[giow] (0) Make text/html-sandboxed sandbox plugins also, since plugi…

…ns don't honour UA origin determinations. git-svn-id: http://svn.whatwg.org/webapps@4618 340c8d12-0b0e-0410-8428-c7bf67bfef74
whatwg · Jan 20, 2010 · c1f9f85 · c1f9f85
1 parent 77742c3
commit c1f9f85
Show file tree

Hide file tree

Showing 3 changed files with 122 additions and 48 deletions.
diff --git a/complete.html b/complete.html
@@ -20181,17 +20181,25 @@ <h4 id=the-embed-element><span class=secno>4.8.4 </span>The <dfn><code>embed</co
   content</a>, any plugins instantiated for the element must be
   removed, and the <code><a href=#the-embed-element>embed</a></code> element represents nothing.</p>
 
-  <p id=sandboxPluginEmbed>If the <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing
-  context flag</a> was set on the <a href=#browsing-context>browsing context</a> for
-  which the <code><a href=#the-embed-element>embed</a></code> element's <code>Document</code> is the
-  <a href=#active-document>active document</a> when that <code>Document</code> was
-  created, then the user agent must render the <code><a href=#the-embed-element>embed</a></code>
-  element in a manner that conveys that the <a href=#plugin>plugin</a> was
+  <p id=sandboxPluginEmbed>If either:
+
+  <ul><li>the <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing context flag</a> was
+   set on the <a href=#browsing-context>browsing context</a> for which the
+   <code><a href=#the-embed-element>embed</a></code> element's <code>Document</code> is the
+   <a href=#active-document>active document</a> when that <code>Document</code> was
+   created, or</li>
+
+   <li>the <code><a href=#the-embed-element>embed</a></code> element's <code>Document</code> was
+   parsed from a resource whose <a href=#content-type-sniffing-0 title="Content-Type
+   sniffing">sniffed type</a> as determined during <a href=#navigate title=navigate>navigation</a> is
+   <code><a href=#text/html-sandboxed>text/html-sandboxed</a></code></li>
+
+  </ul><p>...then the user agent must render the <code><a href=#the-embed-element>embed</a></code> element
+  in a manner that conveys that the <a href=#plugin>plugin</a> was
   disabled. The user agent may offer the user the option to override
   the sandbox and instantiate the <a href=#plugin>plugin</a> anyway; if the
   user invokes such an option, the user agent must act as if the
-  <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing context flag</a> was not set for
-  the purposes of this element.</p>
+  conditions above did not apply for the purposes of this element.</p>
 
   <p class=warning>Plugins are disabled in sandboxed browsing
   contexts because they might not honor the restrictions imposed by
@@ -20206,7 +20214,8 @@ <h4 id=the-embed-element><span class=secno>4.8.4 </span>The <dfn><code>embed</co
   <ul class=brief><li>The element is <a href=#in-a-document title="in a document">in a <code>Document</code></a>.</li>
    <li>The element's <code>Document</code> is <a href=#fully-active>fully active</a>.</li>
    <li>The element has either a <code title=attr-embed-src><a href=#attr-embed-src>src</a></code> attribute set or a <code title=attr-embed-type><a href=#attr-embed-type>type</a></code> attribute set (or both).</li>
-   <li>The element is not in a <code>Document</code> whose <a href=#browsing-context>browsing context</a> had the <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing context flag</a> set when the <code>Document</code> was created.</li>
+   <li>The element is not in a <code>Document</code> whose <a href=#browsing-context>browsing context</a> had the <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing context flag</a> set when the <code>Document</code> was created (unless this has been overrriden as described above).</li>
+   <li>The element's <code>Document</code> was not parsed from a resource whose <a href=#content-type-sniffing-0 title="Content-Type sniffing">sniffed type</a> as determined during <a href=#navigate title=navigate>navigation</a> is <code><a href=#text/html-sandboxed>text/html-sandboxed</a></code> (unless this has been overrriden as described above).</li>
    <li>The element is not a descendant of a <a href=#media-element>media element</a>.</li>
    <li>The element is not a descendant of an <code><a href=#the-object-element>object</a></code> element that is not showing its <a href=#fallback-content>fallback content</a>.</li>
   </ul><p>Whenever an <code><a href=#the-embed-element>embed</a></code> element that was not <a href=#concept-embed-active title=concept-embed-active>potentially active</a> becomes <a href=#concept-embed-active title=concept-embed-active>potentially active</a>, and whenever
@@ -20830,12 +20839,21 @@ <h4 id=the-object-element><span class=secno>4.8.5 </span>The <dfn><code>object</
   <a href=#plugin>plugin</a>. The <a href=#plugin>plugin</a> is not a nested
   <a href=#browsing-context>browsing context</a>.</p>
 
