[agiow] (0) freeze sandbox='' on document creation

git-svn-id: http://svn.whatwg.org/webapps@4580 340c8d12-0b0e-0410-8428-c7bf67bfef74
whatwg · Jan 12, 2010 · 6c7d27d · 6c7d27d
1 parent 2e96b1a
commit 6c7d27d
Show file tree

Hide file tree

Showing 3 changed files with 195 additions and 181 deletions.
diff --git a/complete.html b/complete.html
@@ -19762,10 +19762,6 @@ <h4 id=the-iframe-element><span class=secno>4.8.3 </span>The <dfn><code>iframe</
 
     </div>
 
-    <p class=warning>This flag only takes effect when the
-    <a href=#nested-browsing-context>nested browsing context</a> of the <code><a href=#the-iframe-element>iframe</a></code> is
-    <a href=#navigate title=navigate>navigated</a>.</p>
-
    </dd>
 
 
@@ -19794,18 +19790,22 @@ <h4 id=the-iframe-element><span class=secno>4.8.3 </span>The <dfn><code>iframe</
     <p>This flag <a href=#sandboxScriptBlocked>blocks script
     execution</a>.</p>
 
-    <p class=warning>If the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attribute is
-    dynamically added after the <code><a href=#the-iframe-element>iframe</a></code> has loaded a page,
-    scripts already compiled by that page (whether in
-    <code><a href=#script>script</a></code> elements, or in <a href=#event-handlers>event handlers</a>,
-    or elsewhere) will continue to run. Only <em>new</em> scripts will
-    be prevented from executing by this flag.</p>
+    <p class=warning>This flag only takes effect when the
+    <a href=#nested-browsing-context>nested browsing context</a> of the <code><a href=#the-iframe-element>iframe</a></code> is
+    <a href=#navigate title=navigate>navigated</a>. Removing it has no effect
+    on an already-loaded page.</p>
 
    </dd>
 
   </dl><p>These flags must not be set unless the conditions listed above
   define them as being set.</p>
 
+  <p class=warning>These flags only take effect when the
+  <a href=#nested-browsing-context>nested browsing context</a> of the <code><a href=#the-iframe-element>iframe</a></code> is
+  <a href=#navigate title=navigate>navigated</a>. Removing then, or removing
+  the entire <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code>
+  attribute, has no effect on an already-loaded page.</p>
+
   </div>
 
   <div class=example>
@@ -19853,15 +19853,16 @@ <h4 id=the-iframe-element><span class=secno>4.8.3 </span>The <dfn><code>iframe</
   be part of the containing document (seamlessly included in the
   parent document). <span class=impl>Specifically, when the
   attribute is set on an <code><a href=#the-iframe-element>iframe</a></code> element whose owner
-  <code>Document</code>'s <a href=#browsing-context>browsing context</a> does not have
-  the <a href=#sandboxed-seamless-iframes-flag>sandboxed seamless iframes flag</a> set and while
-  either the <a href=#browsing-context>browsing context</a>'s <a href=#active-document>active
-  document</a> has the <a href=#same-origin>same origin</a> as the
-  <code><a href=#the-iframe-element>iframe</a></code> element's document, or the <a href=#browsing-context>browsing
-  context</a>'s <a href=#active-document>active document</a>'s <em><a href="#the-document's-address" title="the
-  document's address">address</a></em> has the <a href=#same-origin>same
-  origin</a> as the <code><a href=#the-iframe-element>iframe</a></code> element's document, the
-  following requirements apply:</span></p>
+  <code>Document</code>'s <a href=#browsing-context>browsing context</a> did not have
+  the <a href=#sandboxed-seamless-iframes-flag>sandboxed seamless iframes flag</a> set when that
+  <code>Document</code> was created, and while either the
+  <a href=#browsing-context>browsing context</a>'s <a href=#active-document>active document</a> has the
+  <a href=#same-origin>same origin</a> as the <code><a href=#the-iframe-element>iframe</a></code> element's
+  document, or the <a href=#browsing-context>browsing context</a>'s <a href=#active-document>active
+  document</a>'s <em><a href="#the-document's-address" title="the document's
+  address">address</a></em> has the <a href=#same-origin>same origin</a> as the
+  <code><a href=#the-iframe-element>iframe</a></code> element's document, the following requirements
+  apply:</span></p>
 
