[html5] r8353 - [e] (0) Try to clarify the ping='' header requirements. Fixing https://www.w3.or [...]

whatwg at whatwg.org whatwg at whatwg.org
Fri Dec 13 09:49:44 PST 2013 

Author: ianh
Date: 2013-12-13 09:49:42 -0800 (Fri, 13 Dec 2013)
New Revision: 8353

Modified:
   complete.html
   index
   source
Log:
[e] (0) Try to clarify the ping='' header requirements.
Fixing https://www.w3.org/Bugs/Public/show_bug.cgi?id=24086
Affected topics: HTML

Modified: complete.html
===================================================================
--- complete.html	2013-12-13 17:32:57 UTC (rev 8352)
+++ complete.html	2013-12-13 17:49:42 UTC (rev 8353)
@@ -32299,12 +32299,13 @@
 
   <h5 id=hyperlink-auditing><span class=secno>4.8.4.1 </span><dfn>Hyperlink auditing</dfn></h5>
 
+<!--CLEANUP-->
   <p>If a <a href=#hyperlink>hyperlink</a> created by an <code><a href=#the-a-element>a</a></code> or <code><a href=#the-area-element>area</a></code> element has a
   <code title=attr-hyperlink-ping><a href=#ping>ping</a></code> attribute, and the user follows the hyperlink, and
   the value of the element's <code title=attr-hyperlink-href><a href=#attr-hyperlink-href>href</a></code> attribute can be <a href=#resolve-a-url title="resolve a url">resolved</a>, relative to the element, without failure, then the user
   agent must take the <code title=attr-hyperlink-ping><a href=#ping>ping</a></code> attribute's value, <a href=#split-a-string-on-spaces title="split a string on spaces">split that string on spaces</a>, <a href=#resolve-a-url title="resolve a
-  url">resolve</a> each resulting token relative to the element, and then each of the resulting
-  <a href=#absolute-url title="absolute URL">absolute URLs</a> should be <a href=#fetch title=fetch>fetched</a><!--FETCH--> from the <a href=#origin>origin</a> of the <code><a href=#document>Document</a></code>
+  url">resolve</a> each resulting token relative to the element, and then each <a href=#resulting-absolute-url title="resulting absolute URL">resulting
+  absolute URL</a> <var title="">ping URL</var> should be <a href=#fetch title=fetch>fetched</a><!--FETCH--> from the <a href=#origin>origin</a> of the <code><a href=#document>Document</a></code>
   containing the <a href=#hyperlink>hyperlink</a> <!-- not http-origin privacy sensitive --> (as described
   below). (Tokens that fail to resolve are ignored.) This may be done in parallel with the primary
   request, and is independent of the result of that request.</p>
@@ -32314,20 +32315,23 @@
   Based on the user's preferences, UAs may either <a href=#ignore>ignore</a> the <code title=attr-hyperlink-ping><a href=#ping>ping</a></code> attribute altogether, or selectively ignore URLs in the
   list (e.g. ignoring any third-party URLs).</p>
 
-  <p>For URLs that are HTTP URLs, the requests must be performed using the POST method, with an
+<!--CLEANUP-->
+  <p>For each <var title="">ping URL</var> that is an HTTP URL, the request must be performed using the POST method, with an
   entity body with the <a href=#mime-type>MIME type</a> <code><a href=#text/ping>text/ping</a></code> consisting of the
   four-character string "<code title="">PING</code>". All relevant cookie and HTTP authentication
   headers must be included in the request. Which other headers are required depends on the URLs
-  involved.</p>
+  involved, as follows. For the purposes of these requirements, <var title="">target URL</var> is the
+  <a href=#resulting-absolute-url>resulting absolute URL</a> obtained from <a href=#resolve-a-url title="resolve a url">resolving</a>
+  the value of the element's <code title=attr-hyperlink-href><a href=#attr-hyperlink-href>href</a></code> attribute.</p>
 
-  <dl class=switch><dt>If both the <a href="#the-document's-address" title="the document's address">address</a> of the <code><a href=#document>Document</a></code>
-   object containing the hyperlink being audited and the ping URL have the <a href=#same-origin>same
+  <dl class=switch><!--CLEANUP--><dt>If both the <a href="#the-document's-address" title="the document's address">address</a> of the <code><a href=#document>Document</a></code>
+   object containing the hyperlink being audited and <var title="">ping URL</var> have the <a href=#same-origin>same
    origin</a></dt>
 
