From 061e782437c6cff600f18bc96c1a11489e09c3ab Mon Sep 17 00:00:00 2001 From: Dave Tapuska Date: Thu, 11 Jul 2019 11:49:55 -0400 Subject: [PATCH] Refactor the navigation algorithm * Create the document after the global is created. * Calculate the sandbox flags and origin before the document is created. This replaces the previously-declarative determination of the document origin. * Thread through much of the previously-implicit state as explicit arguments. --- source | 484 ++++++++++++++++++++++++++++++--------------------------- 1 file changed, 258 insertions(+), 226 deletions(-) diff --git a/source b/source index da770fcd283..e7c5d190517 100644 --- a/source +++ b/source @@ -3167,6 +3167,7 @@ a.setAttribute('href', 'https://example.com/'); // change the content attribute
  • Text interface
  • node document concept
    • +
  • document type concept
  • host concept
  • shadow root concept
    • @@ -7249,8 +7250,8 @@ a.setAttribute('href', 'https://example.com/'); // change the content attribute

    As each Document's CSP list is append-only, user agents can optimize away the contains a header-delivered Content Security Policy check by, for example, holding a flag on the Document, - set during Document - initialization.

    + set during Document + creation and initialization.

    The cloning steps for elements that include HTMLOrSVGElement must set the [[CryptographicNonce]] slot on the copy @@ -78000,6 +78001,32 @@ dictionary DragEventInit : MouseEventInit {

    +

    To determine the origin, given browsing + context browsingContext, URL url, sandboxing flag + set sandboxFlags, and two origins + invocationOrigin and activeDocumentNavigationOrigin:

    + +
      +

    1. If sandboxFlags has its sandboxed origin browsing context flag + set, then return a new opaque origin.

      2. + +

    2. If url is null, then return a new opaque + origin.

      3. + +

    3. If activeDocumentOrigin is not null, and url's scheme is "javascript", then return + activeDocumentNavigationOrigin.

      4. + +

    4. If invocationOrigin is not null, and url is + about:blank, then return invocationOrigin.

      5. + +

    5. If url is about:srcdoc, then return the origin of + browsingContext's browsing context container's node + document.

      6. + +

    6. Return url's origin.

      7. +
    +

    To create a new browsing context, given null or a Document object creator:

    @@ -78013,6 +78040,13 @@ dictionary DragEventInit : MouseEventInit { creator base URL to return creator's base URL.

    +

  • Let sandboxFlags be the result of determining active sandboxing + flags given browsingContext.

    • + +

  • Let origin be the result of determining the + origin given browsingContext, about:blank, + sandboxFlags, browsingContext's creator origin, and null. +

  • Let realm execution context be the result of creating a new JavaScript realm with the following customizations:

    @@ -78031,8 +78065,9 @@ dictionary DragEventInit : MouseEventInit {

  • Let document be a new Document, marked as an HTML document in quirks mode, whose content type is "text/html", - and which is both ready for post-load tasks and completely loaded - immediately.

    • + origin is origin, active sandboxing flag set is + sandboxFlags, and which is both ready for post-load tasks and + completely loaded immediately.

  • Ensure that document has a single child html node, which itself has two empty child nodes: a head element, and a body element.

    • @@ -78040,12 +78075,6 @@ dictionary DragEventInit : MouseEventInit {

  • Set the active document of browsingContext to document.

    • -

  • If browsingContext's creator origin is - non-null, then set document's origin to it.

    • - -

  • Otherwise, set document's origin to a unique opaque origin.

    • -

  • If browsingContext's creator URL is non-null, then set document's referrer to the serialization of it.

    • @@ -78054,8 +78083,6 @@ dictionary DragEventInit : MouseEventInit { referrer policy to creator's referrer policy.

    -

  • Implement the sandboxing for document.

    • -

  • Initialize a document's feature policy given document.

    • @@ -79367,10 +79394,11 @@ dictionary WindowPostMessageOptions : PostMessageOptions Document.