   <div class=impl>
 
@@ -20112,17 +20113,17 @@ <h4 id=the-embed-element><span class=secno>4.8.4 </span>The <dfn><code>embed</co
   content</a>, any plugins instantiated for the element must be
   removed, and the <code><a href=#the-embed-element>embed</a></code> element represents nothing.</p>
 
-  <p id=sandboxPluginEmbed>When the <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing
-  context flag</a> is set on the <a href=#browsing-context>browsing context</a> for
-  which the <code><a href=#the-embed-element>embed</a></code> element's document is the <a href=#active-document>active
-  document</a>, then the user agent must render the
-  <code><a href=#the-embed-element>embed</a></code> element in a manner that conveys that the
-  <a href=#plugin>plugin</a> was disabled. The user agent may offer the user
-  the option to override the sandbox and instantiate the
-  <a href=#plugin>plugin</a> anyway; if the user invokes such an option, the
-  user agent must act as if the <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing
-  context flag</a> was not set for the purposes of this
-  element.</p>
+  <p id=sandboxPluginEmbed>If the <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing
+  context flag</a> was set on the <a href=#browsing-context>browsing context</a> for
+  which the <code><a href=#the-embed-element>embed</a></code> element's <code>Document</code> is the
+  <a href=#active-document>active document</a> when that <code>Document</code> was
+  created, then the user agent must render the <code><a href=#the-embed-element>embed</a></code>
+  element in a manner that conveys that the <a href=#plugin>plugin</a> was
+  disabled. The user agent may offer the user the option to override
+  the sandbox and instantiate the <a href=#plugin>plugin</a> anyway; if the
+  user invokes such an option, the user agent must act as if the
+  <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing context flag</a> was not set for
+  the purposes of this element.</p>
 
   <p class=warning>Plugins are disabled in sandboxed browsing
   contexts because they might not honor the restrictions imposed by
@@ -20137,7 +20138,7 @@ <h4 id=the-embed-element><span class=secno>4.8.4 </span>The <dfn><code>embed</co
   <ul class=brief><li>The element is <a href=#in-a-document title="in a document">in a <code>Document</code></a>.</li>
    <li>The element's <code>Document</code> is <a href=#fully-active>fully active</a>.</li>
    <li>The element has either a <code title=attr-embed-src><a href=#attr-embed-src>src</a></code> attribute set or a <code title=attr-embed-type><a href=#attr-embed-type>type</a></code> attribute set (or both).</li>
-   <li>The element is not in a sandboxed browsing context.</li>
+   <li>The element is not in a <code>Document</code> whose <a href=#browsing-context>browsing context</a> had the <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing context flag</a> set when the <code>Document</code> was created.</li>
    <li>The element is not a descendant of a <a href=#media-element>media element</a>.</li>
    <li>The element is not a descendant of an <code><a href=#the-object-element>object</a></code> element that is not showing its <a href=#fallback-content>fallback content</a>.</li>
   </ul><p>Whenever an <code><a href=#the-embed-element>embed</a></code> element that was not <a href=#concept-embed-active title=concept-embed-active>potentially active</a> becomes <a href=#concept-embed-active title=concept-embed-active>potentially active</a>, and whenever
@@ -20762,11 +20763,11 @@ <h4 id=the-object-element><span class=secno>4.8.5 </span>The <dfn><code>object</
   <a href=#browsing-context>browsing context</a>.</p>
 