    <dd>The request must include a <code title=http-ping-from><a href=#ping-from>Ping-From</a></code> HTTP header with, as
    its value, the <a href="#the-document's-address" title="the document's address">address</a> of the document containing the
    hyperlink, and a <code title=http-ping-to><a href=#ping-to>Ping-To</a></code> HTTP header with, as its value, the
-   address of the <a href=#absolute-url>absolute URL</a> of the target of the hyperlink. The request must not
+   <var title="">target URL</var>. The request must not
    include a <code title=http-referer>Referer</code> (sic) HTTP header. <!-- because otherwise it
    would look like a trustable same-origin POST --></dd>
 
@@ -32337,14 +32341,14 @@
    <dd>The request must include a <code title=http-referer>Referer</code> (sic) HTTP header with,
    as its value, the <a href="#the-document's-address" title="the document's address">address</a> of the document containing
    the hyperlink, a <code title=http-ping-from><a href=#ping-from>Ping-From</a></code> HTTP header with the same value,
-   and a <code title=http-ping-to><a href=#ping-to>Ping-To</a></code> HTTP header with, as its value, the address of
-   the target of the hyperlink.</dd>
+   and a <code title=http-ping-to><a href=#ping-to>Ping-To</a></code> HTTP header with, as its value, <var title="">target URL</var>.</dd>
 
    <dt>Otherwise, the origins are different and the document containing the hyperlink being audited
    was retrieved over an encrypted connection</dt>
 
+<!--CLEANUP-->
    <dd>The request must include a <code title=http-ping-to><a href=#ping-to>Ping-To</a></code> HTTP header with, as its
-   value, the address of the target of the hyperlink. The request must neither include a <code title=http-referer>Referer</code> (sic) HTTP header nor include a <code title=http-ping-from><a href=#ping-from>Ping-From</a></code> HTTP header.</dd>
+   value, <var title="">target URL</var>. The request must neither include a <code title=http-referer>Referer</code> (sic) HTTP header nor include a <code title=http-ping-from><a href=#ping-from>Ping-From</a></code> HTTP header.</dd>
 
   </dl><p class=note>To save bandwidth, implementors might also wish to consider omitting optional
   headers such as <code>Accept</code> from these requests.</p>

Modified: index
===================================================================
--- index	2013-12-13 17:32:57 UTC (rev 8352)
+++ index	2013-12-13 17:49:42 UTC (rev 8353)
@@ -32299,12 +32299,13 @@
 
   <h5 id=hyperlink-auditing><span class=secno>4.8.4.1 </span><dfn>Hyperlink auditing</dfn></h5>
 
+<!--CLEANUP-->
   <p>If a <a href=#hyperlink>hyperlink</a> created by an <code><a href=#the-a-element>a</a></code> or <code><a href=#the-area-element>area</a></code> element has a
   <code title=attr-hyperlink-ping><a href=#ping>ping</a></code> attribute, and the user follows the hyperlink, and
   the value of the element's <code title=attr-hyperlink-href><a href=#attr-hyperlink-href>href</a></code> attribute can be <a href=#resolve-a-url title="resolve a url">resolved</a>, relative to the element, without failure, then the user
   agent must take the <code title=attr-hyperlink-ping><a href=#ping>ping</a></code> attribute's value, <a href=#split-a-string-on-spaces title="split a string on spaces">split that string on spaces</a>, <a href=#resolve-a-url title="resolve a
-  url">resolve</a> each resulting token relative to the element, and then each of the resulting
-  <a href=#absolute-url title="absolute URL">absolute URLs</a> should be <a href=#fetch title=fetch>fetched</a><!--FETCH--> from the <a href=#origin>origin</a> of the <code><a href=#document>Document</a></code>
+  url">resolve</a> each resulting token relative to the element, and then each <a href=#resulting-absolute-url title="resulting absolute URL">resulting
+  absolute URL</a> <var title="">ping URL</var> should be <a href=#fetch title=fetch>fetched</a><!--FETCH--> from the <a href=#origin>origin</a> of the <code><a href=#document>Document</a></code>
   containing the <a href=#hyperlink>hyperlink</a> <!-- not http-origin privacy sensitive --> (as described
   below). (Tokens that fail to resolve are ignored.) This may be done in parallel with the primary
   request, and is independent of the result of that request.</p>
@@ -32314,20 +32315,23 @@
   Based on the user's preferences, UAs may either <a href=#ignore>ignore</a> the <code title=attr-hyperlink-ping><a href=#ping>ping</a></code> attribute altogether, or selectively ignore URLs in the
   list (e.g. ignoring any third-party URLs).</p>
 