    The Document object associated with a Window object can - change in exactly one case: when the navigate algorithm initializes a new Document object for the first page loaded - in a browsing context. In that specific case, the Window object of the - original about:blank page is reused and gets a new Document object.

    + change in exactly one case: when the navigate algorithm creates a new Document object for the + first page loaded in a browsing context. In that specific case, the + Window object of the original about:blank page is reused and gets a new + Document object.

    The defaultView attribute's getter, when invoked, must run these steps:

    @@ -80653,81 +80681,12 @@ interface BarProp {
    For Document objects
    - -
    - -
    If the Document's active sandboxing flag set - has its sandboxed origin browsing context flag set
    - -
    If the Document was generated from a data: URL
    - -

    A unique opaque origin assigned when the - Document is created.

    - - -
    If the Document's URL's scheme is a network scheme
    - -
    -

    A copy of the Document's URL's - origin assigned when the Document is - created.

    - -

    The document.open() method can change - the Document's URL to - "about:blank". Therefore the origin is assigned when the - Document is created.

    -
    - - -
    If the Document is the initial "about:blank" document
    - -

    The one it was assigned when its browsing context was - created.

    - - -
    If the Document is a non-initial "about:blank" document
    - -

    The origin of the incumbent - settings object when the navigate algorithm was invoked, or, if no script was involved, the origin of the node - document of the element that initiated the navigation to - that URL.

    - - -
    If the Document was created as part of the processing for javascript: URLs
    - -

    The origin of the active document of the browsing - context being navigated when the navigate algorithm was invoked.

    - - -
    If the Document is an iframe srcdoc document
    - -

    The origin of the Document's browsing context's browsing context - container's node document.

    - - -
    If the Document was obtained in some other manner (e.g. a Document - created using the createDocument() - API, etc)
    - -
    -

    The default behavior as defined in DOM applies. .

    - -

    The origin is a unique opaque origin assigned when the Document is - created.

    -
    - -
    - +

    The create a new browsing context and + navigation algorithms assign the origin at + construction time. Otherwise, the default default behavior as defined in DOM + applies.

    -
    For images of img elements
    @@ -81348,27 +81307,24 @@ interface BarProp {
    -

    To implement the sandboxing for a Document object document, - populate document's active sandboxing flag set with the union of the flags - that are present in the following sandboxing flag - sets:

    +

    To determine active sandboxing flags + for a browsing context browsing context given + an optional navigationResource, return the union of the flags that are present in the + following sandboxing flag sets:

      -

    • If document's browsing context is a - top-level browsing context, then: the flags set on the browsing - context's popup sandboxing flag set.

      • +

    • If browsing context is a top-level browsing context, then: the + flags set on the popup sandboxing flag set.

      • -

    • If document's browsing context is a - nested browsing context, then: the flags set on the browsing context's - iframe sandboxing flag set.

      • +

    • If browsing context is a nested browsing context, then: the + flags set on the iframe sandboxing flag set.

      • -

    • If document's browsing context is a - nested browsing context, then: the flags set on the browsing context's - parent browsing context's active document's active sandboxing - flag set.

      • +

    • If browsing context is a nested browsing context, then: the + flags set on the parent browsing context's active document's + active sandboxing flag set.

      • -

    • The flags set on document's resource's forced sandboxing flag set, - if it has one.

      • +

    • If navigationResource is given, then: the flags set on + navigationResource's forced sandboxing flag set.

    @@ -83089,10 +83045,18 @@ interface Location { // but see also navigate to that fragment, with replacement enabled if this was invoked with replacement enabled, and return.

    +

  • Let activeDocumentNavigationOrigin be the origin of the + active document of browsingContext.

    • + +

  • Let incumbentNavigationOrigin be the origin of the incumbent + settings object, or if no script was involved, the origin of the + node document of the element that initiated the navigation.