-  <p id=sandboxPluginObject>If the <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing
-  context flag</a> was set on the <code><a href=#the-object-element>object</a></code> element's
-  <code>Document</code>'s <a href=#browsing-context>browsing context</a> when the
-  <code>Document</code> was created, then the steps above must always
-  act as if they had failed to find a <a href=#plugin>plugin</a>, even if one
-  would otherwise have been used.</p>
+  <p id=sandboxPluginObject>If either:</p>
+
+  <ul><li>the <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing context flag</a> was
+   set on the <code><a href=#the-object-element>object</a></code> element's <code>Document</code>'s
+   <a href=#browsing-context>browsing context</a> when the <code>Document</code> was
+   created, or</li>
+
+   <li>the <code><a href=#the-object-element>object</a></code> element's <code>Document</code> was
+   parsed from a resource whose <a href=#content-type-sniffing-0 title="Content-Type
+   sniffing">sniffed type</a> as determined during <a href=#navigate title=navigate>navigation</a> is
+   <code><a href=#text/html-sandboxed>text/html-sandboxed</a></code></li>
+
+  </ul><p>...then the steps above must always act as if they had failed to
+  find a <a href=#plugin>plugin</a>, even if one would otherwise have been
+  used.</p>
 
   <p class=note>The above algorithm is independent of CSS properties
   (including 'display', 'overflow', and 'visibility'). For example, it
@@ -82677,7 +82695,10 @@ <h4 id=the-applet-element><span class=secno>14.3.1 </span>The <dfn><code>applet<
   <a href=#fully-active>fully active</a>, and when the element's
   <code>Document</code>'s <a href=#browsing-context>browsing context</a> had its
   <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing context flag</a> when that
-  <code>Document</code> was created, and when the element has an
+  <code>Document</code> was created, and when the element's
+  <code>Document</code> was parsed from a resource whose <a href=#content-type-sniffing-0 title="Content-Type sniffing">sniffed type</a> as determined
+  during <a href=#navigate title=navigate>navigation</a> is
+  <code><a href=#text/html-sandboxed>text/html-sandboxed</a></code>, and when the element has an
   ancestor <a href=#media-element>media element</a>, and when the element has an
   ancestor <code><a href=#the-object-element>object</a></code> element that is <em>not</em> showing
   its <a href=#fallback-content>fallback content</a>, and when no Java Language runtime

diff --git a/index b/index
@@ -20081,17 +20081,25 @@ href="?audio"&gt;audio&lt;/a&gt; test instead.)&lt;/p&gt;</pre>
   content</a>, any plugins instantiated for the element must be
   removed, and the <code><a href=#the-embed-element>embed</a></code> element represents nothing.</p>
 
-  <p id=sandboxPluginEmbed>If the <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing
-  context flag</a> was set on the <a href=#browsing-context>browsing context</a> for
-  which the <code><a href=#the-embed-element>embed</a></code> element's <code>Document</code> is the
-  <a href=#active-document>active document</a> when that <code>Document</code> was
-  created, then the user agent must render the <code><a href=#the-embed-element>embed</a></code>
-  element in a manner that conveys that the <a href=#plugin>plugin</a> was
+  <p id=sandboxPluginEmbed>If either:
+
+  <ul><li>the <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing context flag</a> was
+   set on the <a href=#browsing-context>browsing context</a> for which the
+   <code><a href=#the-embed-element>embed</a></code> element's <code>Document</code> is the
+   <a href=#active-document>active document</a> when that <code>Document</code> was
+   created, or</li>
+
+   <li>the <code><a href=#the-embed-element>embed</a></code> element's <code>Document</code> was
+   parsed from a resource whose <a href=#content-type-sniffing-0 title="Content-Type
+   sniffing">sniffed type</a> as determined during <a href=#navigate title=navigate>navigation</a> is
+   <code><a href=#text/html-sandboxed>text/html-sandboxed</a></code></li>
+
+  </ul><p>...then the user agent must render the <code><a href=#the-embed-element>embed</a></code> element
+  in a manner that conveys that the <a href=#plugin>plugin</a> was
   disabled. The user agent may offer the user the option to override
   the sandbox and instantiate the <a href=#plugin>plugin</a> anyway; if the
   user invokes such an option, the user agent must act as if the
-  <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing context flag</a> was not set for
-  the purposes of this element.</p>
+  conditions above did not apply for the purposes of this element.</p>
 
