Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
[giow] (3) Fix <area> to match <a> in terms of security checking. Als…
…o, some editorial fixes.

Fixing https://www.w3.org/Bugs/Public/show_bug.cgi?id=21654
Affected topics: DOM APIs, HTML, Video Text Tracks, Workers

git-svn-id: http://svn.whatwg.org/webapps@7836 340c8d12-0b0e-0410-8428-c7bf67bfef74
  • Loading branch information
Hixie committed Apr 15, 2013
1 parent f341b90 commit 464ab10
Show file tree
Hide file tree
Showing 3 changed files with 114 additions and 53 deletions.
50 changes: 34 additions & 16 deletions complete.html
Expand Up @@ -19052,6 +19052,7 @@ <h4 id=the-a-element><span class=secno>4.6.1 </span>The <dfn><code>a</code></dfn

<div class=impl>

<!--CLEANUP-->
<p>The <code title=attr-hyperlink-href><a href=#attr-hyperlink-href>href</a></code>, <code title=attr-hyperlink-target><a href=#attr-hyperlink-target>target</a></code>, <code title=attr-hyperlink-download><a href=#attr-hyperlink-download>download</a></code>, and <code title=attr-hyperlink-ping><a href=#ping>ping</a></code>
attributes affect what happens when users <a href=#following-hyperlinks title="following hyperlinks">follow
hyperlinks</a> or <a href=#downloading-hyperlinks title="downloading hyperlinks">download hyperlinks</a> created using
Expand All @@ -19066,12 +19067,19 @@ <h4 id=the-a-element><span class=secno>4.6.1 </span>The <dfn><code>a</code></dfn
<!-- http://software.hixie.ch/utilities/js/live-dom-viewer/saved/2033 -->
<!-- (didn't test if the bc has to be active) -->

<li><p>If either the <code><a href=#the-a-element>a</a></code> element has a <code title=attr-hyperlink-download><a href=#attr-hyperlink-download>download</a></code> attribute and the algorithm is not <a href=#allowed-to-show-a-popup>allowed
to show a popup</a>, or the element's <code title=attr-hyperlink-target><a href=#attr-hyperlink-target>target</a></code>
attribute is present and applying <a href=#the-rules-for-choosing-a-browsing-context-given-a-browsing-context-name>the rules for choosing a browsing context given a
browsing context name</a>, using the value of the <code title=attr-hyperlink-target><a href=#attr-hyperlink-target>target</a></code> attribute as the browsing context name, would result
in there not being a chosen browsing context, then throw an <code><a href=#invalidaccesserror>InvalidAccessError</a></code>
exception and abort these steps.</li>
<li>

<p>If either the <code><a href=#the-a-element>a</a></code> element has a <code title=attr-hyperlink-download><a href=#attr-hyperlink-download>download</a></code> attribute and the algorithm is not <a href=#allowed-to-show-a-popup>allowed
to show a popup</a>, or the element's <code title=attr-hyperlink-target><a href=#attr-hyperlink-target>target</a></code>
attribute is present and applying <a href=#the-rules-for-choosing-a-browsing-context-given-a-browsing-context-name>the rules for choosing a browsing context given a
browsing context name</a>, using the value of the <code title=attr-hyperlink-target><a href=#attr-hyperlink-target>target</a></code> attribute as the browsing context name, would result
in there not being a chosen browsing context, then run these substeps:</p>

<ol><li><p>If there is an <a href=#entry-script>entry script</a>, throw an <code><a href=#invalidaccesserror>InvalidAccessError</a></code> exception.</li>

<li><p>Abort these steps witout following the hyperlink.</li>

</ol></li>

<li><p>If the target of the <code title=event-click><a href=#event-click>click</a></code> event is an <code><a href=#the-img-element>img</a></code>
element with an <code title=attr-img-ismap><a href=#attr-img-ismap>ismap</a></code> attribute specified, then server-side
Expand Down Expand Up @@ -31569,9 +31577,9 @@ <h6 id=text-track-api><span class=secno>4.8.10.12.5 </span>Text track API</h6>
<li><p>Add <var title="">cue</var> to the method's <code><a href=#texttrack>TextTrack</a></code> object's <a href=#text-track>text
track</a>'s <a href=#text-track-list-of-cues>text track list of cues</a>.</li>

<li><p>If the <code>TextTrack object's <a href=#text-track>text track</a> is in a <a href=#media-element>media
<li><p>If the <code><a href=#texttrack>TextTrack</a></code> object's <a href=#text-track>text track</a> is in a <a href=#media-element>media
element</a>'s <a href=#list-of-text-tracks>list of text tracks</a>, run the <i><a href=#time-marches-on>time marches on</a></i> steps for that
<a href=#media-element>media element</a>.</code></li>
<a href=#media-element>media element</a>.</li>