-  <p>For URLs that are HTTP URLs, the requests must be performed using the POST method, with an
+<!--CLEANUP-->
+  <p>For each <var title="">ping URL</var> that is an HTTP URL, the request must be performed using the POST method, with an
   entity body with the <a href=#mime-type>MIME type</a> <code><a href=#text/ping>text/ping</a></code> consisting of the
   four-character string "<code title="">PING</code>". All relevant cookie and HTTP authentication
   headers must be included in the request. Which other headers are required depends on the URLs
-  involved.</p>
+  involved, as follows. For the purposes of these requirements, <var title="">target URL</var> is the
+  <a href=#resulting-absolute-url>resulting absolute URL</a> obtained from <a href=#resolve-a-url title="resolve a url">resolving</a>
+  the value of the element's <code title=attr-hyperlink-href><a href=#attr-hyperlink-href>href</a></code> attribute.</p>
 
-  <dl class=switch><dt>If both the <a href="#the-document's-address" title="the document's address">address</a> of the <code><a href=#document>Document</a></code>
-   object containing the hyperlink being audited and the ping URL have the <a href=#same-origin>same
+  <dl class=switch><!--CLEANUP--><dt>If both the <a href="#the-document's-address" title="the document's address">address</a> of the <code><a href=#document>Document</a></code>
+   object containing the hyperlink being audited and <var title="">ping URL</var> have the <a href=#same-origin>same
    origin</a></dt>
 
    <dd>The request must include a <code title=http-ping-from><a href=#ping-from>Ping-From</a></code> HTTP header with, as
    its value, the <a href="#the-document's-address" title="the document's address">address</a> of the document containing the
    hyperlink, and a <code title=http-ping-to><a href=#ping-to>Ping-To</a></code> HTTP header with, as its value, the
-   address of the <a href=#absolute-url>absolute URL</a> of the target of the hyperlink. The request must not
+   <var title="">target URL</var>. The request must not
    include a <code title=http-referer>Referer</code> (sic) HTTP header. <!-- because otherwise it
    would look like a trustable same-origin POST --></dd>
 
@@ -32337,14 +32341,14 @@
    <dd>The request must include a <code title=http-referer>Referer</code> (sic) HTTP header with,
    as its value, the <a href="#the-document's-address" title="the document's address">address</a> of the document containing
    the hyperlink, a <code title=http-ping-from><a href=#ping-from>Ping-From</a></code> HTTP header with the same value,
-   and a <code title=http-ping-to><a href=#ping-to>Ping-To</a></code> HTTP header with, as its value, the address of
-   the target of the hyperlink.</dd>
+   and a <code title=http-ping-to><a href=#ping-to>Ping-To</a></code> HTTP header with, as its value, <var title="">target URL</var>.</dd>
 
    <dt>Otherwise, the origins are different and the document containing the hyperlink being audited
    was retrieved over an encrypted connection</dt>
 
+<!--CLEANUP-->
    <dd>The request must include a <code title=http-ping-to><a href=#ping-to>Ping-To</a></code> HTTP header with, as its
-   value, the address of the target of the hyperlink. The request must neither include a <code title=http-referer>Referer</code> (sic) HTTP header nor include a <code title=http-ping-from><a href=#ping-from>Ping-From</a></code> HTTP header.</dd>
+   value, <var title="">target URL</var>. The request must neither include a <code title=http-referer>Referer</code> (sic) HTTP header nor include a <code title=http-ping-from><a href=#ping-from>Ping-From</a></code> HTTP header.</dd>
 
   </dl><p class=note>To save bandwidth, implementors might also wish to consider omitting optional
   headers such as <code>Accept</code> from these requests.</p>

Modified: source
===================================================================
--- source	2013-12-13 17:32:57 UTC (rev 8352)
+++ source	2013-12-13 17:49:42 UTC (rev 8353)
@@ -35011,14 +35011,15 @@
 
