Clarify rel=noopener & "disown opener" effects

alice · Jan 7, 2019 · b212123 · b212123
1 parent 84a7260
commit b212123
Showing 1 changed file with 17 additions and 3 deletions.
diff --git a/source b/source
@@ -22861,7 +22861,7 @@ interface <dfn>HTMLHyperlinkElementUtils</dfn> {
      <td><em>not allowed</em></td>
      <td><span data-x="hyperlink annotation">Annotation</span></td>
      <td class="no"> &middot; </td>
-     <td>Requires that any <span>browsing context</span> created by following the hyperlink must not have an <span>opener browsing context</span>.</td>
+     <td>Requires any <span>browsing context</span> created by following the hyperlink to <span data-x="disowned its opener">disown its opener</span>.</td>
     </tr>
 
     <tr>
@@ -23444,8 +23444,8 @@ interface <dfn>HTMLHyperlinkElementUtils</dfn> {
   implied hyperlink, if no other keywords create one).</p>
 
   <p>The keyword indicates that any newly created <span>browsing context</span> which results from
-  following the <span>hyperlink</span> will not have an <span>opener browsing context</span>, which
-  means that its <code data-x="dom-opener">window.opener</code> property will be <code
+  following the <span>hyperlink</span> will have <span>disowned its opener</span>, which means that
+  its <code data-x="dom-opener">window.opener</code> property will be <code
   data-x="">null</code>.</p>
 
   <h5>Link type "<dfn><code data-x="rel-pingback">pingback</code></dfn>"</h5>
@@ -76994,6 +76994,20 @@ console.assert(iframeWindow.frameElement === null);
 
   where <var>value</var> is the new value.</p>
 
+ <div class="note">
+  <p>If a <span>browsing context</span> has <span data-x="disowned its opener">disowned its
+  opener</span>, the value of its <code data-x="dom-opener">window.opener</code> is <code
+  data-x="">null</code>. That prevents scripts in the <span>browsing context</span> from changing
+  any properties of its <span>opener browsing context</span>'s <code>Window</code> (i.e., the window
+  from which the <span>browsing context</span> was created).</p>
+
+  <p>Otherwise, if a <span>browsing context</span> has <em>not</em> <span>disowned its
+  opener</span>, then scripts in that <span>browsing context</span> can use <code
+  data-x="dom-opener">window.opener</code> to change properties of its <span>opener browsing
+  context</span>'s <code>Window</code>. For example, a script running in the <span>browsing
+  context</span> can change the value of <code data-x="">window.opener.location</code>, causing the
+  <span>opener browsing context</span> to navigate to a completely different document.</p>
+ </div>
 
 
 <!--ADD-TOPIC:Security-->