    • +

  • Cancel any preexisting but not yet mature attempt to navigate browsingContext, including canceling any instances of the fetch algorithm started by those attempts. If one of those attempts - has already created and initialized a new + has already created and initialized a new Document object, abort that Document also. (Navigation attempts that have matured already have session history entries, and are @@ -83145,8 +83109,9 @@ interface Location { // but see also response

    Run process a navigate response with null, resource, - navigationType, the source browsing context, and - browsingContext.

    + navigationType, the source browsing context, + browsingContext, incumbentNavigationOrigin, and + activeDocumentNavigationOrigin.

    • If resource is a request whose url's scheme @@ -83162,8 +83127,9 @@ interface Location { // but see also So for example a url's scheme is a fetch scheme

    Run process a navigate fetch given resource, the source - browsing context, browsingContext, and navigationType.

    + browsing context, browsingContext, navigationType, + incumbentNavigationOrigin, and activeDocumentNavigationOrigin.

    Otherwise, resource is a request whose url's scheme @@ -83222,9 +83189,11 @@ interface Location { // but see also process a navigate fetch, given a request request, browsing context - sourceBrowsingContext, browsing context browsingContext, and - string navigationType, run these steps:

    + data-x="concept-request">request request, two browsing contexts sourceBrowsingContext and browsingContext, + a string navigationType, and two origins + incumbentNavigationOrigin and activeDocumentNavigationOrigin, run these + steps:

    1. Let response be null.

      2. @@ -83412,15 +83381,17 @@ interface Location { // but see also       process a navigate response, given null or a request request, a response response, a string navigationType, two browsing contexts source and - browsingContext, and an optional environment - reservedEnvironment, run these steps:

      + browsingContext, two origins + incumbentNavigationOrigin and activeDocumentNavigationOrigin, and an + optional environment reservedEnvironment, run these steps:

      1. @@ -83469,16 +83440,18 @@ interface Location { // but see also -
        an HTML MIME type
        -
        Follow the steps given in the HTML document - section, and then, once they have completed, return.
        +
        Follow the steps given in the HTML document section + providing browsingContext, request, response, + incumbentNavigationOrigin, and activeDocumentNavigationOrigin. Once the + steps have completed, return.
        an XML MIME type that is not an explicitly supported XML MIME type
        - -
        Follow the steps given in the XML document section, and - then, once they have completed, return.
        +
        Follow the steps given in the XML document section + providing browsingContext, type, request, response, + incumbentNavigationOrigin, and activeDocumentNavigationOrigin. Once the + steps have completed, return.
        a JavaScript MIME type
        a JSON MIME type that is not an explicitly supported JSON MIME @@ -83487,23 +83460,30 @@ interface Location { // but see also text/css"
        "text/plain"
        "text/vtt"
        -
        Follow the steps given in the plain text file - section, and then, once they have completed, return..
        +
        Follow the steps given in the plain text file section + providing browsingContext, type, request, response, + incumbentNavigationOrigin, and activeDocumentNavigationOrigin. Once the + steps have completed, return.
        "multipart/x-mixed-replace"
        Follow the steps given in the multipart/x-mixed-replace section, and then, - once they have completed, return.
        + data-x="navigate-multipart-x-mixed-replace">multipart/x-mixed-replace section providing + browsingContext, type, request, response, + incumbentNavigationOrigin, and activeDocumentNavigationOrigin. Once the + steps have completed, return.
        A supported image, video, or audio type
        -
        Follow the steps given in the media section, and then, - once they have completed, return.
        +
        Follow the steps given in the media section providing + browsingContext, type, request, response, + incumbentNavigationOrigin, and activeDocumentNavigationOrigin. Once the + steps have completed, return.
        A type that will use an external application to render the content in browsingContext
        -
        Follow the steps given in the plugin section, and then, once they have - completed, return.
        - +
        Follow the steps given in the plugin section + providing browsingContext, type, request, response, + incumbentNavigationOrigin, and activeDocumentNavigationOrigin. Once the + steps have completed, return.