   <p class=warning>Plugins are disabled in sandboxed browsing
   contexts because they might not honor the restrictions imposed by
@@ -20106,7 +20114,8 @@ href="?audio"&gt;audio&lt;/a&gt; test instead.)&lt;/p&gt;</pre>
   <ul class=brief><li>The element is <a href=#in-a-document title="in a document">in a <code>Document</code></a>.</li>
    <li>The element's <code>Document</code> is <a href=#fully-active>fully active</a>.</li>
    <li>The element has either a <code title=attr-embed-src><a href=#attr-embed-src>src</a></code> attribute set or a <code title=attr-embed-type><a href=#attr-embed-type>type</a></code> attribute set (or both).</li>
-   <li>The element is not in a <code>Document</code> whose <a href=#browsing-context>browsing context</a> had the <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing context flag</a> set when the <code>Document</code> was created.</li>
+   <li>The element is not in a <code>Document</code> whose <a href=#browsing-context>browsing context</a> had the <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing context flag</a> set when the <code>Document</code> was created (unless this has been overrriden as described above).</li>
+   <li>The element's <code>Document</code> was not parsed from a resource whose <a href=#content-type-sniffing-0 title="Content-Type sniffing">sniffed type</a> as determined during <a href=#navigate title=navigate>navigation</a> is <code><a href=#text/html-sandboxed>text/html-sandboxed</a></code> (unless this has been overrriden as described above).</li>
    <li>The element is not a descendant of a <a href=#media-element>media element</a>.</li>
    <li>The element is not a descendant of an <code><a href=#the-object-element>object</a></code> element that is not showing its <a href=#fallback-content>fallback content</a>.</li>
   </ul><p>Whenever an <code><a href=#the-embed-element>embed</a></code> element that was not <a href=#concept-embed-active title=concept-embed-active>potentially active</a> becomes <a href=#concept-embed-active title=concept-embed-active>potentially active</a>, and whenever
@@ -20730,12 +20739,21 @@ href="?audio"&gt;audio&lt;/a&gt; test instead.)&lt;/p&gt;</pre>
   <a href=#plugin>plugin</a>. The <a href=#plugin>plugin</a> is not a nested
   <a href=#browsing-context>browsing context</a>.</p>
 
-  <p id=sandboxPluginObject>If the <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing
-  context flag</a> was set on the <code><a href=#the-object-element>object</a></code> element's
-  <code>Document</code>'s <a href=#browsing-context>browsing context</a> when the
-  <code>Document</code> was created, then the steps above must always
-  act as if they had failed to find a <a href=#plugin>plugin</a>, even if one
-  would otherwise have been used.</p>
+  <p id=sandboxPluginObject>If either:</p>
+
+  <ul><li>the <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing context flag</a> was
+   set on the <code><a href=#the-object-element>object</a></code> element's <code>Document</code>'s
+   <a href=#browsing-context>browsing context</a> when the <code>Document</code> was
+   created, or</li>
+
+   <li>the <code><a href=#the-object-element>object</a></code> element's <code>Document</code> was
+   parsed from a resource whose <a href=#content-type-sniffing-0 title="Content-Type
+   sniffing">sniffed type</a> as determined during <a href=#navigate title=navigate>navigation</a> is
+   <code><a href=#text/html-sandboxed>text/html-sandboxed</a></code></li>
+
+  </ul><p>...then the steps above must always act as if they had failed to
+  find a <a href=#plugin>plugin</a>, even if one would otherwise have been
+  used.</p>
 
   <p class=note>The above algorithm is independent of CSS properties
   (including 'display', 'overflow', and 'visibility'). For example, it
@@ -77027,7 +77045,10 @@ time:empty { binding: <i title="">time</i>; }</pre>
   <a href=#fully-active>fully active</a>, and when the element's
   <code>Document</code>'s <a href=#browsing-context>browsing context</a> had its
   <a href=#sandboxed-plugins-browsing-context-flag>sandboxed plugins browsing context flag</a> when that
-  <code>Document</code> was created, and when the element has an
+  <code>Document</code> was created, and when the element's
+  <code>Document</code> was parsed from a resource whose <a href=#content-type-sniffing-0 title="Content-Type sniffing">sniffed type</a> as determined
+  during <a href=#navigate title=navigate>navigation</a> is
+  <code><a href=#text/html-sandboxed>text/html-sandboxed</a></code>, and when the element has an
   ancestor <a href=#media-element>media element</a>, and when the element has an
   ancestor <code><a href=#the-object-element>object</a></code> element that is <em>not</em> showing
   its <a href=#fallback-content>fallback content</a>, and when no Java Language runtime

diff --git a/source b/source
@@ -21490,17 +21490,30 @@ href="?audio">audio&lt;/a> test instead.)&lt;/p></pre>
   content</span>, any plugins instantiated for the element must be
   removed, and the <code>embed</code> element represents nothing.</p>
 