   <p id=sandboxPluginObject>If the <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing
-  context flag</a> is set on the <a href=#browsing-context>browsing context</a> for
-  which the <code><a href=#the-object-element>object</a></code> element's document is the <a href=#active-document>active
-  document</a>, then the steps above must always act as if they had
-  failed to find a <a href=#plugin>plugin</a>, even if one would otherwise have been
-  used.</p>
+  context flag</a> was set on the <code><a href=#the-object-element>object</a></code> element's
+  <code>Document</code>'s <a href=#browsing-context>browsing context</a> when the
+  <code>Document</code> was created, then the steps above must always
+  act as if they had failed to find a <a href=#plugin>plugin</a>, even if one
+  would otherwise have been used.</p>
 
   <p class=note>The above algorithm is independent of CSS properties
   (including 'display', 'overflow', and 'visibility'). For example, it
@@ -39441,9 +39442,10 @@ <h5 id=form-submission-algorithm><span class=secno>4.10.19.3 </span>Form submiss
 
   <ol><li id=sandboxSubmitBlocked><p>If <var title="">form</var> is in
    a <code>Document</code> that has no associated <a href=#browsing-context>browsing
-   context</a> or whose <a href=#browsing-context>browsing context</a> has its
-   <a href=#sandboxed-forms-browsing-context-flag>sandboxed forms browsing context flag</a> set, then abort
-   these steps without doing anything.</li>
+   context</a> or whose <a href=#browsing-context>browsing context</a> had its
+   <a href=#sandboxed-forms-browsing-context-flag>sandboxed forms browsing context flag</a> set when the
+   <code>Document</code> was created, then abort these steps without
+   doing anything.</li>
 
    <li><p>If <var title="">form</var> is already being submitted
    (i.e. the form was <a href=#concept-form-submit title=concept-form-submit>submitted</a> again while processing
@@ -49753,9 +49755,9 @@ <h4 id=browsing-context-names><span class=secno>6.1.6 </span>Browsing context na
     happens depends on the user agent's configuration and/or
     abilities:</p>
 
-    <dl><dt id=sandboxWindowOpen>If the current browsing context has
-     the <a href=#sandboxed-navigation-browsing-context-flag>sandboxed navigation browsing context flag</a>
-     set.</dt>
+    <dl><dt id=sandboxWindowOpen>If the current browsing context had
+     the <a href=#sandboxed-navigation-browsing-context-flag>sandboxed navigation browsing context flag</a> set
+     when its <a href=#active-document>active document</a> was created.</dt>
 
      <dd><p>The user agent may offer to create a new <a href=#top-level-browsing-context>top-level
      browsing context</a> or reuse an existing <a href=#top-level-browsing-context>top-level
@@ -51022,9 +51024,10 @@ <h4 id=enabling-and-disabling-scripting><span class=secno>6.5.2 </span>Enabling
    the option to disable scripting globally, or in a finer-grained
    manner, e.g. on a per-origin basis.)</li>
 
-   <li id=sandboxScriptBlocked>The <a href=#browsing-context>browsing context</a>
-   does not have the <a href=#sandboxed-scripts-browsing-context-flag>sandboxed scripts browsing context
-   flag</a> set.</li>
+   <li id=sandboxScriptBlocked>The <a href=#browsing-context>browsing context</a> did
+   not have the <a href=#sandboxed-scripts-browsing-context-flag>sandboxed scripts browsing context flag</a>
+   set when the <a href=#browsing-context>browsing context</a>'s <a href=#active-document>active
+   document</a> was created.</li>
 
