Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
[] (0) Clarify that sandbox's origin features only take effect at nav…
…igation.

git-svn-id: http://svn.whatwg.org/webapps@2824 340c8d12-0b0e-0410-8428-c7bf67bfef74
  • Loading branch information
Hixie committed Feb 13, 2009
1 parent 05bbbb6 commit f7eca9d
Show file tree
Hide file tree
Showing 2 changed files with 28 additions and 14 deletions.
21 changes: 14 additions & 7 deletions index
Expand Up @@ -6400,9 +6400,10 @@ interface <dfn id=htmldocument>HTMLDocument</dfn> {
<p id=sandboxCookies>On getting, if the document is not associated
with a <a href=#browsing-context>browsing context</a> then the user agent must raise
an <code><a href=#invalid_state_err>INVALID_STATE_ERR</a></code> exception. Otherwise, if the
<a href=#sandboxed-origin-browsing-context-flag>sandboxed origin browsing context flag</a> is set on the
<a href=#browsing-context>browsing context</a> of the document, the user agent must
raise a <code><a href=#security_err>SECURITY_ERR</a></code> exception. Otherwise, if <a href="#the-document's-address">the
<a href=#sandboxed-origin-browsing-context-flag>sandboxed origin browsing context flag</a> was set on the
<a href=#browsing-context>browsing context</a> of the <code>Document</code> when the
<code>Document</code> was created, the user agent must raise a
<code><a href=#security_err>SECURITY_ERR</a></code> exception. Otherwise, if <a href="#the-document's-address">the
document's address</a> does not use a server-based naming
authority, it must return the empty string. Otherwise, it must
return the same string as the value of the <code title="">Cookie</code> HTTP header it would include if <a href=#fetch title=fetch>fetching</a> the resource indicated by <a href="#the-document's-address">the
Expand All @@ -6412,9 +6413,10 @@ interface <dfn id=htmldocument>HTMLDocument</dfn> {
<p>On setting, if the document is not associated with a
<a href=#browsing-context>browsing context</a> then the user agent must raise an
<code><a href=#invalid_state_err>INVALID_STATE_ERR</a></code> exception. Otherwise, if the
<a href=#sandboxed-origin-browsing-context-flag>sandboxed origin browsing context flag</a> is set on the
<a href=#browsing-context>browsing context</a> of the document, the user agent must
raise a <code><a href=#security_err>SECURITY_ERR</a></code> exception. Otherwise, if <a href="#the-document's-address">the
<a href=#sandboxed-origin-browsing-context-flag>sandboxed origin browsing context flag</a> was set on the
<a href=#browsing-context>browsing context</a> of the <code>Document</code> when the
<code>Document</code> was created, the user agent must raise a
<code><a href=#security_err>SECURITY_ERR</a></code> exception. Otherwise, if <a href="#the-document's-address">the
document's address</a> does not use a server-based naming
authority, it must do nothing. Otherwise, the user agent must act as
it would when processing cookies if it had just attempted to
Expand Down Expand Up @@ -16752,6 +16754,10 @@ href="?audio"&gt;audio&lt;/a&gt; test instead.)&lt;/p&gt;</pre>

</div>

<p class=warning>This flag only takes effect when the
<a href=#nested-browsing-context>nested browsing context</a> of the <code><a href=#the-iframe-element>iframe</a></code> is
<a href=#navigate title=navigate>navigated</a>.</p>

</dd>


Expand Down Expand Up @@ -35013,7 +35019,8 @@ interface <dfn id=window>Window</dfn> {

<dl class=switch><dt id=sandboxOrigin>If a <code>Document</code> is in a
<a href=#browsing-context>browsing context</a> whose <a href=#sandboxed-origin-browsing-context-flag>sandboxed origin
browsing context flag</a> is set</dt>
browsing context flag</a> was set when the
<code>Document</code> was created</dt>

<dd>The <a href=#origin-0>origin</a> is a globally unique identifier
assigned when the <code>Document</code> is created.</dd>
Expand Down
21 changes: 14 additions & 7 deletions source
Expand Up @@ -6391,9 +6391,10 @@ interface <dfn>HTMLDocument</dfn> {
<p id="sandboxCookies">On getting, if the document is not associated
with a <span>browsing context</span> then the user agent must raise
an <code>INVALID_STATE_ERR</code> exception. Otherwise, if the
<span>sandboxed origin browsing context flag</span> is set on the
<span>browsing context</span> of the document, the user agent must
raise a <code>SECURITY_ERR</code> exception. Otherwise, if <span>the
<span>sandboxed origin browsing context flag</span> was set on the
<span>browsing context</span> of the <code>Document</code> when the
<code>Document</code> was created, the user agent must raise a
<code>SECURITY_ERR</code> exception. Otherwise, if <span>the
document's address</span> does not use a server-based naming
authority, it must return the empty string. Otherwise, it must
return the same string as the value of the <code
Expand All @@ -6407,9 +6408,10 @@ interface <dfn>HTMLDocument</dfn> {
<p>On setting, if the document is not associated with a
<span>browsing context</span> then the user agent must raise an
<code>INVALID_STATE_ERR</code> exception. Otherwise, if the
<span>sandboxed origin browsing context flag</span> is set on the
<span>browsing context</span> of the document, the user agent must
raise a <code>SECURITY_ERR</code> exception. Otherwise, if <span>the
<span>sandboxed origin browsing context flag</span> was set on the
<span>browsing context</span> of the <code>Document</code> when the
<code>Document</code> was created, the user agent must raise a
<code>SECURITY_ERR</code> exception. Otherwise, if <span>the
document's address</span> does not use a server-based naming
authority, it must do nothing. Otherwise, the user agent must act as
it would when processing cookies if it had just attempted to
Expand Down Expand Up @@ -17876,6 +17878,10 @@ href="?audio">audio&lt;/a> test instead.)&lt;/p></pre>

</div>

<p class="warning">This flag only takes effect when the
<span>nested browsing context</span> of the <code>iframe</code> is
<span title="navigate">navigated</span>.</p>

</dd>


Expand Down Expand Up @@ -39776,7 +39782,8 @@ interface <dfn>Window</dfn> {

<dt id="sandboxOrigin">If a <code>Document</code> is in a
<span>browsing context</span> whose <span>sandboxed origin
browsing context flag</span> is set</dt>
browsing context flag</span> was set when the
<code>Document</code> was created</dt>

<dd>The <span>origin</span> is a globally unique identifier
assigned when the <code>Document</code> is created.</dd>
Expand Down

0 comments on commit f7eca9d

Please sign in to comment.