        An explicitly supported XML MIME type is an XML MIME type for which @@ -83568,7 +83548,7 @@ interface Location { // but see also execute a javascript: URL request, - given a request request, and two request request and two browsing contexts source and browsingContext, run these steps:

        @@ -83668,24 +83648,31 @@ interface Location { // but see also initialize the - Document object, given a Document object document, null - or a request request, a create and initialize a Document object, + given a type type, content type contentType, a request request, a response response, a browsing context browsingContext, and an optional - environment reservedEnvironment:

        - -

        The sections below do not yet explicitly call this algorithm, passing along the - appropriate arguments. Instead, they just reference it by name. We hope to fix this, but in the - meantime, understand that the arguments should be threaded through from process a navigate - response to here.

        + context">browsing context         browsingContext, two origins incumbentNavigationOrigin, + activeDocumentNavigationOrigin, and an optional environment + reservedEnvironment:

          +

        1. Let sandboxFlags be the result of determining active sandboxing + flags given browsingContext and response.

          2. + +

        2. Let origin be the result of determining the origin given + browsingContext, request's url, + sandboxFlags, incumbentNavigationOrigin, and + activeDocumentNavigationOrigin. +

        3. If browsingContext's only entry in its session history is the about:blank Document that was added when browsingContext was created, and navigation is occurring with replacement enabled, and that Document has the same origin - as document, then do nothing.

          4. + as origin, then do nothing.

        4. Otherwise:

          @@ -83708,6 +83695,12 @@ interface Location { // but see also           type is type, content type is contentType, + origin is origin, and active sandboxing flag set is + sandboxFlags.

          5. +

        5. If request is non-null, then set document's URL to request's current URL.

          6. @@ -83740,8 +83733,6 @@ interface Location { // but see also           no-referrer" at this point.

          -

        6. Implement the sandboxing for document.

          7. -

        7. Initialize a document's feature policy from a response given document and response.

          @@ -83775,6 +83766,8 @@ interface Location { // but see also           Refresh` headers. This is tracked as issue #2900.

          8. + +

        8. Return document.

        @@ -83943,29 +83936,39 @@ new PaymentRequest(…); // Allowed to use
      -

      Page load processing model for HTML files

      +

      Page load processing model for HTML files

      + +

      When an HTML document is to be loaded in a browsing + context, provided browsingContext, request, response, + incumbentNavigationOrigin, and activeDocumentNavigationOrigin, the user + agent must queue a task on the networking task source to:

      + +
        +

      1. Let document be the result of creating and initializing a Document + object providing "html", "text/html", + request, response, browsingContext, + incumbentNavigationOrigin, and activeDocumentNavigationOrigin.

        2. -

        When an HTML document is to be loaded in a browsing context, the user agent must - queue a task to create a Document object, mark it as being an HTML document, set its content type to "text/html", - initialize the Document object, and finally create an HTML - parser and associate it with the Document. Each task that the networking task source places on the - task queue while fetching runs must then fill the parser's input byte - stream with the fetched bytes and cause the HTML parser to perform the - appropriate processing of the input stream.

        +
      2. +

        Create an HTML parser and associate it with the document. Each + task that the networking task source places on + the task queue while fetching runs must then fill the parser's input byte + stream with the fetched bytes and cause the HTML parser to perform the + appropriate processing of the input stream.

        -

        The input byte stream converts bytes into characters for use in the - tokenizer. This process relies, in part, on character encoding - information found in the real Content-Type metadata of the - resource; the computed type is not used for this purpose.

        +

        The input byte stream converts bytes into characters for use in the + tokenizer. This process relies, in part, on character encoding + information found in the real Content-Type metadata of the + resource; the computed type is not used for this purpose.

        +
        3. +
      -

      When no more bytes are available, the user agent must queue a task for the parser - to process the implied EOF character, which eventually causes a load event to be fired.

      +

      When no more bytes are available, the user agent must queue a task on the + networking task source for the parser to process the implied EOF character, which + eventually causes a load event to be fired.

