diff --git a/source b/source index 260d0228fa1..2f9da0174d0 100644 --- a/source +++ b/source @@ -3810,7 +3810,6 @@ a.setAttribute('href', 'https://example.com/'); // change the content attribute spec="SECURE-CONTEXTS">
An environment environment is a secure context if the + following algorithm returns true:
+ +If environment is an environment settings object, then:
+ +If environment's HTTPS state is "deprecated
", then return false.
Let global be environment's global object.
If global is a WorkerGlobalScope
, then:
+
+
For each owner in global's + owner set, if owner's relevant settings object is a + non-secure context, then return false.
Return true.
If global is a WorkletGlobalScope
, then:
If global's owner + document's relevant settings object is a secure context, + then return true.
Return false.
If the result of Is url potentially trustworthy? given
+ environment's top-level creation URL is "Potentially
+ Trustworthy
", then return true.
Return false.
An environment is a non-secure context if it is not a + secure context.
+An environment settings object is an environment that additionally specifies algorithms for:
@@ -91673,6 +91723,7 @@ interface mixin DocumentAndElementEventHandlers { interface mixin WindowOrWorkerGlobalScope { [Replaceable] readonly attribute USVString origin; + readonly attribute boolean isSecureContext; // base64 utility methods DOMString btoa(DOMString data); @@ -91695,7 +91746,12 @@ interface mixin WindowOrWorkerGlobalScope { WorkerGlobalScope includes WindowOrWorkerGlobalScope;origin
isSecureContext
Returns whether or not this global object represents a secure context.
origin
Returns the global object's origin, serialized as string.
self.origin
is a more reliable security indicator.
The The The Assign outside port to the Let callerIsSecureContext be the result of executing Is environment
- settings object a secure context? on outside settings. Let callerIsSecureContext be true if outside settings is a
+ secure context; otherwise, false. Enqueue the following steps to the shared worker manager: Let settings object be the relevant settings object for
worker global scope. Let workerIsSecureContext be the result of executing Is environment
- settings object a secure context? on settings object. Let workerIsSecureContext be true if settings object is a
+ secure context; otherwise, false. If workerIsSecureContext is not callerIsSecureContext, then
queue a task to fire an event named
@@ -106443,9 +106507,9 @@ document.body.appendChild(text);
this element in the stack of open elements. If the origin
attribute's getter must return this
- object's relevant settings object's
+
+ isSecureContext
getter steps are to
+ return true if this's relevant settings object is a secure
+ context, or false otherwise.origin
getter steps are to return
+ this's relevant settings object's origin, serialized.Base64 utility methods
@@ -99160,8 +99224,8 @@ interface SharedWorker : EventTarget {
port
attribute of worker.Document
is being loaded as part of navigation of a browsing context and the result of
- executing Is environment settings object a secure context? on the
- Document
's relevant settings object is true, then:Document
's relevant settings object is a secure context,
+ then:
If the result of running match service worker