Add "validate share data" algorithm

index.html

@@ -47,7 +47,7 @@
  };
  </script>
  </head>
- <body data-cite="FILEAPI">
+ <body data-cite="FILEAPI secure-contexts">
  <section id="abstract">
  <p>
  This specification defines an API for sharing text, links and other
@@ -147,7 +147,7 @@ <h4>
  <ol class="algorithm">
  <li>If the current settings object's responsible document is not
  <a>allowed to use</a> the "[=web-share-feature|web-share=]"
- permission, return [=a promise rejected with=] with a
+ permission, return [=a promise rejected with=] a
  {{"NotAllowedError"}} {{DOMException}}.
  </li>
  <li>If {{[[sharePromise]]}} is not `null`, return <a>a promise
@@ -161,32 +161,21 @@ <h4>
  </li>
  <li>[=Consume user activation=] of |window|.
  </li>
- <li>If none of |data|'s members {{ShareData/title}},
- {{ShareData/text}}, or {{ShareData/url}} or {{ShareData/file}} are
- present, return <a>a promise rejected with</a> a {{TypeError}}.
+ <li>If {{[[sharePromise]]}} is not `null`, return [=a promise
+ rejected with=] {{InvalidStateError}}.
  </li>
- <li>If |data|'s {{ShareData/files}} member is present:
- <ol>
- <li>If |data|'s {{ShareData/files}} member is empty, or if the
- implementation does not support file sharing, return <a>a
- promise rejected with</a> a {{TypeError}}, and abort these
- steps.
- </li>
- </ol>
+ <li>Let |base:URL| be the [=this=] value's <a>relevant settings
+ object</a>'s [=environment settings object/api base URL=].
+ </li>
+ <li>If [=validate share data=] with |data| and |base| returns
+ false, then return [=a promise rejected with=] a {{TypeError}}.
  </li>
  <li>If |data|'s {{ShareData/url}} member is present:
  <ol>
- <li>Let |base:URL| be the [=this=] value's <a>relevant settings
- object</a>'s [=environment settings object/api base URL=].
- </li>
  <li>Let |url:URL| be the result of running the <a>URL
  parser</a> on |data|'s {{ShareData/url}} with |base|.
  </li>
- <li>If |url| is failure, return <a>a promise rejected with</a>
- {{TypeError}}.
- </li>
- <li>If |url|'s [=URL/scheme=] is not "http" or "https", return
- <a>a promise rejected with</a> {{TypeError}}.
+ <li>Assert: |url| is {{URL}}.
  </li>
  <li>Set |data| to a copy of |data|, with its {{ShareData/url}}
  member set to the result of running the <a>URL serializer</a>
@@ -195,7 +184,7 @@ <h4>
  </ol>
  </li>
  <li>If a file type is being blocked due to security considerations,
- return <a>a promise rejected with</a> with a {{"NotAllowedError"}}
+ return [=a promise rejected with=] with a {{"NotAllowedError"}}
  {{DOMException}}.
  </li>
  <li>Set {{[[sharePromise]]}} to be <a>a new promise</a>.
@@ -269,6 +258,55 @@ <h4>
  or bypassing the UI if there is only a single share target.
  </div>
  </section>
+ <section>
+ <h3>
+ Validate share data
+ </h3>
+ <p>
+ To <dfn>validate share data</dfn> with |data:ShareData| and
+ |base:URL|, run the following steps:
+ </p>
+ <ol class="algorithm">
+ <li>If none of |data|'s members {{ShareData/title}},
+ {{ShareData/text}}, or {{ShareData/url}} or {{ShareData/files}} are
+ present, return false.
+ </li>
+ <li>Let |titleTextOrUrl:boolean| be true if any of
+ {{ShareData/title}}, or {{ShareData/text}}, or {{ShareData/url}} is
+ present.
+ </li>
+ <li>If |data|'s {{ShareData/files}} member is present:
+ <ol>
+ <li>If |titleTextOrUrl| is false and |data|'s
+ {{ShareData/files}} member is empty, return false.
+ <p class="note">
+ This causes a `{ files: [] }` dictionary to be treated as
+ an empty dictionary. However, passing a dictionary like
+ `{text: "text", files: []}` is fine, as `files` is just
+ ignored.
+ </p>
+ </li>
+ <li>If the implementation does not support file sharing, return
+ false.
+ </li>
+ </ol>
+ </li>
+ <li>If |data|'s url member is present:
+ <ol>
+ <li>Let |url:URL| be the result of running the [=URL parser=]
+ on |data|'s url, with |base|, and no encoding override.
+ </li>
+ <li>If |url| is failure, return false.
+ </li>
+ <li>If |url|'s [=URL/scheme=] is not "http" or "https", return
+ false.
+ </li>
+ </ol>
+ </li>
+ <li>Return true.
+ </li>
+ </ol>
+ </section>
  </section>
  <section data-dfn-for="ShareData">
  <h3>
@@ -459,9 +497,13 @@ <h2>
  native applications.
  </li>
  <li>Due to the capabilities of the API surface, {{Navigator/share()}}
- is <a>available only in secure contexts</a> (such as `https://`
+ method is restricted to [=secure contexts=] (such as `https://`
  schemes).
  </li>
+ <li>Third-party contexts require that they be [=allowed to use=] the
+ {{Navigator/share()}} method is one of the mechanisms described in
+ [[[permissions-policy]]].
+ </li>
  <li>Use of {{Navigator/share()}} from a <a href=
  "https://en.wikipedia.org/wiki/Privacy_mode">private browsing mode</a>
  might leak private data to a third-party application that does not
@@ -508,8 +550,7 @@ <h2>
  when information should be confidential, so forwarding any content
  presents a risk. In particular, the {{ShareData/title}} might be
  used by an attacker to trick a user into misinterpreting the nature
- of the content.
- <!--
+ of the content. <!--
  , as demonstrated in the [[Wylecial]] <a data-cite=
  "Wylecial#">proof of concept attack</a>
  -->