      After creating the Document object, but before any script execution, certainly before the parser stops, the user agent must update the @@ -83974,25 +83977,24 @@ new PaymentRequest(…); // Allowed to use

      Application cache selection happens in the HTML parser.

      -

      The task source for the two tasks mentioned in this section must be the - networking task source.

      -

      Page load processing model for XML files

      -

      When faced with displaying an XML file inline, user agents must follow the requirements defined - in XML and Namespaces in XML, XML Media Types, - DOM, and other relevant specifications to create a Document object and a - corresponding XML parser.

      +

      When faced with displaying an XML file inline, provided browsingContext, + request, response, incumbentNavigationOrigin, and + activeDocumentNavigationOrigin, user agents must follow the requirements defined in + XML and Namespaces in XML, XML Media Types, + DOM, and other relevant specifications to create and initialize a Document object + providing "xml", type, request, response, + browsingContext, incumbentNavigationOrigin, and + activeDocumentNavigationOrigin. It must also create and a corresponding XML + parser.

      At the time of writing, the XML specification community had not actually yet specified how XML and the DOM interact.

      -

      After the Document is created, the user agent must initialize the - Document object.

      -

      The actual HTTP headers and other metadata, not the headers as mutated or implied by the algorithms given in this specification, are the ones that must be used when determining the character encoding according to the rules given in the above specifications. Once the character @@ -84032,20 +84034,27 @@ new PaymentRequest(…); // Allowed to use

      Page load processing model for text files

      -

      When a plain text document is to be loaded in a browsing context, the user agent - must queue a task to create a Document object, mark it as being an HTML document, set its content type to the computed MIME type of the resource (type in the - navigate algorithm), initialize the Document object, - create an HTML parser, associate it with the Document, act as if the - tokenizer had emitted a start tag token with the tag name "pre" followed by a single U+000A LINE - FEED (LF) character, and switch the HTML parser's tokenizer to the PLAINTEXT - state. Each task that the networking task - source places on the task queue while fetching runs must then fill the - parser's input byte stream with the fetched bytes and cause the HTML - parser to perform the appropriate processing of the input stream.

      +

      When a plain text document is to be loaded in a browsing context, provided + browsingContext, request, response, + incumbentNavigationOrigin, and activeDocumentNavigationOrigin, the user + agent must queue a task on the networking task source to: + +

        +

      1. Let document be the result of creating and initialize a Document object + providing "html", type, request, + response, browsingContext, incumbentNavigationOrigin, + and activeDocumentNavigationOrigin.

        2. + +

      2. Create an HTML parser and associate it with the document. Act as + if the tokenizer had emitted a start tag token with the tag name "pre" followed by a single + U+000A LINE FEED (LF) character, and switch the HTML parser's tokenizer to the + PLAINTEXT state. Each task that the + networking task source places on the task queue while fetching runs + must then fill the parser's input byte stream with the fetched bytes and cause the + HTML parser to perform the appropriate processing of the input stream.

        3. +

      The rules for how to convert the bytes of the plain text document into actual characters, and the rules for actually rendering the text to the user, are defined by the specifications for the @@ -84063,9 +84072,9 @@ new PaymentRequest(…); // Allowed to use "navigate-ua-inline" section, and the next three are similar to the navigate-media and navigate-plugin sections; keep them all in sync --> -

      When no more bytes are available, the user agent must queue a task for the parser - to process the implied EOF character, which eventually causes a load event to be fired.

      +

      When no more bytes are available, the user agent must queue a task on the + networking task source for the parser to process the implied EOF character, which + eventually causes a load event to be fired.

      After creating the Document object, but potentially before the page has finished parsing, the user agent must update the session history with the new page.

      @@ -84078,9 +84087,6 @@ new PaymentRequest(…); // Allowed to use wrap correctly and to handle the quoting feature. This could be performed using, e.g., a CSS extension.

      -

      The task source for the two tasks mentioned in this section must be the - networking task source.

