[html5] r6233 - [giow] (0) showModalDialog() inside a sandboxed iframe should be blocked _before [...]
whatwg at whatwg.org
whatwg at whatwg.org
Tue Jun 14 23:28:15 PDT 2011
Author: ianh
Date: 2011-06-14 23:28:13 -0700 (Tue, 14 Jun 2011)
New Revision: 6233
Modified:
complete.html
index
source
Log:
[giow] (0) showModalDialog() inside a sandboxed iframe should be blocked _before_ the window pops up... Also, some minor editorial cleanup in this area.
Fixing http://www.w3.org/Bugs/Public/show_bug.cgi?id=12391
Modified: complete.html
===================================================================
--- complete.html 2011-06-15 05:55:07 UTC (rev 6232)
+++ complete.html 2011-06-15 06:28:13 UTC (rev 6233)
@@ -24146,8 +24146,8 @@
<p>This flag also <a href=#sandboxWindowOpen>prevents content
from creating new auxiliary browsing contexts</a>, e.g. using the
- <code title=attr-hyperlink-target><a href=#attr-hyperlink-target>target</a></code> attribute or the
- <code title=dom-open><a href=#dom-open>window.open()</a></code> method.</p>
+ <code title=attr-hyperlink-target><a href=#attr-hyperlink-target>target</a></code> attribute, the
+ <code title=dom-open><a href=#dom-open>window.open()</a></code> method, or the <code title=dom-showModalDialog><a href=#dom-showmodaldialog>showModalDialog()</a></code> method.</p>
</dd>
@@ -61283,10 +61283,11 @@
<li>
<p>Otherwise, a new browsing context is being requested, and what
- happens depends on the user agent's configuration and/or
- abilities:</p>
+ happens depends on the user agent's configuration and/or abilities
+ — it is determined by the rules given for the first
+ applicable option from the following list:</p>
- <dl><dt id=sandboxWindowOpen>If the current browsing context had
+ <dl class=switch><dt id=sandboxWindowOpen>If the current browsing context had
the <a href=#sandboxed-navigation-browsing-context-flag>sandboxed navigation browsing context flag</a> set
when its <a href=#active-document>active document</a> was created.</dt>
@@ -61295,9 +61296,10 @@
browsing context</a>. If the user picks one of those options,
then the designated browsing context must be the chosen one (the
browsing context's name isn't set to the given browsing context
- name). Otherwise (if the user agent doesn't offer the option to
- the user, or if the user declines to allow a browsing context to
- be used) there must not be a chosen browsing context.</dd>
+ name). The default behaviour (if the user agent doesn't offer the
+ option to the user, or if the user declines to allow a browsing
+ context to be used) there must not be a chosen browsing
+ context.</dd>
<dt id=noopener>If the user agent has been configured such that
@@ -69150,6 +69152,15 @@
<li>
+ <p>If the current browsing context had the <a href=#sandboxed-navigation-browsing-context-flag>sandboxed
+ navigation browsing context flag</a> set when its <a href=#active-document>active
+ document</a> was created, then return the empty string and
+ abort these steps.</p>
+
+ </li>
+
+ <li>
+
<p>Let <var title="">the list of background browsing
contexts</var> be a list of all the browsing contexts that:</p>
Modified: index
===================================================================
--- index 2011-06-15 05:55:07 UTC (rev 6232)
+++ index 2011-06-15 06:28:13 UTC (rev 6233)
@@ -24136,8 +24136,8 @@
<p>This flag also <a href=#sandboxWindowOpen>prevents content
from creating new auxiliary browsing contexts</a>, e.g. using the
- <code title=attr-hyperlink-target><a href=#attr-hyperlink-target>target</a></code> attribute or the
- <code title=dom-open><a href=#dom-open>window.open()</a></code> method.</p>
+ <code title=attr-hyperlink-target><a href=#attr-hyperlink-target>target</a></code> attribute, the
+ <code title=dom-open><a href=#dom-open>window.open()</a></code> method, or the <code title=dom-showModalDialog><a href=#dom-showmodaldialog>showModalDialog()</a></code> method.</p>
</dd>
@@ -61276,10 +61276,11 @@
<li>
<p>Otherwise, a new browsing context is being requested, and what
