[html5] r8302 - [giow] (1) Kill History objects on non-active docs Fixing https://www.w3.org/Bug [...]

whatwg at whatwg.org whatwg at whatwg.org
Tue Nov 19 15:20:30 PST 2013 

Author: ianh
Date: 2013-11-19 15:20:29 -0800 (Tue, 19 Nov 2013)
New Revision: 8302

Modified:
   complete.html
   index
   source
Log:
[giow] (1) Kill History objects on non-active docs
Fixing https://www.w3.org/Bugs/Public/show_bug.cgi?id=23359
Affected topics: DOM APIs, Offline Web Applications, Security

Modified: complete.html
===================================================================
--- complete.html	2013-11-19 22:24:50 UTC (rev 8301)
+++ complete.html	2013-11-19 23:20:29 UTC (rev 8302)
@@ -65870,6 +65870,13 @@
 
   <div class=impl>
 
+<!--ADD-TOPIC:Security-->
+  <p>All the getters and setters for attributes, and all the methods, defined on the
+  <code><a href=#history-0>History</a></code> interface, when invoked on a <code><a href=#history-0>History</a></code> object associated with a
+  <code><a href=#document>Document</a></code> that is not <a href=#fully-active>fully active</a>, must throw a
+  <code><a href=#securityerror>SecurityError</a></code> exception instead of operating as described below.</p>
+<!--REMOVE-TOPIC:Security-->
+
   <p>The <dfn id=dom-history-length title=dom-history-length><code>length</code></dfn> attribute of the
   <code><a href=#history-0>History</a></code> interface must return the number of entries in the <a href=#top-level-browsing-context>top-level browsing
   context</a>'s <a href=#joint-session-history>joint session history</a>.</p>
@@ -68852,9 +68859,11 @@
 
       <p>If either fails, then jump back to the step labeled <i>start of line</i>.</p>
 
+<!--ADD-TOPIC:Security-->
       <p>If the <a href=#absolute-url>absolute URL</a> corresponding to either <var title="">part one</var> or
       <var title="">part two</var> does not have the <a href=#same-origin>same origin</a> as the manifest's URL,
       then jump back to the step labeled <i>start of line</i>.</p> <!-- SECURITY -->
+<!--REMOVE-TOPIC:Security-->
 
       <p>Let <var title="">part one</var> be the result of applying the <a href=#concept-url-serializer title=concept-url-serializer>URL serializer</a> algorithm to the first resulting
       <a href=#parsed-url>parsed URL</a>, with the <i>exclude fragment flag</i> set.</p>

Modified: index
===================================================================
--- index	2013-11-19 22:24:50 UTC (rev 8301)
+++ index	2013-11-19 23:20:29 UTC (rev 8302)
@@ -65870,6 +65870,13 @@
 
   <div class=impl>
 
+<!--ADD-TOPIC:Security-->
+  <p>All the getters and setters for attributes, and all the methods, defined on the
+  <code><a href=#history-0>History</a></code> interface, when invoked on a <code><a href=#history-0>History</a></code> object associated with a
+  <code><a href=#document>Document</a></code> that is not <a href=#fully-active>fully active</a>, must throw a
+  <code><a href=#securityerror>SecurityError</a></code> exception instead of operating as described below.</p>
+<!--REMOVE-TOPIC:Security-->
+
   <p>The <dfn id=dom-history-length title=dom-history-length><code>length</code></dfn> attribute of the
   <code><a href=#history-0>History</a></code> interface must return the number of entries in the <a href=#top-level-browsing-context>top-level browsing
   context</a>'s <a href=#joint-session-history>joint session history</a>.</p>
@@ -68852,9 +68859,11 @@
 
       <p>If either fails, then jump back to the step labeled <i>start of line</i>.</p>
 
+<!--ADD-TOPIC:Security-->
       <p>If the <a href=#absolute-url>absolute URL</a> corresponding to either <var title="">part one</var> or
       <var title="">part two</var> does not have the <a href=#same-origin>same origin</a> as the manifest's URL,
       then jump back to the step labeled <i>start of line</i>.</p> <!-- SECURITY -->
+<!--REMOVE-TOPIC:Security-->
 
       <p>Let <var title="">part one</var> be the result of applying the <a href=#concept-url-serializer title=concept-url-serializer>URL serializer</a> algorithm to the first resulting
       <a href=#parsed-url>parsed URL</a>, with the <i>exclude fragment flag</i> set.</p>

Modified: source
===================================================================
--- source	2013-11-19 22:24:50 UTC (rev 8301)
+++ source	2013-11-19 23:20:29 UTC (rev 8302)
@@ -73352,6 +73352,13 @@
 
   <div class="impl">
 
+<!--ADD-TOPIC:Security-->
+  <p>All the getters and setters for attributes, and all the methods, defined on the
+  <code>History</code> interface, when invoked on a <code>History</code> object associated with a
+  <code>Document</code> that is not <span>fully active</span>, must throw a
+  <code>SecurityError</code> exception instead of operating as described below.</p>
+<!--REMOVE-TOPIC:Security-->
+
   <p>The <dfn data-x="dom-history-length"><code>length</code></dfn> attribute of the
   <code>History</code> interface must return the number of entries in the <span>top-level browsing
   context</span>'s <span>joint session history</span>.</p>
@@ -76772,9 +76779,11 @@
 
       <p>If either fails, then jump back to the step labeled <i>start of line</i>.</p>
 
+<!--ADD-TOPIC:Security-->
       <p>If the <span>absolute URL</span> corresponding to either <var data-x="">part one</var> or
       <var data-x="">part two</var> does not have the <span>same origin</span> as the manifest's URL,
       then jump back to the step labeled <i>start of line</i>.</p> <!-- SECURITY -->
+<!--REMOVE-TOPIC:Security-->
 
       <p>Let <var data-x="">part one</var> be the result of applying the <span
       data-x="concept-url-serializer">URL serializer</span> algorithm to the first resulting

More information about the Commit-Watchers mailing list