><a href=#the-iframe-element>iframe</a></code> is
+ <a href=#navigate title=navigate>navigated</a>. Removing it has no effect
+ on an already-loaded page.</p>
</dd>
</dl><p>These flags must not be set unless the conditions listed above
define them as being set.</p>
+ <p class=warning>These flags only take effect when the
+ <a href=#nested-browsing-context>nested browsing context</a> of the <code><a href=#the-iframe-element>iframe</a></code> is
+ <a href=#navigate title=navigate>navigated</a>. Removing then, or removing
+ the entire <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code>
+ attribute, has no effect on an already-loaded page.</p>
+
</div>
<div class=example>
@@ -19753,15 +19753,16 @@
be part of the containing document (seamlessly included in the
parent document). <span class=impl>Specifically, when the
attribute is set on an <code><a href=#the-iframe-element>iframe</a></code> element whose owner
- <code>Document</code>'s <a href=#browsing-context>browsing context</a> does not have
- the <a href=#sandboxed-seamless-iframes-flag>sandboxed seamless iframes flag</a> set and while
- either the <a href=#browsing-context>browsing context</a>'s <a href=#active-document>active
- document</a> has the <a href=#same-origin>same origin</a> as the
- <code><a href=#the-iframe-element>iframe</a></code> element's document, or the <a href=#browsing-context>browsing
- context</a>'s <a href=#active-document>active document</a>'s <em><a href="#the-document's-address" title="the
- document's address">address</a></em> has the <a href=#same-origin>same
- origin</a> as the <code><a href=#the-iframe-element>iframe</a></code> element's document, the
- following requirements apply:</span></p>
+ <code>Document</code>'s <a href=#browsing-context>browsing context</a> did not have
+ the <a href=#sandboxed-seamless-iframes-flag>sandboxed seamless iframes flag</a> set when that
+ <code>Document</code> was created, and while either the
+ <a href=#browsing-context>browsing context</a>'s <a href=#active-document>active document</a> has the
+ <a href=#same-origin>same origin</a> as the <code><a href=#the-iframe-element>iframe</a></code> element's
+ document, or the <a href=#browsing-context>browsing context</a>'s <a href=#active-document>active
+ document</a>'s <em><a href="#the-document's-address" title="the document's
+ address">address</a></em> has the <a href=#same-origin>same origin</a> as the
+ <code><a href=#the-iframe-element>iframe</a></code> element's document, the following requirements
+ apply:</span></p>
<div class=impl>
@@ -20012,17 +20013,17 @@
content</a>, any plugins instantiated for the element must be
removed, and the <code><a href=#the-embed-element>embed</a></code> element represents nothing.</p>
- <p id=sandboxPluginEmbed>When the <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing
- context flag</a> is set on the <a href=#browsing-context>browsing context</a> for
- which the <code><a href=#the-embed-element>embed</a></code> element's document is the <a href=#active-document>active
- document</a>, then the user agent must render the
- <code><a href=#the-embed-element>embed</a></code> element in a manner that conveys that the
- <a href=#plugin>plugin</a> was disabled. The user agent may offer the user
- the option to override the sandbox and instantiate the
- <a href=#plugin>plugin</a> anyway; if the user invokes such an option, the
- user agent must act as if the <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing
- context flag</a> was not set for the purposes of this
- element.</p>
+ <p id=sandboxPluginEmbed>If the <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing
+ context flag</a> was set on the <a href=#browsing-context>browsing context</a> for
+ which the <code><a href=#the-embed-element>embed</a></code> element's <code>Document</code> is the
+ <a href=#active-document>active document</a> when that <code>Document</code> was
+ created, then the user agent must render the <code><a href=#the-embed-element>embed</a></code>
+ element in a manner that conveys that the <a href=#plugin>plugin</a> was
+ disabled. The user agent may offer the user the option to override
+ the sandbox and instantiate the <a href=#plugin>plugin</a> anyway; if the
+ user invokes such an option, the user agent must act as if the
+ <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing context flag</a> was not set for
+ the purposes of this element.</p>
<p class=warning>Plugins are disabled in sandboxed browsing
contexts because they might not honor the restrictions imposed by
@@ -20037,7 +20038,7 @@
<ul class=brief><li>The element is <a href=#in-a-document title="in a document">in a <code>Document</code></a>.</li>
<li>The element's <code>Document</code> is <a href=#fully-active>fully active</a>.</li>
