[html5] r7758 - [giow] (3) Allow custom properties on Location objects to work for the Document [...]
whatwg at whatwg.org
whatwg at whatwg.org
Fri Mar 15 16:00:56 PDT 2013
Author: ianh
Date: 2013-03-15 16:00:54 -0700 (Fri, 15 Mar 2013)
New Revision: 7758
Modified:
complete.html
index
source
Log:
[giow] (3) Allow custom properties on Location objects to work for the Document whose Location object it originally was.
Fixing https://www.w3.org/Bugs/Public/show_bug.cgi?id=20701
Affected topics: DOM APIs, Security
Modified: complete.html
===================================================================
--- complete.html 2013-03-15 22:41:36 UTC (rev 7757)
+++ complete.html 2013-03-15 23:00:54 UTC (rev 7758)
@@ -66606,25 +66606,31 @@
<h5 id=security-location><span class=secno>6.5.3.1 </span>Security</h5>
<p id=security-3>User agents must throw a <code><a href=#securityerror>SecurityError</a></code> exception whenever any
- properties of a <code><a href=#location>Location</a></code> object are accessed by scripts whose <a href=#effective-script-origin>effective script
- origin</a> is not the <a href=#same-origin title="same origin">same</a> as the <code><a href=#location>Location</a></code>
- object's associated <code><a href=#document>Document</a></code>'s <a href=#browsing-context>browsing context</a>'s <a href=#active-document>active
- document</a>'s <a href=#effective-script-origin>effective script origin</a>, with the following exceptions:</p>
+ properties of a <code><a href=#location>Location</a></code> object are accessed when the <a href=#entry-script>entry script</a>'s
+ <a href=#effective-script-origin>effective script origin</a> is not the <a href=#same-origin title="same origin">same</a> as the
+ <code><a href=#location>Location</a></code> object's associated <code><a href=#document>Document</a></code>'s <a href=#browsing-context>browsing context</a>'s
+ <a href=#active-document>active document</a>'s <a href=#effective-script-origin>effective script origin</a>, with the following
+ exceptions:</p>
- <ul><li>The <code title=dom-location-href><a href=#dom-location-href>href</a></code> setter, if the script is running in a
- <a href=#browsing-context>browsing context</a> that is <a href=#allowed-to-navigate>allowed to navigate</a> the browsing context with
- which the <code><a href=#location>Location</a></code> object is associated
+ <ul><li>The <code title=dom-location-href><a href=#dom-location-href>href</a></code> setter, if the <a href=#entry-script>entry script</a>'s
+ <a href="#script's-browsing-context">script's browsing context</a> is <a href=#allowed-to-navigate>allowed to navigate</a> the <a href=#browsing-context>browsing
+ context</a> with which the <code><a href=#location>Location</a></code> object is associated
- <li>The <code title=dom-location-replace><a href=#dom-location-replace>replace()</a></code> method, if the script is running in a
- <a href=#browsing-context>browsing context</a> that is <a href=#allowed-to-navigate>allowed to navigate</a> the browsing context with
- which the <code><a href=#location>Location</a></code> object is associated
+ <li>The <code title=dom-location-replace><a href=#dom-location-replace>replace()</a></code> method, if the <a href=#entry-script>entry
+ script</a>'s <a href="#script's-browsing-context">script's browsing context</a> is <a href=#allowed-to-navigate>allowed to navigate</a> the
+ <a href=#browsing-context>browsing context</a> with which the <code><a href=#location>Location</a></code> object is associated
- </ul><p>When a script whose <a href=#effective-script-origin>effective script origin</a> is not the same as the
- <code><a href=#location>Location</a></code> object's associated <code><a href=#document>Document</a></code>'s <a href=#effective-script-origin>effective script
- origin</a> attempts to access that <code><a href=#location>Location</a></code> object's methods or attributes, the
- user agent must act as if any changes to the <code><a href=#location>Location</a></code> object's properties, getters,
- setters, etc, were not present.</p>
+ <li>Any properties not defined in the IDL for the <code><a href=#location>Location</a></code> object or indirectly via
+ one of those properties (e.g. <code title="">toString()</code>, which is defined via the <code title="">stringifier</code> keyword), if the <a href=#entry-script>entry script</a>'s <a href=#effective-script-origin>effective script
+ origin</a> is the <a href=#same-origin>same origin</a> as the <code><a href=#location>Location</a></code> object's associated
+ <code><a href=#document>Document</a></code>'s <a href=#effective-script-origin>effective script origin</a>
+ </ul><p>When the <a href=#entry-script>entry script</a>'s <a href=#effective-script-origin>effective script origin</a> is not the <a href=#same-origin>same