   <h5><dfn>Hyperlink auditing</dfn></h5>
 
+<!--CLEANUP-->
   <p>If a <span>hyperlink</span> created by an <code>a</code> or <code>area</code> element has a
   <code data-x="attr-hyperlink-ping">ping</code> attribute, and the user follows the hyperlink, and
   the value of the element's <code data-x="attr-hyperlink-href">href</code> attribute can be <span
   data-x="resolve a url">resolved</span>, relative to the element, without failure, then the user
   agent must take the <code data-x="attr-hyperlink-ping">ping</code> attribute's value, <span
   data-x="split a string on spaces">split that string on spaces</span>, <span data-x="resolve a
-  url">resolve</span> each resulting token relative to the element, and then each of the resulting
-  <span data-x="absolute URL">absolute URLs</span> should be <span
+  url">resolve</span> each resulting token relative to the element, and then each <span data-x="resulting absolute URL">resulting
+  absolute URL</span> <var data-x="">ping URL</var> should be <span
   data-x="fetch">fetched</span><!--FETCH--> from the <span>origin</span> of the <code>Document</code>
   containing the <span>hyperlink</span> <!-- not http-origin privacy sensitive --> (as described
   below). (Tokens that fail to resolve are ignored.) This may be done in parallel with the primary
@@ -35030,22 +35031,26 @@
   data-x="attr-hyperlink-ping">ping</code> attribute altogether, or selectively ignore URLs in the
   list (e.g. ignoring any third-party URLs).</p>
 
-  <p>For URLs that are HTTP URLs, the requests must be performed using the POST method, with an
+<!--CLEANUP-->
+  <p>For each <var data-x="">ping URL</var> that is an HTTP URL, the request must be performed using the POST method, with an
   entity body with the <span>MIME type</span> <code>text/ping</code> consisting of the
   four-character string "<code data-x="">PING</code>". All relevant cookie and HTTP authentication
   headers must be included in the request. Which other headers are required depends on the URLs
-  involved.</p>
+  involved, as follows. For the purposes of these requirements, <var data-x="">target URL</var> is the
+  <span>resulting absolute URL</span> obtained from <span data-x="resolve a url">resolving</span>
+  the value of the element's <code data-x="attr-hyperlink-href">href</code> attribute.</p>
 
   <dl class="switch">
 
+<!--CLEANUP-->
    <dt>If both the <span data-x="the document's address">address</span> of the <code>Document</code>
-   object containing the hyperlink being audited and the ping URL have the <span>same
+   object containing the hyperlink being audited and <var data-x="">ping URL</var> have the <span>same
    origin</span></dt>
 
    <dd>The request must include a <code data-x="http-ping-from">Ping-From</code> HTTP header with, as
    its value, the <span data-x="the document's address">address</span> of the document containing the
    hyperlink, and a <code data-x="http-ping-to">Ping-To</code> HTTP header with, as its value, the
-   address of the <span>absolute URL</span> of the target of the hyperlink. The request must not
+   <var data-x="">target URL</var>. The request must not
    include a <code data-x="http-referer">Referer</code> (sic) HTTP header. <!-- because otherwise it
    would look like a trustable same-origin POST --></dd>
 
@@ -35055,14 +35060,15 @@
    <dd>The request must include a <code data-x="http-referer">Referer</code> (sic) HTTP header with,
    as its value, the <span data-x="the document's address">address</span> of the document containing
    the hyperlink, a <code data-x="http-ping-from">Ping-From</code> HTTP header with the same value,
-   and a <code data-x="http-ping-to">Ping-To</code> HTTP header with, as its value, the address of
-   the target of the hyperlink.</dd>
+   and a <code data-x="http-ping-to">Ping-To</code> HTTP header with, as its value, <var
+   data-x="">target URL</var>.</dd>
 
    <dt>Otherwise, the origins are different and the document containing the hyperlink being audited
    was retrieved over an encrypted connection</dt>
 
+<!--CLEANUP-->
    <dd>The request must include a <code data-x="http-ping-to">Ping-To</code> HTTP header with, as its
-   value, the address of the target of the hyperlink. The request must neither include a <code
+   value, <var data-x="">target URL</var>. The request must neither include a <code
    data-x="http-referer">Referer</code> (sic) HTTP header nor include a <code
    data-x="http-ping-from">Ping-From</code> HTTP header.</dd>

More information about the Commit-Watchers mailing list