<li>The element has either a <code title=attr-embed-src><a href=#attr-embed-src>src</a></code> attribute set or a <code title=attr-embed-type><a href=#attr-embed-type>type</a></code> attribute set (or both).</li>
- <li>The element is not in a sandboxed browsing context.</li>
+ <li>The element is not in a <code>Document</code> whose <a href=#browsing-context>browsing context</a> had the <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing context flag</a> set when the <code>Document</code> was created.</li>
<li>The element is not a descendant of a <a href=#media-element>media element</a>.</li>
<li>The element is not a descendant of an <code><a href=#the-object-element>object</a></code> element that is not showing its <a href=#fallback-content>fallback content</a>.</li>
</ul><p>Whenever an <code><a href=#the-embed-element>embed</a></code> element that was not <a href=#concept-embed-active title=concept-embed-active>potentially active</a> becomes <a href=#concept-embed-active title=concept-embed-active>potentially active</a>, and whenever
@@ -20662,11 +20663,11 @@
<a href=#browsing-context>browsing context</a>.</p>
<p id=sandboxPluginObject>If the <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing
- context flag</a> is set on the <a href=#browsing-context>browsing context</a> for
- which the <code><a href=#the-object-element>object</a></code> element's document is the <a href=#active-document>active
- document</a>, then the steps above must always act as if they had
- failed to find a <a href=#plugin>plugin</a>, even if one would otherwise have been
- used.</p>
+ context flag</a> was set on the <code><a href=#the-object-element>object</a></code> element's
+ <code>Document</code>'s <a href=#browsing-context>browsing context</a> when the
+ <code>Document</code> was created, then the steps above must always
+ act as if they had failed to find a <a href=#plugin>plugin</a>, even if one
+ would otherwise have been used.</p>
<p class=note>The above algorithm is independent of CSS properties
(including 'display', 'overflow', and 'visibility'). For example, it
@@ -39341,9 +39342,10 @@
<ol><li id=sandboxSubmitBlocked><p>If <var title="">form</var> is in
a <code>Document</code> that has no associated <a href=#browsing-context>browsing
- context</a> or whose <a href=#browsing-context>browsing context</a> has its
- <a href=#sandboxed-forms-browsing-context-flag>sandboxed forms browsing context flag</a> set, then abort
- these steps without doing anything.</li>
+ context</a> or whose <a href=#browsing-context>browsing context</a> had its
+ <a href=#sandboxed-forms-browsing-context-flag>sandboxed forms browsing context flag</a> set when the
+ <code>Document</code> was created, then abort these steps without
+ doing anything.</li>
<li><p>If <var title="">form</var> is already being submitted
(i.e. the form was <a href=#concept-form-submit title=concept-form-submit>submitted</a> again while processing
@@ -49653,9 +49655,9 @@
happens depends on the user agent's configuration and/or
abilities:</p>
- <dl><dt id=sandboxWindowOpen>If the current browsing context has
- the <a href=#sandboxed-navigation-browsing-context-flag>sandboxed navigation browsing context flag</a>
- set.</dt>
+ <dl><dt id=sandboxWindowOpen>If the current browsing context had
+ the <a href=#sandboxed-navigation-browsing-context-flag>sandboxed navigation browsing context flag</a> set
+ when its <a href=#active-document>active document</a> was created.</dt>
<dd><p>The user agent may offer to create a new <a href=#top-level-browsing-context>top-level
browsing context</a> or reuse an existing <a href=#top-level-browsing-context>top-level
@@ -50922,9 +50924,10 @@
the option to disable scripting globally, or in a finer-grained
manner, e.g. on a per-origin basis.)</li>
- <li id=sandboxScriptBlocked>The <a href=#browsing-context>browsing context</a>
- does not have the <a href=#sandboxed-scripts-browsing-context-flag>sandboxed scripts browsing context
- flag</a> set.</li>
+ <li id=sandboxScriptBlocked>The <a href=#browsing-context>browsing context</a> did
+ not have the <a href=#sandboxed-scripts-browsing-context-flag>sandboxed scripts browsing context flag</a>
+ set when the <a href=#browsing-context>browsing context</a>'s <a href=#active-document>active
+ document</a> was created.</li>
</ul><p><dfn id=concept-bc-noscript title=concept-bc-noscript>Scripting is disabled</dfn> in a
<a href=#browsing-context>browsing context</a> when any of the above conditions are
@@ -56030,15 +56033,16 @@
being navigated, and the <a href=#source-browsing-context>source browsing context</a> is
not one of the <a href=#ancestor-browsing-context title="ancestor browsing context">ancestor
browsing contexts</a> of the <a href=#browsing-context>browsing context</a> being
- navigated, and the <a href=#source-browsing-context>source browsing context</a> has its