- happens depends on the user agent's configuration and/or
- abilities:</p>
+ happens depends on the user agent's configuration and/or abilities
+ — it is determined by the rules given for the first
+ applicable option from the following list:</p>
- <dl><dt id=sandboxWindowOpen>If the current browsing context had
+ <dl class=switch><dt id=sandboxWindowOpen>If the current browsing context had
the <a href=#sandboxed-navigation-browsing-context-flag>sandboxed navigation browsing context flag</a> set
when its <a href=#active-document>active document</a> was created.</dt>
@@ -61288,9 +61289,10 @@
browsing context</a>. If the user picks one of those options,
then the designated browsing context must be the chosen one (the
browsing context's name isn't set to the given browsing context
- name). Otherwise (if the user agent doesn't offer the option to
- the user, or if the user declines to allow a browsing context to
- be used) there must not be a chosen browsing context.</dd>
+ name). The default behaviour (if the user agent doesn't offer the
+ option to the user, or if the user declines to allow a browsing
+ context to be used) there must not be a chosen browsing
+ context.</dd>
<dt id=noopener>If the user agent has been configured such that
@@ -69163,6 +69165,15 @@
<li>
+ <p>If the current browsing context had the <a href=#sandboxed-navigation-browsing-context-flag>sandboxed
+ navigation browsing context flag</a> set when its <a href=#active-document>active
+ document</a> was created, then return the empty string and
+ abort these steps.</p>
+
+ </li>
+
+ <li>
+
<p>Let <var title="">the list of background browsing
contexts</var> be a list of all the browsing contexts that:</p>
Modified: source
===================================================================
--- source 2011-06-15 05:55:07 UTC (rev 6232)
+++ source 2011-06-15 06:28:13 UTC (rev 6233)
@@ -26090,8 +26090,9 @@
<p>This flag also <a href="#sandboxWindowOpen">prevents content
from creating new auxiliary browsing contexts</a>, e.g. using the
- <code title="attr-hyperlink-target">target</code> attribute or the
- <code title="dom-open">window.open()</code> method.</p>
+ <code title="attr-hyperlink-target">target</code> attribute, the
+ <code title="dom-open">window.open()</code> method, or the <code
+ title="dom-showModalDialog">showModalDialog()</code> method.</p>
</dd>
@@ -69840,10 +69841,11 @@
<li>
<p>Otherwise, a new browsing context is being requested, and what
- happens depends on the user agent's configuration and/or
- abilities:</p>
+ happens depends on the user agent's configuration and/or abilities
+ — it is determined by the rules given for the first
+ applicable option from the following list:</p>
- <dl>
+ <dl class="switch">
<dt id="sandboxWindowOpen">If the current browsing context had
the <span>sandboxed navigation browsing context flag</span> set
@@ -69854,9 +69856,10 @@
browsing context</span>. If the user picks one of those options,
then the designated browsing context must be the chosen one (the
browsing context's name isn't set to the given browsing context
- name). Otherwise (if the user agent doesn't offer the option to
- the user, or if the user declines to allow a browsing context to
- be used) there must not be a chosen browsing context.</p></dd>
+ name). The default behaviour (if the user agent doesn't offer the
+ option to the user, or if the user declines to allow a browsing
+ context to be used) there must not be a chosen browsing
+ context.</p></dd>
<dt id="noopener">If the user agent has been configured such that
@@ -78956,6 +78959,15 @@
<li>
+ <p>If the current browsing context had the <span>sandboxed
+ navigation browsing context flag</span> set when its <span>active
+ document</span> was created, then return the empty string and
+ abort these steps.</p>
+
+ </li>
+
+ <li>
+
<p>Let <var title="">the list of background browsing
contexts</var> be a list of all the browsing contexts that:</p>
More information about the Commit-Watchers
mailing list