-  <p id="sandboxPluginEmbed">If the <span>sandboxed plugins browsing
-  context flag</span> was set on the <span>browsing context</span> for
-  which the <code>embed</code> element's <code>Document</code> is the
-  <span>active document</span> when that <code>Document</code> was
-  created, then the user agent must render the <code>embed</code>
-  element in a manner that conveys that the <span>plugin</span> was
+  <p id="sandboxPluginEmbed">If either:
+
+  <ul>
+
+   <li>the <span>sandboxed plugins browsing context flag</span> was
+   set on the <span>browsing context</span> for which the
+   <code>embed</code> element's <code>Document</code> is the
+   <span>active document</span> when that <code>Document</code> was
+   created, or</li>
+
+   <li>the <code>embed</code> element's <code>Document</code> was
+   parsed from a resource whose <span title="Content-Type
+   sniffing">sniffed type</span> as determined during <span
+   title="navigate">navigation</span> is
+   <code>text/html-sandboxed</code></li>
+
+  </ul>
+
+  <p>...then the user agent must render the <code>embed</code> element
+  in a manner that conveys that the <span>plugin</span> was
   disabled. The user agent may offer the user the option to override
   the sandbox and instantiate the <span>plugin</span> anyway; if the
   user invokes such an option, the user agent must act as if the
-  <span>sandboxed plugins browsing context flag</span> was not set for
-  the purposes of this element.</p>
+  conditions above did not apply for the purposes of this element.</p>
 
   <p class="warning">Plugins are disabled in sandboxed browsing
   contexts because they might not honor the restrictions imposed by
@@ -21517,7 +21530,8 @@ href="?audio">audio&lt;/a> test instead.)&lt;/p></pre>
    <li>The element is <span title="in a document">in a <code>Document</code></span>.</li>
    <li>The element's <code>Document</code> is <span>fully active</span>.</li>
    <li>The element has either a <code title="attr-embed-src">src</code> attribute set or a <code title="attr-embed-type">type</code> attribute set (or both).</li>
-   <li>The element is not in a <code>Document</code> whose <span>browsing context</span> had the <span>sandboxed plugins browsing context flag</span> set when the <code>Document</code> was created.</li>
+   <li>The element is not in a <code>Document</code> whose <span>browsing context</span> had the <span>sandboxed plugins browsing context flag</span> set when the <code>Document</code> was created (unless this has been overrriden as described above).</li>
+   <li>The element's <code>Document</code> was not parsed from a resource whose <span title="Content-Type sniffing">sniffed type</span> as determined during <span title="navigate">navigation</span> is <code>text/html-sandboxed</code> (unless this has been overrriden as described above).</li>
    <li>The element is not a descendant of a <span>media element</span>.</li>
    <li>The element is not a descendant of an <code>object</code> element that is not showing its <span>fallback content</span>.</li>
   </ul>
@@ -22213,12 +22227,26 @@ href="?audio">audio&lt;/a> test instead.)&lt;/p></pre>
   <span>plugin</span>. The <span>plugin</span> is not a nested
   <span>browsing context</span>.</p>
 
-  <p id="sandboxPluginObject">If the <span>sandboxed plugins browsing
-  context flag</span> was set on the <code>object</code> element's
-  <code>Document</code>'s <span>browsing context</span> when the
-  <code>Document</code> was created, then the steps above must always
-  act as if they had failed to find a <span>plugin</span>, even if one
-  would otherwise have been used.</p>
+  <p id="sandboxPluginObject">If either:</p>
+
+  <ul>
+
+   <li>the <span>sandboxed plugins browsing context flag</span> was
+   set on the <code>object</code> element's <code>Document</code>'s
+   <span>browsing context</span> when the <code>Document</code> was
+   created, or</li>
+
+   <li>the <code>object</code> element's <code>Document</code> was
+   parsed from a resource whose <span title="Content-Type
+   sniffing">sniffed type</span> as determined during <span
+   title="navigate">navigation</span> is
+   <code>text/html-sandboxed</code></li>
+
+  </ul>
+
+  <p>...then the steps above must always act as if they had failed to
+  find a <span>plugin</span>, even if one would otherwise have been
+  used.</p>
 
   <p class="note">The above algorithm is independent of CSS properties
   (including 'display', 'overflow', and 'visibility'). For example, it
@@ -91860,7 +91888,11 @@ time:empty { binding: <i title="">time</i>; }</pre>
   <span>fully active</span>, and when the element's
   <code>Document</code>'s <span>browsing context</span> had its
   <span>sandboxed plugins browsing context flag</span> when that
-  <code>Document</code> was created, and when the element has an
+  <code>Document</code> was created, and when the element's
+  <code>Document</code> was parsed from a resource whose <span
+  title="Content-Type sniffing">sniffed type</span> as determined
+  during <span title="navigate">navigation</span> is
+  <code>text/html-sandboxed</code>, and when the element has an
   ancestor <span>media element</span>, and when the element has an
   ancestor <code>object</code> element that is <em>not</em> showing
   its <span>fallback content</span>, and when no Java Language runtime