+ origin</a> as the <code><a href=#location>Location</a></code> object's associated <code><a href=#document>Document</a></code>'s
+ <a href=#effective-script-origin>effective script origin</a>, attempts to access that <code><a href=#location>Location</a></code> object's
+ methods or attributes must cause the user agent to act as if any changes to the
+ <code><a href=#location>Location</a></code> object's properties, getters, setters, etc, were not present.</p>
+
<p>For members that return objects (including function objects), each distinct <a href=#effective-script-origin>effective
script origin</a> that is not the same as the <code><a href=#location>Location</a></code> object's
<code><a href=#document>Document</a></code>'s <a href=#effective-script-origin>effective script origin</a> must be provided with a separate set
Modified: index
===================================================================
--- index 2013-03-15 22:41:36 UTC (rev 7757)
+++ index 2013-03-15 23:00:54 UTC (rev 7758)
@@ -66606,25 +66606,31 @@
<h5 id=security-location><span class=secno>6.5.3.1 </span>Security</h5>
<p id=security-3>User agents must throw a <code><a href=#securityerror>SecurityError</a></code> exception whenever any
- properties of a <code><a href=#location>Location</a></code> object are accessed by scripts whose <a href=#effective-script-origin>effective script
- origin</a> is not the <a href=#same-origin title="same origin">same</a> as the <code><a href=#location>Location</a></code>
- object's associated <code><a href=#document>Document</a></code>'s <a href=#browsing-context>browsing context</a>'s <a href=#active-document>active
- document</a>'s <a href=#effective-script-origin>effective script origin</a>, with the following exceptions:</p>
+ properties of a <code><a href=#location>Location</a></code> object are accessed when the <a href=#entry-script>entry script</a>'s
+ <a href=#effective-script-origin>effective script origin</a> is not the <a href=#same-origin title="same origin">same</a> as the
+ <code><a href=#location>Location</a></code> object's associated <code><a href=#document>Document</a></code>'s <a href=#browsing-context>browsing context</a>'s
+ <a href=#active-document>active document</a>'s <a href=#effective-script-origin>effective script origin</a>, with the following
+ exceptions:</p>
- <ul><li>The <code title=dom-location-href><a href=#dom-location-href>href</a></code> setter, if the script is running in a
- <a href=#browsing-context>browsing context</a> that is <a href=#allowed-to-navigate>allowed to navigate</a> the browsing context with
- which the <code><a href=#location>Location</a></code> object is associated
+ <ul><li>The <code title=dom-location-href><a href=#dom-location-href>href</a></code> setter, if the <a href=#entry-script>entry script</a>'s
+ <a href="#script's-browsing-context">script's browsing context</a> is <a href=#allowed-to-navigate>allowed to navigate</a> the <a href=#browsing-context>browsing
+ context</a> with which the <code><a href=#location>Location</a></code> object is associated
- <li>The <code title=dom-location-replace><a href=#dom-location-replace>replace()</a></code> method, if the script is running in a
- <a href=#browsing-context>browsing context</a> that is <a href=#allowed-to-navigate>allowed to navigate</a> the browsing context with
- which the <code><a href=#location>Location</a></code> object is associated
+ <li>The <code title=dom-location-replace><a href=#dom-location-replace>replace()</a></code> method, if the <a href=#entry-script>entry
+ script</a>'s <a href="#script's-browsing-context">script's browsing context</a> is <a href=#allowed-to-navigate>allowed to navigate</a> the
+ <a href=#browsing-context>browsing context</a> with which the <code><a href=#location>Location</a></code> object is associated
- </ul><p>When a script whose <a href=#effective-script-origin>effective script origin</a> is not the same as the
- <code><a href=#location>Location</a></code> object's associated <code><a href=#document>Document</a></code>'s <a href=#effective-script-origin>effective script
- origin</a> attempts to access that <code><a href=#location>Location</a></code> object's methods or attributes, the
- user agent must act as if any changes to the <code><a href=#location>Location</a></code> object's properties, getters,
- setters, etc, were not present.</p>
+ <li>Any properties not defined in the IDL for the <code><a href=#location>Location</a></code> object or indirectly via
+ one of those properties (e.g. <code title="">toString()</code>, which is defined via the <code title="">stringifier</code> keyword), if the <a href=#entry-script>entry script</a>'s <a href=#effective-script-origin>effective script
+ origin</a> is the <a href=#same-origin>same origin</a> as the <code><a href=#location>Location</a></code> object's associated