- <a href=#sandboxed-navigation-browsing-context-flag>sandboxed navigation browsing context flag</a> set, then
- abort these steps. The user agent may offer to open the new
- resource in a new <a href=#top-level-browsing-context>top-level browsing context</a> or in the
- <a href=#top-level-browsing-context>top-level browsing context</a> of the <a href=#source-browsing-context>source
- browsing context</a>, at the user's option, in which case the
- user agent must <a href=#navigate>navigate</a> that designated
- <a href=#top-level-browsing-context>top-level browsing context</a> to the new resource as if
- the user had requested it independently.</li>
+ navigated, and the <a href=#source-browsing-context>source browsing context</a> had its
+ <a href=#sandboxed-navigation-browsing-context-flag>sandboxed navigation browsing context flag</a> set when
+ its <a href=#active-document>active document</a> was created, then abort these
+ steps. The user agent may offer to open the new resource in a new
+ <a href=#top-level-browsing-context>top-level browsing context</a> or in the <a href=#top-level-browsing-context>top-level
+ browsing context</a> of the <a href=#source-browsing-context>source browsing
+ context</a>, at the user's option, in which case the user agent
+ must <a href=#navigate>navigate</a> that designated <a href=#top-level-browsing-context>top-level browsing
+ context</a> to the new resource as if the user had requested it
+ independently.</li>
<li id=seamlessLinks><p>If the <a href=#source-browsing-context>source browsing
context</a> is the same as the <a href=#browsing-context>browsing context</a>
@@ -56626,8 +56630,9 @@
the document a <code><a href=#the-title-element-0>title</a></code>.</p>
<p class=note id=sandboxPluginNavigate>If the <a href=#sandboxed-plugins-browsing-context-flag>sandboxed
- plugins browsing context flag</a> is set on the <a href=#browsing-context>browsing
- context</a>, the synthesized <code><a href=#the-embed-element>embed</a></code> element will <a href=#sandboxPluginEmbed>fail to render the content</a>.</p>
+ plugins browsing context flag</a> was set on the <a href=#browsing-context>browsing
+ context</a> when the <code>Document</code> was created, the
+ synthesized <code><a href=#the-embed-element>embed</a></code> element will <a href=#sandboxPluginEmbed>fail to render the content</a>.</p>
<h4 id=read-ua-inline><span class=secno>6.11.7 </span><dfn title=navigate-ua-inline>Page load processing model for inline content that doesn't have a DOM</dfn></h4>
@@ -76728,10 +76733,10 @@
<p id=sandboxPluginApplet>When the element is not <a href=#in-a-document>in a
<code>Document</code></a>, and when the element's document is not
- <a href=#fully-active>fully active</a>, and when the <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins
- browsing context flag</a> is set on the <a href=#browsing-context>browsing
- context</a> for which the <code><a href=#the-applet-element>applet</a></code> element's document
- is the <a href=#active-document>active document</a>, and when the element has an
+ <a href=#fully-active>fully active</a>, and when the element's
+ <code>Document</code>'s <a href=#browsing-context>browsing context</a> had its
+ <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing context flag</a> when that
+ <code>Document</code> was created, and when the element has an
ancestor <a href=#media-element>media element</a>, and when the element has an
ancestor <code><a href=#the-object-element>object</a></code> element that is <em>not</em> showing
its <a href=#fallback-content>fallback content</a>, and when no Java Language runtime
Modified: source
===================================================================
--- source 2010-01-12 02:56:17 UTC (rev 4579)
+++ source 2010-01-12 08:16:48 UTC (rev 4580)
@@ -21032,10 +21032,6 @@
</div>
- <p class="warning">This flag only takes effect when the
- <span>nested browsing context</span> of the <code>iframe</code> is
- <span title="navigate">navigated</span>.</p>
-
</dd>
@@ -21066,13 +21062,10 @@
<p>This flag <a href="#sandboxScriptBlocked">blocks script
execution</a>.</p>
- <p class="warning">If the <code
- title="attr-iframe-sandbox">sandbox</code> attribute is
- dynamically added after the <code>iframe</code> has loaded a page,
- scripts already compiled by that page (whether in
- <code>script</code> elements, or in <span>event handlers</span>,
- or elsewhere) will continue to run. Only <em>new</em> scripts will
- be prevented from executing by this flag.</p>
+ <p class="warning">This flag only takes effect when the
+ <span>nested browsing context</span> of the <code>iframe</code> is
+ <span title="navigate">navigated</span>. Removing it has no effect
+ on an already-loaded page.</p>
</dd>
@@ -21081,6 +21074,12 @@
<p>These flags must not be set unless the conditions listed above
define them as being set.</p>