</ol><p>The <dfn id=dom-texttrack-removecue title=dom-TextTrack-removeCue><code>removeCue(<var title="">cue</var>)</code></dfn>
method of <code><a href=#texttrack>TextTrack</a></code> objects, when invoked, must run the following steps:</p>
Expand Down Expand Up @@ -38967,18 +38975,26 @@ <h4 id=the-area-element><span class=secno>4.8.13 </span>The <dfn><code>area</cod

<div class=impl>

<!--CLEANUP-->
<p>The <a href=#activation-behavior>activation behavior</a> of <code><a href=#the-area-element>area</a></code> elements is to run the following
steps:</p>

<ol><!-- c.f. <a>'s similar section --><li><p>If the <code><a href=#the-a-element>a</a></code> element's <code><a href=#document>Document</a></code> is not in a <a href=#browsing-context>browsing
context</a>, then abort these steps.</li>

<li><p>If the <code title=event-click><a href=#event-click>click</a></code> event in question is not <a href=#concept-events-trusted title=concept-events-trusted>trusted</a> (i.e. a <code title=dom-click><a href=#dom-click>click()</a></code>
method call was the reason for the event being dispatched), and the <code><a href=#the-area-element>area</a></code> element has
a <code title=attr-hyperlink-download><a href=#attr-hyperlink-download>download</a></code> attribute or the element's <code title=attr-hyperlink-target><a href=#attr-hyperlink-target>target</a></code> attribute is present and applying <a href=#the-rules-for-choosing-a-browsing-context-given-a-browsing-context-name>the rules for
choosing a browsing context given a browsing context name</a>, using the value of the <code title=attr-hyperlink-target><a href=#attr-hyperlink-target>target</a></code> attribute as the browsing context name, would result
in there not being a chosen browsing context, then throw an <code><a href=#invalidaccesserror>InvalidAccessError</a></code>
exception and abort these steps.</li>
<li>

<p>If the <code><a href=#the-area-element>area</a></code> element has
a <code title=attr-hyperlink-download><a href=#attr-hyperlink-download>download</a></code> attribute and the algorithm is not
<a href=#allowed-to-show-a-popup>allowed to show a popup</a>, or the element's <code title=attr-hyperlink-target><a href=#attr-hyperlink-target>target</a></code> attribute is present and applying <a href=#the-rules-for-choosing-a-browsing-context-given-a-browsing-context-name>the rules for
choosing a browsing context given a browsing context name</a>, using the value of the <code title=attr-hyperlink-target><a href=#attr-hyperlink-target>target</a></code> attribute as the browsing context name, would result
in there not being a chosen browsing context, then run these substeps:</p>

<ol><li><p>If there is an <a href=#entry-script>entry script</a>, throw an <code><a href=#invalidaccesserror>InvalidAccessError</a></code> exception.</li>

<li><p>Abort these steps witout following the hyperlink.</li>

</ol></li>

<li><p>Otherwise, the user agent must <a href=#following-hyperlinks title="following hyperlinks">follow the
hyperlink</a> or <a href=#downloading-hyperlinks title="downloading hyperlinks">download the hyperlink</a> created by
Expand Down Expand Up @@ -79537,6 +79553,7 @@ <h3 id=apis-available-to-workers><span class=secno>9.3 </span>APIs available to

<h4 id=importing-scripts-and-libraries><span class=secno>9.3.1 </span>Importing scripts and libraries</h4>

<!--CLEANUP-->
<p>When a script invokes the <dfn id=dom-workerglobalscope-importscripts title=dom-WorkerGlobalScope-importScripts><code>importScripts(<var title="">urls</var>)</code></dfn> method on a
<code><a href=#workerglobalscope>WorkerGlobalScope</a></code> object, the user agent must run the
following steps:</p>
Expand All @@ -79548,7 +79565,7 @@ <h4 id=importing-scripts-and-libraries><span class=secno>9.3.1 </span>Importing
argument.</li>

<li><p>If any fail, throw a <code><a href=#syntaxerror>SyntaxError</a></code>
exception.</li>
exception and abort these steps.</li>

<li>

Expand Down Expand Up @@ -82792,6 +82809,7 @@ <h4 id=the-localstorage-attribute><span class=secno>11.2.3 </span>The <code titl
};
<a href=#window>Window</a> implements <a href=#windowlocalstorage>WindowLocalStorage</a>;</pre>

<!--CLEANUP-->
<p>The <dfn id=dom-localstorage title=dom-localStorage><code>localStorage</code></dfn>
object provides a <code><a href=#storage-0>Storage</a></code> object for an
<a href=#origin>origin</a>.
Expand All @@ -82813,7 +82831,7 @@ <h4 id=the-localstorage-attribute><span class=secno>11.2.3 </span>The <code titl
marcos uses them from another spec -->

<ol><li><p>The user agent may throw a <code><a href=#securityerror>SecurityError</a></code>
exception instead of returning a <code><a href=#storage-0>Storage</a></code> object if the
exception and abort these steps instead of returning a <code><a href=#storage-0>Storage</a></code> object if the
request violates a policy decision (e.g. if the user agent is
configured to not allow the page to persist data).</li>

Expand Down
50 changes: 34 additions & 16 deletions index
Expand Up @@ -19052,6 +19052,7 @@ included with Exhibit B.