   </ul><p><dfn id=concept-bc-noscript title=concept-bc-noscript>Scripting is disabled</dfn> in a
   <a href=#browsing-context>browsing context</a> when any of the above conditions are
@@ -56116,15 +56119,16 @@ <h4 id=navigating-across-documents><span class=secno>6.11.1 </span>Navigating ac
    being navigated, and the <a href=#source-browsing-context>source browsing context</a> is
    not one of the <a href=#ancestor-browsing-context title="ancestor browsing context">ancestor
    browsing contexts</a> of the <a href=#browsing-context>browsing context</a> being
-   navigated, and the <a href=#source-browsing-context>source browsing context</a> has its
-   <a href=#sandboxed-navigation-browsing-context-flag>sandboxed navigation browsing context flag</a> set, then
-   abort these steps. The user agent may offer to open the new
-   resource in a new <a href=#top-level-browsing-context>top-level browsing context</a> or in the
-   <a href=#top-level-browsing-context>top-level browsing context</a> of the <a href=#source-browsing-context>source
-   browsing context</a>, at the user's option, in which case the
-   user agent must <a href=#navigate>navigate</a> that designated
-   <a href=#top-level-browsing-context>top-level browsing context</a> to the new resource as if
-   the user had requested it independently.</li>
+   navigated, and the <a href=#source-browsing-context>source browsing context</a> had its
+   <a href=#sandboxed-navigation-browsing-context-flag>sandboxed navigation browsing context flag</a> set when
+   its <a href=#active-document>active document</a> was created, then abort these
+   steps. The user agent may offer to open the new resource in a new
+   <a href=#top-level-browsing-context>top-level browsing context</a> or in the <a href=#top-level-browsing-context>top-level
+   browsing context</a> of the <a href=#source-browsing-context>source browsing
+   context</a>, at the user's option, in which case the user agent
+   must <a href=#navigate>navigate</a> that designated <a href=#top-level-browsing-context>top-level browsing
+   context</a> to the new resource as if the user had requested it
+   independently.</li>
 
    <li id=seamlessLinks><p>If the <a href=#source-browsing-context>source browsing
    context</a> is the same as the <a href=#browsing-context>browsing context</a>
@@ -56712,8 +56716,9 @@ <h4 id=read-plugin><span class=secno>6.11.6 </span><dfn title=navigate-plugin>Pa
   the document a <code><a href=#the-title-element-0>title</a></code>.</p>
 
   <p class=note id=sandboxPluginNavigate>If the <a href=#sandboxed-plugins-browsing-context-flag>sandboxed
-  plugins browsing context flag</a> is set on the <a href=#browsing-context>browsing
-  context</a>, the synthesized <code><a href=#the-embed-element>embed</a></code> element will <a href=#sandboxPluginEmbed>fail to render the content</a>.</p>
+  plugins browsing context flag</a> was set on the <a href=#browsing-context>browsing
+  context</a> when the <code>Document</code> was created, the
+  synthesized <code><a href=#the-embed-element>embed</a></code> element will <a href=#sandboxPluginEmbed>fail to render the content</a>.</p>
 
 
   <h4 id=read-ua-inline><span class=secno>6.11.7 </span><dfn title=navigate-ua-inline>Page load processing model for inline content that doesn't have a DOM</dfn></h4>
@@ -82374,10 +82379,10 @@ <h4 id=the-applet-element><span class=secno>14.3.1 </span>The <dfn><code>applet<
 
   <p id=sandboxPluginApplet>When the element is not <a href=#in-a-document>in a
   <code>Document</code></a>, and when the element's document is not
-  <a href=#fully-active>fully active</a>, and when the <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins
-  browsing context flag</a> is set on the <a href=#browsing-context>browsing
-  context</a> for which the <code><a href=#the-applet-element>applet</a></code> element's document
-  is the <a href=#active-document>active document</a>, and when the element has an
+  <a href=#fully-active>fully active</a>, and when the element's
+  <code>Document</code>'s <a href=#browsing-context>browsing context</a> had its
+  <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing context flag</a> when that
+  <code>Document</code> was created, and when the element has an
   ancestor <a href=#media-element>media element</a>, and when the element has an
   ancestor <code><a href=#the-object-element>object</a></code> element that is <em>not</em> showing
   its <a href=#fallback-content>fallback content</a>, and when no Java Language runtime