+ <p class="warning">These flags only take effect when the
+ <span>nested browsing context</span> of the <code>iframe</code> is
+ <span title="navigate">navigated</span>. Removing then, or removing
+ the entire <code title="attr-iframe-sandbox">sandbox</code>
+ attribute, has no effect on an already-loaded page.</p>
+
</div>
<div class="example">
@@ -21135,15 +21134,16 @@
be part of the containing document (seamlessly included in the
parent document). <span class="impl">Specifically, when the
attribute is set on an <code>iframe</code> element whose owner
- <code>Document</code>'s <span>browsing context</span> does not have
- the <span>sandboxed seamless iframes flag</span> set and while
- either the <span>browsing context</span>'s <span>active
- document</span> has the <span>same origin</span> as the
- <code>iframe</code> element's document, or the <span>browsing
- context</span>'s <span>active document</span>'s <em><span title="the
- document's address">address</span></em> has the <span>same
- origin</span> as the <code>iframe</code> element's document, the
- following requirements apply:</span></p>
+ <code>Document</code>'s <span>browsing context</span> did not have
+ the <span>sandboxed seamless iframes flag</span> set when that
+ <code>Document</code> was created, and while either the
+ <span>browsing context</span>'s <span>active document</span> has the
+ <span>same origin</span> as the <code>iframe</code> element's
+ document, or the <span>browsing context</span>'s <span>active
+ document</span>'s <em><span title="the document's
+ address">address</span></em> has the <span>same origin</span> as the
+ <code>iframe</code> element's document, the following requirements
+ apply:</span></p>
<div class="impl">
@@ -21414,17 +21414,17 @@
content</span>, any plugins instantiated for the element must be
removed, and the <code>embed</code> element represents nothing.</p>
- <p id="sandboxPluginEmbed">When the <span>sandboxed plugins browsing
- context flag</span> is set on the <span>browsing context</span> for
- which the <code>embed</code> element's document is the <span>active
- document</span>, then the user agent must render the
- <code>embed</code> element in a manner that conveys that the
- <span>plugin</span> was disabled. The user agent may offer the user
- the option to override the sandbox and instantiate the
- <span>plugin</span> anyway; if the user invokes such an option, the
- user agent must act as if the <span>sandboxed plugins browsing
- context flag</span> was not set for the purposes of this
- element.</p>
+ <p id="sandboxPluginEmbed">If the <span>sandboxed plugins browsing
+ context flag</span> was set on the <span>browsing context</span> for
+ which the <code>embed</code> element's <code>Document</code> is the
+ <span>active document</span> when that <code>Document</code> was
+ created, then the user agent must render the <code>embed</code>
+ element in a manner that conveys that the <span>plugin</span> was
+ disabled. The user agent may offer the user the option to override
+ the sandbox and instantiate the <span>plugin</span> anyway; if the
+ user invokes such an option, the user agent must act as if the
+ <span>sandboxed plugins browsing context flag</span> was not set for
+ the purposes of this element.</p>
<p class="warning">Plugins are disabled in sandboxed browsing
contexts because they might not honor the restrictions imposed by
@@ -21441,7 +21441,7 @@
<li>The element is <span title="in a document">in a <code>Document</code></span>.</li>
<li>The element's <code>Document</code> is <span>fully active</span>.</li>
<li>The element has either a <code title="attr-embed-src">src</code> attribute set or a <code title="attr-embed-type">type</code> attribute set (or both).</li>
- <li>The element is not in a sandboxed browsing context.</li>
+ <li>The element is not in a <code>Document</code> whose <span>browsing context</span> had the <span>sandboxed plugins browsing context flag</span> set when the <code>Document</code> was created.</li>
<li>The element is not a descendant of a <span>media element</span>.</li>
<li>The element is not a descendant of an <code>object</code> element that is not showing its <span>fallback content</span>.</li>
</ul>
@@ -22138,11 +22138,11 @@
<span>browsing context</span>.</p>
<p id="sandboxPluginObject">If the <span>sandboxed plugins browsing
- context flag</span> is set on the <span>browsing context</span> for
- which the <code>object</code> element's document is the <span>active
- document</span>, then the steps above must always act as if they had
- failed to find a <span>plugin</span>, even if one would otherwise have been
- used.</p>
+ context flag</span> was set on the <code>object</code> element's
+ <code>Document</code>'s <span>browsing context</span> when the
+ <code>Document</code> was created, then the steps above must always