<div class=impl>

<!--CLEANUP-->
<p>The <code title=attr-hyperlink-href><a href=#attr-hyperlink-href>href</a></code>, <code title=attr-hyperlink-target><a href=#attr-hyperlink-target>target</a></code>, <code title=attr-hyperlink-download><a href=#attr-hyperlink-download>download</a></code>, and <code title=attr-hyperlink-ping><a href=#ping>ping</a></code>
attributes affect what happens when users <a href=#following-hyperlinks title="following hyperlinks">follow
hyperlinks</a> or <a href=#downloading-hyperlinks title="downloading hyperlinks">download hyperlinks</a> created using
Expand All @@ -19066,12 +19067,19 @@ included with Exhibit B.
<!-- http://software.hixie.ch/utilities/js/live-dom-viewer/saved/2033 -->
<!-- (didn't test if the bc has to be active) -->

<li><p>If either the <code><a href=#the-a-element>a</a></code> element has a <code title=attr-hyperlink-download><a href=#attr-hyperlink-download>download</a></code> attribute and the algorithm is not <a href=#allowed-to-show-a-popup>allowed
to show a popup</a>, or the element's <code title=attr-hyperlink-target><a href=#attr-hyperlink-target>target</a></code>
attribute is present and applying <a href=#the-rules-for-choosing-a-browsing-context-given-a-browsing-context-name>the rules for choosing a browsing context given a
browsing context name</a>, using the value of the <code title=attr-hyperlink-target><a href=#attr-hyperlink-target>target</a></code> attribute as the browsing context name, would result
in there not being a chosen browsing context, then throw an <code><a href=#invalidaccesserror>InvalidAccessError</a></code>
exception and abort these steps.</li>
<li>

<p>If either the <code><a href=#the-a-element>a</a></code> element has a <code title=attr-hyperlink-download><a href=#attr-hyperlink-download>download</a></code> attribute and the algorithm is not <a href=#allowed-to-show-a-popup>allowed
to show a popup</a>, or the element's <code title=attr-hyperlink-target><a href=#attr-hyperlink-target>target</a></code>
attribute is present and applying <a href=#the-rules-for-choosing-a-browsing-context-given-a-browsing-context-name>the rules for choosing a browsing context given a
browsing context name</a>, using the value of the <code title=attr-hyperlink-target><a href=#attr-hyperlink-target>target</a></code> attribute as the browsing context name, would result
in there not being a chosen browsing context, then run these substeps:</p>

<ol><li><p>If there is an <a href=#entry-script>entry script</a>, throw an <code><a href=#invalidaccesserror>InvalidAccessError</a></code> exception.</li>

<li><p>Abort these steps witout following the hyperlink.</li>

</ol></li>

<li><p>If the target of the <code title=event-click><a href=#event-click>click</a></code> event is an <code><a href=#the-img-element>img</a></code>
element with an <code title=attr-img-ismap><a href=#attr-img-ismap>ismap</a></code> attribute specified, then server-side
Expand Down Expand Up @@ -31569,9 +31577,9 @@ interface <dfn id=texttrack>TextTrack</dfn> : <a href=#eventtarget>EventTarget</
<li><p>Add <var title="">cue</var> to the method's <code><a href=#texttrack>TextTrack</a></code> object's <a href=#text-track>text
track</a>'s <a href=#text-track-list-of-cues>text track list of cues</a>.</li>

<li><p>If the <code>TextTrack object's <a href=#text-track>text track</a> is in a <a href=#media-element>media
<li><p>If the <code><a href=#texttrack>TextTrack</a></code> object's <a href=#text-track>text track</a> is in a <a href=#media-element>media
element</a>'s <a href=#list-of-text-tracks>list of text tracks</a>, run the <i><a href=#time-marches-on>time marches on</a></i> steps for that
<a href=#media-element>media element</a>.</code></li>
<a href=#media-element>media element</a>.</li>

</ol><p>The <dfn id=dom-texttrack-removecue title=dom-TextTrack-removeCue><code>removeCue(<var title="">cue</var>)</code></dfn>
method of <code><a href=#texttrack>TextTrack</a></code> objects, when invoked, must run the following steps:</p>
Expand Down Expand Up @@ -38967,18 +38975,26 @@ function AddCloud(data, x, y) { ... }</pre>