+ <code><a href=#document>Document</a></code>'s <a href=#effective-script-origin>effective script origin</a>
+ </ul><p>When the <a href=#entry-script>entry script</a>'s <a href=#effective-script-origin>effective script origin</a> is not the <a href=#same-origin>same
+ origin</a> as the <code><a href=#location>Location</a></code> object's associated <code><a href=#document>Document</a></code>'s
+ <a href=#effective-script-origin>effective script origin</a>, attempts to access that <code><a href=#location>Location</a></code> object's
+ methods or attributes must cause the user agent to act as if any changes to the
+ <code><a href=#location>Location</a></code> object's properties, getters, setters, etc, were not present.</p>
+
<p>For members that return objects (including function objects), each distinct <a href=#effective-script-origin>effective
script origin</a> that is not the same as the <code><a href=#location>Location</a></code> object's
<code><a href=#document>Document</a></code>'s <a href=#effective-script-origin>effective script origin</a> must be provided with a separate set
Modified: source
===================================================================
--- source 2013-03-15 22:41:36 UTC (rev 7757)
+++ source 2013-03-15 23:00:54 UTC (rev 7758)
@@ -79224,28 +79224,35 @@
<h5 id="security-location">Security</h5>
<p id="security-3">User agents must throw a <code>SecurityError</code> exception whenever any
- properties of a <code>Location</code> object are accessed by scripts whose <span>effective script
- origin</span> is not the <span title="same origin">same</span> as the <code>Location</code>
- object's associated <code>Document</code>'s <span>browsing context</span>'s <span>active
- document</span>'s <span>effective script origin</span>, with the following exceptions:</p>
+ properties of a <code>Location</code> object are accessed when the <span>entry script</span>'s
+ <span>effective script origin</span> is not the <span title="same origin">same</span> as the
+ <code>Location</code> object's associated <code>Document</code>'s <span>browsing context</span>'s
+ <span>active document</span>'s <span>effective script origin</span>, with the following
+ exceptions:</p>
<ul>
- <li>The <code title="dom-location-href">href</code> setter, if the script is running in a
- <span>browsing context</span> that is <span>allowed to navigate</span> the browsing context with
- which the <code>Location</code> object is associated
+ <li>The <code title="dom-location-href">href</code> setter, if the <span>entry script</span>'s
+ <span>script's browsing context</span> is <span>allowed to navigate</span> the <span>browsing
+ context</span> with which the <code>Location</code> object is associated
- <li>The <code title="dom-location-replace">replace()</code> method, if the script is running in a
- <span>browsing context</span> that is <span>allowed to navigate</span> the browsing context with
- which the <code>Location</code> object is associated
+ <li>The <code title="dom-location-replace">replace()</code> method, if the <span>entry
+ script</span>'s <span>script's browsing context</span> is <span>allowed to navigate</span> the
+ <span>browsing context</span> with which the <code>Location</code> object is associated
+ <li>Any properties not defined in the IDL for the <code>Location</code> object or indirectly via
+ one of those properties (e.g. <code title="">toString()</code>, which is defined via the <code
+ title="">stringifier</code> keyword), if the <span>entry script</span>'s <span>effective script
+ origin</span> is the <span>same origin</span> as the <code>Location</code> object's associated
+ <code>Document</code>'s <span>effective script origin</span>
+
</ul>
- <p>When a script whose <span>effective script origin</span> is not the same as the
- <code>Location</code> object's associated <code>Document</code>'s <span>effective script
- origin</span> attempts to access that <code>Location</code> object's methods or attributes, the
- user agent must act as if any changes to the <code>Location</code> object's properties, getters,
- setters, etc, were not present.</p>
+ <p>When the <span>entry script</span>'s <span>effective script origin</span> is not the <span>same
+ origin</span> as the <code>Location</code> object's associated <code>Document</code>'s
+ <span>effective script origin</span>, attempts to access that <code>Location</code> object's
+ methods or attributes must cause the user agent to act as if any changes to the
+ <code>Location</code> object's properties, getters, setters, etc, were not present.</p>
<p>For members that return objects (including function objects), each distinct <span>effective
script origin</span> that is not the same as the <code>Location</code> object's
More information about the Commit-Watchers
mailing list