+ act as if they had failed to find a <span>plugin</span>, even if one
+ would otherwise have been used.</p>
<p class="note">The above algorithm is independent of CSS properties
(including 'display', 'overflow', and 'visibility'). For example, it
@@ -44012,9 +44012,10 @@
<li id="sandboxSubmitBlocked"><p>If <var title="">form</var> is in
a <code>Document</code> that has no associated <span>browsing
- context</span> or whose <span>browsing context</span> has its
- <span>sandboxed forms browsing context flag</span> set, then abort
- these steps without doing anything.</p></li>
+ context</span> or whose <span>browsing context</span> had its
+ <span>sandboxed forms browsing context flag</span> set when the
+ <code>Document</code> was created, then abort these steps without
+ doing anything.</p></li>
<li><p>If <var title="">form</var> is already being submitted
(i.e. the form was <span
@@ -56034,9 +56035,9 @@
<dl>
- <dt id="sandboxWindowOpen">If the current browsing context has
- the <span>sandboxed navigation browsing context flag</span>
- set.</dt>
+ <dt id="sandboxWindowOpen">If the current browsing context had
+ the <span>sandboxed navigation browsing context flag</span> set
+ when its <span>active document</span> was created.</dt>
<dd><p>The user agent may offer to create a new <span>top-level
browsing context</span> or reuse an existing <span>top-level
@@ -57488,9 +57489,10 @@
the option to disable scripting globally, or in a finer-grained
manner, e.g. on a per-origin basis.)</li>
- <li id="sandboxScriptBlocked">The <span>browsing context</span>
- does not have the <span>sandboxed scripts browsing context
- flag</span> set.</li>
+ <li id="sandboxScriptBlocked">The <span>browsing context</span> did
+ not have the <span>sandboxed scripts browsing context flag</span>
+ set when the <span>browsing context</span>'s <span>active
+ document</span> was created.</li>
</ul>
@@ -63439,15 +63441,16 @@
being navigated, and the <span>source browsing context</span> is
not one of the <span title="ancestor browsing context">ancestor
browsing contexts</span> of the <span>browsing context</span> being
- navigated, and the <span>source browsing context</span> has its
- <span>sandboxed navigation browsing context flag</span> set, then
- abort these steps. The user agent may offer to open the new
- resource in a new <span>top-level browsing context</span> or in the
- <span>top-level browsing context</span> of the <span>source
- browsing context</span>, at the user's option, in which case the
- user agent must <span>navigate</span> that designated
- <span>top-level browsing context</span> to the new resource as if
- the user had requested it independently.</p></li>
+ navigated, and the <span>source browsing context</span> had its
+ <span>sandboxed navigation browsing context flag</span> set when
+ its <span>active document</span> was created, then abort these
+ steps. The user agent may offer to open the new resource in a new
+ <span>top-level browsing context</span> or in the <span>top-level
+ browsing context</span> of the <span>source browsing
+ context</span>, at the user's option, in which case the user agent
+ must <span>navigate</span> that designated <span>top-level browsing
+ context</span> to the new resource as if the user had requested it
+ independently.</p></li>
<li id="seamlessLinks"><p>If the <span>source browsing
context</span> is the same as the <span>browsing context</span>
@@ -64111,8 +64114,9 @@
the document a <code>title</code>.</p>
<p class="note" id="sandboxPluginNavigate">If the <span>sandboxed
- plugins browsing context flag</span> is set on the <span>browsing
- context</span>, the synthesized <code>embed</code> element will <a
+ plugins browsing context flag</span> was set on the <span>browsing
+ context</span> when the <code>Document</code> was created, the
+ synthesized <code>embed</code> element will <a
href="#sandboxPluginEmbed">fail to render the content</a>.</p>
@@ -91537,10 +91541,10 @@
<p id="sandboxPluginApplet">When the element is not <span>in a
<code>Document</code></span>, and when the element's document is not
- <span>fully active</span>, and when the <span>sandboxed plugins
- browsing context flag</span> is set on the <span>browsing
- context</span> for which the <code>applet</code> element's document
- is the <span>active document</span>, and when the element has an
+ <span>fully active</span>, and when the element's
+ <code>Document</code>'s <span>browsing context</span> had its
+ <span>sandboxed plugins browsing context flag</span> when that
+ <code>Document</code> was created, and when the element has an
ancestor <span>media element</span>, and when the element has an
ancestor <code>object</code> element that is <em>not</em> showing
its <span>fallback content</span>, and when no Java Language runtime
More information about the Commit-Watchers
mailing list