[html5] r7516 - [giow] (3) Location's security model is actually different than Window's. Fixing [...]
whatwg at whatwg.org
whatwg at whatwg.org
Mon Nov 19 23:45:24 PST 2012
Author: ianh
Date: 2012-11-19 23:45:23 -0800 (Mon, 19 Nov 2012)
New Revision: 7516
Modified:
complete.html
index
source
Log:
[giow] (3) Location's security model is actually different than Window's.
Fixing https://www.w3.org/Bugs/Public/show_bug.cgi?id=20012
Affected topics: DOM APIs, Security
Modified: complete.html
===================================================================
--- complete.html 2012-11-20 01:42:02 UTC (rev 7515)
+++ complete.html 2012-11-20 07:45:23 UTC (rev 7516)
@@ -70711,8 +70711,8 @@
<p id=security-3>User agents must throw a <code><a href=#securityerror>SecurityError</a></code> exception whenever any
properties of a <code><a href=#location>Location</a></code> object are accessed by scripts whose <a href=#effective-script-origin>effective script
origin</a> is not the <a href=#same-origin title="same origin">same</a> as the <code><a href=#location>Location</a></code>
- object's associated <code><a href=#document>Document</a></code>'s <a href=#effective-script-origin>effective script origin</a>, with the
- following exceptions:</p>
+ object's associated <code><a href=#document>Document</a></code>'s <a href=#browsing-context>browsing context</a>'s <a href=#active-document>active
+ document</a>'s <a href=#effective-script-origin>effective script origin</a>, with the following exceptions:</p>
<ul><li>The <code title=dom-location-href><a href=#dom-location-href>href</a></code> setter, if the
script is running in a <a href=#browsing-context>browsing context</a> that is
Modified: index
===================================================================
--- index 2012-11-20 01:42:02 UTC (rev 7515)
+++ index 2012-11-20 07:45:23 UTC (rev 7516)
@@ -70711,8 +70711,8 @@
<p id=security-3>User agents must throw a <code><a href=#securityerror>SecurityError</a></code> exception whenever any
properties of a <code><a href=#location>Location</a></code> object are accessed by scripts whose <a href=#effective-script-origin>effective script
origin</a> is not the <a href=#same-origin title="same origin">same</a> as the <code><a href=#location>Location</a></code>
- object's associated <code><a href=#document>Document</a></code>'s <a href=#effective-script-origin>effective script origin</a>, with the
- following exceptions:</p>
+ object's associated <code><a href=#document>Document</a></code>'s <a href=#browsing-context>browsing context</a>'s <a href=#active-document>active
+ document</a>'s <a href=#effective-script-origin>effective script origin</a>, with the following exceptions:</p>
<ul><li>The <code title=dom-location-href><a href=#dom-location-href>href</a></code> setter, if the
script is running in a <a href=#browsing-context>browsing context</a> that is
Modified: source
===================================================================
--- source 2012-11-20 01:42:02 UTC (rev 7515)
+++ source 2012-11-20 07:45:23 UTC (rev 7516)
@@ -82982,8 +82982,8 @@
<p id="security-3">User agents must throw a <code>SecurityError</code> exception whenever any
properties of a <code>Location</code> object are accessed by scripts whose <span>effective script
origin</span> is not the <span title="same origin">same</span> as the <code>Location</code>
- object's associated <code>Document</code>'s <span>effective script origin</span>, with the
- following exceptions:</p>
+ object's associated <code>Document</code>'s <span>browsing context</span>'s <span>active
+ document</span>'s <span>effective script origin</span>, with the following exceptions:</p>
<ul>
More information about the Commit-Watchers
mailing list