      -

      Page load processing model for multipart/x-mixed-replace resources

      @@ -84091,9 +84097,9 @@ new PaymentRequest(…); // Allowed to use

      For each body part obtained from the resource, the user agent must run process a navigate response using the new body part and the same browsing context, with replacement enabled if a previous body part from the same resource resulted in a - Document object being created and initialized, and otherwise using the same setup as the navigate - attempt that caused this section to be invoked in the first place.

      + creating and initializing a Document + object, and otherwise using the same setup as the navigate attempt that caused + this section to be invoked in the first place.

      For the purposes of algorithms processing these body parts as if they were complete stand-alone resources, the user agent must act as if there were no more bytes for those resources whenever the @@ -84105,17 +84111,30 @@ new PaymentRequest(…); // Allowed to use

      Page load processing model for media

      -

      When an image, video, or audio resource is to be loaded in a browsing context, the - user agent should create a Document object, mark it as being an HTML document, set its content - type to the computed MIME type of the - resource (type in the navigate algorithm), initialize the - Document object, append an html element to the - Document, append a head element and a body element to the - html element, append an element host element for the media, as described - below, to the body element, and set the appropriate attribute of the element - host element, as described below, to the address of the image, video, or audio - resource.

      +

      When an image, video, or audio resource is to be loaded in a browsing context, + provided browsingContext, request, response, + incumbentNavigationOrigin, and activeDocumentNavigationOrigin, the user + agent should: + +

        +

      1. Let document be the result of creating and initialize a Document object + providing "html", type, request, + response, browsingContext, incumbentNavigationOrigin, and + activeDocumentNavigationOrigin.

        2. + +

      2. Append an html element to document.

        3. + +

      3. Append a head element to the html element.

        4. + +

      4. Append a body element to the html element.

        5. + +

      5. Append an element host element for the media, as described below, to the + body element.

        6. + +

      6. Set the appropriate attribute of the element host element, as described below, + to the address of the image, video, or audio resource.

        7. +

      The element host element to create for the media is the element given in the table below in the second cell of the row whose first cell describes the media. The @@ -84159,16 +84178,30 @@ new PaymentRequest(…); // Allowed to use

      Page load processing model for content that uses plugins

      When a resource that requires an external resource to be rendered is to be loaded in a - browsing context, the user agent should create a Document object, mark - it as being an HTML document and mark it as being a - plugin document, set its content - type to the computed MIME type of the - resource (type in the navigate algorithm), initialize the - Document object, append an html element to the - Document, append a head element and a body element to the - html element, append an embed to the body element, and - set the src attribute of the embed element to - the address of the resource.

      + browsing context, provided browsingContext, request, + response, incumbentNavigationOrigin, and + activeDocumentNavigationOrigin, the user agent should: + +
        +

      1. Let document be the result of creating and initialize a Document object + providing "html", type, request, + response, browsingContext, incumbentNavigationOrigin, and + activeDocumentNavigationOrigin.

        2. + +

      2. Mark document as being a plugin document

        3. + +

      3. Append an html element to document.

        4. + +

      4. Append a head element to the html element.

        5. + +

      5. Append a body element to the html element.

        6. + +

      6. Append an embed to the body element

        7. + +

      7. Set the src attribute of the embed + element to the address of the resource.

        8. +

      The term plugin document is used by Content Security Policy as part of the mechanism that ensures iframes @@ -84200,13 +84233,12 @@ new PaymentRequest(…); // Allowed to use content that doesn't have a DOM

      When the user agent is to display a user agent page inline in a browsing context, - the user agent should create a Document object, mark it as being an HTML document, set its content type to "text/html", - initialize the Document object, and then either associate that - Document with a custom rendering that is not rendered using the normal - Document rendering rules, or mutate that Document until it represents - the content the user agent wants to render.

      + the user agent should create and initialize a + Document object providing "html", "text/html", null, null, browsingContext, null, and null, and then + either associate that Document with a custom rendering that is not rendered using the + normal Document rendering rules, or mutate that Document until it + represents the content the user agent wants to render.