Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
[giow] (1) mitigate the risk of autofocus being used in script-less X…
…SS scenarios to transfer focus to hostile forms

Fixing http://www.w3.org/Bugs/Public/show_bug.cgi?id=9602

git-svn-id: http://svn.whatwg.org/webapps@5465 340c8d12-0b0e-0410-8428-c7bf67bfef74
  • Loading branch information
Hixie committed Sep 10, 2010
1 parent e4d5079 commit 1eec5c0
Show file tree
Hide file tree
Showing 3 changed files with 68 additions and 18 deletions.
28 changes: 22 additions & 6 deletions complete.html
Expand Up @@ -45442,15 +45442,31 @@ <h5 id=autofocusing-a-form-control><span class=secno>4.10.19.4 </span>Autofocusi
<a href=#insert-an-element-into-a-document title="insert an element into a document">inserted into a
document</a>, user agents should run the following steps:</p>

<ol><li><p>If the <code><a href=#document>Document</a></code>'s <a href=#browsing-context>browsing context</a>
had the <a href=#sandboxed-automatic-features-browsing-context-flag>sandboxed automatic features browsing context
flag</a> set when the <code><a href=#document>Document</a></code> was created, abort
these steps.</li>
<ol><li><p>Let <var title="">target</var> be the element's
<code><a href=#document>Document</a></code>.</li>

<li><p>If <var title="">target</var>'s <a href=#browsing-context>browsing
context</a> had the <a href=#sandboxed-automatic-features-browsing-context-flag>sandboxed automatic features browsing
context flag</a> set when <var title="">target</var> was
created, abort these steps.</li>

<li><p>If <var title="">target</var>'s <a href=#origin>origin</a> is not
the <a href=#same-origin title="same origin">same</a> as the
<a href=#origin>origin</a> of the <code><a href=#document>Document</a></code> of the currently
focused element in <var title="">target</var>'s <a href=#top-level-browsing-context>top-level
browsing context</a>, abort these steps.</li>

<li><p>If <var title="">target</var>'s <a href=#origin>origin</a> is not
the <a href=#same-origin title="same origin">same</a> as the
<a href=#origin>origin</a> of the <a href=#active-document>active document</a> of <var title="">target</var>'s <a href=#top-level-browsing-context>top-level browsing context</a>,
abort these steps.</li>

<li><p>If the user agent has already reached the last step of this
list of steps in response to an element being <a href=#insert-an-element-into-a-document title="insert
an element into a document">inserted</a> into this
<code><a href=#document>Document</a></code>, abort these steps.</li>
an element into a document">inserted</a> into a
<code><a href=#document>Document</a></code> whose <a href=#top-level-browsing-context>top-level browsing
context</a>'s <a href=#active-document>active document</a> is the same as <var title="">target</var>'s <a href=#top-level-browsing-context>top-level browsing context</a>'s
<a href=#active-document>active document</a>, abort these steps.</li>

<li><p>If the user has indicated (for example, by starting to type
in a form control) that he does not wish focus to be changed, then
Expand Down
28 changes: 22 additions & 6 deletions index
Expand Up @@ -45422,15 +45422,31 @@ out of 233&thinsp;257&thinsp;824 bytes available&lt;/meter&gt;&lt;/p&gt;</pre>
<a href=#insert-an-element-into-a-document title="insert an element into a document">inserted into a
document</a>, user agents should run the following steps:</p>

<ol><li><p>If the <code><a href=#document>Document</a></code>'s <a href=#browsing-context>browsing context</a>
had the <a href=#sandboxed-automatic-features-browsing-context-flag>sandboxed automatic features browsing context
flag</a> set when the <code><a href=#document>Document</a></code> was created, abort
these steps.</li>
<ol><li><p>Let <var title="">target</var> be the element's
<code><a href=#document>Document</a></code>.</li>

<li><p>If <var title="">target</var>'s <a href=#browsing-context>browsing
context</a> had the <a href=#sandboxed-automatic-features-browsing-context-flag>sandboxed automatic features browsing
context flag</a> set when <var title="">target</var> was
created, abort these steps.</li>

<li><p>If <var title="">target</var>'s <a href=#origin>origin</a> is not
the <a href=#same-origin title="same origin">same</a> as the
<a href=#origin>origin</a> of the <code><a href=#document>Document</a></code> of the currently
focused element in <var title="">target</var>'s <a href=#top-level-browsing-context>top-level
browsing context</a>, abort these steps.</li>

<li><p>If <var title="">target</var>'s <a href=#origin>origin</a> is not
the <a href=#same-origin title="same origin">same</a> as the
<a href=#origin>origin</a> of the <a href=#active-document>active document</a> of <var title="">target</var>'s <a href=#top-level-browsing-context>top-level browsing context</a>,
abort these steps.</li>

<li><p>If the user agent has already reached the last step of this
list of steps in response to an element being <a href=#insert-an-element-into-a-document title="insert
an element into a document">inserted</a> into this
<code><a href=#document>Document</a></code>, abort these steps.</li>
an element into a document">inserted</a> into a
<code><a href=#document>Document</a></code> whose <a href=#top-level-browsing-context>top-level browsing
context</a>'s <a href=#active-document>active document</a> is the same as <var title="">target</var>'s <a href=#top-level-browsing-context>top-level browsing context</a>'s
<a href=#active-document>active document</a>, abort these steps.</li>

<li><p>If the user has indicated (for example, by starting to type
in a form control) that he does not wish focus to be changed, then
Expand Down
30 changes: 24 additions & 6 deletions source
Expand Up @@ -50944,15 +50944,33 @@ out of 233&#x2009;257&#x2009;824 bytes available&lt;/meter>&lt;/p></pre>

<ol>

<li><p>If the <code>Document</code>'s <span>browsing context</span>
had the <span>sandboxed automatic features browsing context
flag</span> set when the <code>Document</code> was created, abort
these steps.</p></li>
<li><p>Let <var title="">target</var> be the element's
<code>Document</code>.</p></li>

<li><p>If <var title="">target</var>'s <span>browsing
context</span> had the <span>sandboxed automatic features browsing
context flag</span> set when <var title="">target</var> was
created, abort these steps.</p></li>

<li><p>If <var title="">target</var>'s <span>origin</span> is not
the <span title="same origin">same</span> as the
<span>origin</span> of the <code>Document</code> of the currently
focused element in <var title="">target</var>'s <span>top-level
browsing context</span>, abort these steps.</p></li>

<li><p>If <var title="">target</var>'s <span>origin</span> is not
the <span title="same origin">same</span> as the
<span>origin</span> of the <span>active document</span> of <var
title="">target</var>'s <span>top-level browsing context</span>,
abort these steps.</p></li>

<li><p>If the user agent has already reached the last step of this
list of steps in response to an element being <span title="insert
an element into a document">inserted</span> into this
<code>Document</code>, abort these steps.</p></li>
an element into a document">inserted</span> into a
<code>Document</code> whose <span>top-level browsing
context</span>'s <span>active document</span> is the same as <var
title="">target</var>'s <span>top-level browsing context</span>'s
<span>active document</span>, abort these steps.</p></li>

<li><p>If the user has indicated (for example, by starting to type
in a form control) that he does not wish focus to be changed, then
Expand Down

0 comments on commit 1eec5c0

Please sign in to comment.