<div class=impl>

<!--CLEANUP-->
<p>The <a href=#activation-behavior>activation behavior</a> of <code><a href=#the-area-element>area</a></code> elements is to run the following
steps:</p>

<ol><!-- c.f. <a>'s similar section --><li><p>If the <code><a href=#the-a-element>a</a></code> element's <code><a href=#document>Document</a></code> is not in a <a href=#browsing-context>browsing
context</a>, then abort these steps.</li>

<li><p>If the <code title=event-click><a href=#event-click>click</a></code> event in question is not <a href=#concept-events-trusted title=concept-events-trusted>trusted</a> (i.e. a <code title=dom-click><a href=#dom-click>click()</a></code>
method call was the reason for the event being dispatched), and the <code><a href=#the-area-element>area</a></code> element has
a <code title=attr-hyperlink-download><a href=#attr-hyperlink-download>download</a></code> attribute or the element's <code title=attr-hyperlink-target><a href=#attr-hyperlink-target>target</a></code> attribute is present and applying <a href=#the-rules-for-choosing-a-browsing-context-given-a-browsing-context-name>the rules for
choosing a browsing context given a browsing context name</a>, using the value of the <code title=attr-hyperlink-target><a href=#attr-hyperlink-target>target</a></code> attribute as the browsing context name, would result
in there not being a chosen browsing context, then throw an <code><a href=#invalidaccesserror>InvalidAccessError</a></code>
exception and abort these steps.</li>
<li>

<p>If the <code><a href=#the-area-element>area</a></code> element has
a <code title=attr-hyperlink-download><a href=#attr-hyperlink-download>download</a></code> attribute and the algorithm is not
<a href=#allowed-to-show-a-popup>allowed to show a popup</a>, or the element's <code title=attr-hyperlink-target><a href=#attr-hyperlink-target>target</a></code> attribute is present and applying <a href=#the-rules-for-choosing-a-browsing-context-given-a-browsing-context-name>the rules for
choosing a browsing context given a browsing context name</a>, using the value of the <code title=attr-hyperlink-target><a href=#attr-hyperlink-target>target</a></code> attribute as the browsing context name, would result
in there not being a chosen browsing context, then run these substeps:</p>

<ol><li><p>If there is an <a href=#entry-script>entry script</a>, throw an <code><a href=#invalidaccesserror>InvalidAccessError</a></code> exception.</li>

<li><p>Abort these steps witout following the hyperlink.</li>

</ol></li>

<li><p>Otherwise, the user agent must <a href=#following-hyperlinks title="following hyperlinks">follow the
hyperlink</a> or <a href=#downloading-hyperlinks title="downloading hyperlinks">download the hyperlink</a> created by
Expand Down Expand Up @@ -79537,6 +79553,7 @@ partial interface <a href=#workerglobalscope id=WorkerGlobalScope-partial>Worker

<h4 id=importing-scripts-and-libraries><span class=secno>9.3.1 </span>Importing scripts and libraries</h4>

<!--CLEANUP-->
<p>When a script invokes the <dfn id=dom-workerglobalscope-importscripts title=dom-WorkerGlobalScope-importScripts><code>importScripts(<var title="">urls</var>)</code></dfn> method on a
<code><a href=#workerglobalscope>WorkerGlobalScope</a></code> object, the user agent must run the
following steps:</p>
Expand All @@ -79548,7 +79565,7 @@ partial interface <a href=#workerglobalscope id=WorkerGlobalScope-partial>Worker
argument.</li>

<li><p>If any fail, throw a <code><a href=#syntaxerror>SyntaxError</a></code>
exception.</li>
exception and abort these steps.</li>

<li>

Expand Down Expand Up @@ -82792,6 +82809,7 @@ interface <dfn id=windowlocalstorage>WindowLocalStorage</dfn> {
};
<a href=#window>Window</a> implements <a href=#windowlocalstorage>WindowLocalStorage</a>;</pre>

<!--CLEANUP-->
<p>The <dfn id=dom-localstorage title=dom-localStorage><code>localStorage</code></dfn>
object provides a <code><a href=#storage-0>Storage</a></code> object for an
<a href=#origin>origin</a>.
Expand All @@ -82813,7 +82831,7 @@ interface <dfn id=windowlocalstorage>WindowLocalStorage</dfn> {
marcos uses them from another spec -->

<ol><li><p>The user agent may throw a <code><a href=#securityerror>SecurityError</a></code>
exception instead of returning a <code><a href=#storage-0>Storage</a></code> object if the
exception and abort these steps instead of returning a <code><a href=#storage-0>Storage</a></code> object if the
request violates a policy decision (e.g. if the user agent is
configured to not allow the page to persist data).</li>

Expand Down

0 comments on commit 464ab10

Please sign in to comment.