Ensure that 'noopener' does not reuse a browsing context

WIP: All of this would benefit from more substantial refactoring, but let's decide that this is the right way to approach things first. #1826
whatwg · Sep 30, 2016 · 29101db · 29101db
1 parent 2aa0000
commit 29101db
Showing 1 changed file with 54 additions and 44 deletions.
diff --git a/source b/source
@@ -18647,8 +18647,8 @@ interface <dfn>HTMLAnchorElement</dfn> : <span>HTMLElement</span> {
     <span>triggered by user activation</span>; or, if the user has not indicated a specific
     <span>browsing context</span> for following the link, and the element's <code
     data-x="attr-hyperlink-target">target</code> attribute is present, and applying <span>the rules
-    for choosing a browsing context given a browsing context name</span>, using the value of the
-    <code data-x="attr-hyperlink-target">target</code> attribute as the browsing context name, would
+    for choosing a browsing context</span>, using the value of the <code
+    data-x="attr-hyperlink-target">target</code> attribute as the browsing context name, would
     result in there not being a chosen browsing context, then run these substeps:</p>
 
     <ol>
@@ -22232,20 +22232,27 @@ interface <dfn>HTMLHyperlinkElementUtils</dfn> {
     <span>one permitted sandboxed navigator</span>.</p>
 
     <p>Otherwise, if <var>subject</var> is an <code>a</code> or <code>area</code> element
-    that has a <code data-x="attr-hyperlink-target">target</code> attribute, then let <var>target</var> be the <span>browsing context</span> that is chosen by applying <span>the
-    rules for choosing a browsing context given a browsing context name</span>, using the value of
-    the <code data-x="attr-hyperlink-target">target</code> attribute as the browsing context name. If
-    these rules result in the creation of a new <span>browsing context</span>, set <var>replace</var> to true.</p>
+    that has a <code data-x="attr-hyperlink-target">target</code> attribute, then let
+    <var>target</var> be the <span>browsing context</span> that is chosen by applying <span>the
+    rules for choosing a browsing context</span>, using the value of the <code
+    data-x="attr-hyperlink-target">target</code> attribute as the browsing context name, and
+    a disown opener flag of true if the element has a <code data-x="attr-hyperlink-rel">rel</code>
+    attribute whose value is "<code data-x="">noopener</code>" or "<code
+    data-x="">noreferrer</code>", and false otherwise. If these rules result in the creation of a
+    new <span>browsing context</span>, set <var>replace</var> to true.</p>
 
     <p>Otherwise, if <var>target</var> is an <code>a</code> or <code>area</code> element
     with no <code data-x="attr-hyperlink-target">target</code> attribute, but the
     <code>Document</code> contains a <code>base</code> element with a <code
     data-x="attr-base-target">target</code> attribute, then let <var>target</var> be the
     <span>browsing context</span> that is chosen by applying <span>the rules for choosing a browsing
-    context given a browsing context name</span>, using the value of the <code
-    data-x="attr-base-target">target</code> attribute of the first such <code>base</code> element as
-    the browsing context name. If these rules result in the creation of a new <span>browsing
-    context</span>, set <var>replace</var> to true.</p> <!-- c.f. concept-fs-target -->
+    context</span>, using the value of the <code data-x="attr-base-target">target</code> attribute
+    of the first such <code>base</code> element as the browsing context name, and a disown opener
+    flag of true if the element has a <code data-x="attr-hyperlink-rel">rel</code>
+    attribute whose value is "<code data-x="">noopener</code>" or "<code
+    data-x="">noreferrer</code>", and false otherwise. If these rules result in the creation of a
+    new <span>browsing context</span>, set <var>replace</var> to true.</p>
+    <!-- c.f. concept-fs-target -->
 
     <p>Otherwise, let <var>target</var> be <var>source</var>.</p>
 
@@ -37493,10 +37500,9 @@ interface <dfn>HTMLAreaElement</dfn> : <span>HTMLElement</span> {
     attribute and the algorithm is not <span>triggered by user activation</span>; or, if the user
     has not indicated a specific <span>browsing context</span> for following the link, and the
     element's <code data-x="attr-hyperlink-target">target</code> attribute is present, and applying
-    <span>the rules for choosing a browsing context given a browsing context name</span>, using the
-    value of the <code data-x="attr-hyperlink-target">target</code> attribute as the browsing
-    context name, would result in there not being a chosen browsing context, then run these
-    substeps:</p>
+    <span>the rules for choosing a browsing context</span>, using the value of the <code
+    data-x="attr-hyperlink-target">target</code> attribute as the browsing context name, would
+    result in there not being a chosen browsing context, then run these substeps:</p>
 
     <ol>
 
@@ -54768,10 +54774,10 @@ fur
 
    <li><p>If the user indicated a specific <span>browsing context</span> to use when submitting the
    form, then let <var>target browsing context</var> be that <span>browsing context</span>.
-   Otherwise, apply <span>the rules for choosing a browsing context given a browsing context
-   name</span> using <var>target</var> as the name and <var>form browsing
-   context</var> as the context in which the algorithm is executed, and let <var>target
-   browsing context</var> be the resulting <span>browsing context</span>.</p></li>
+   Otherwise, apply <span>the rules for choosing a browsing context</span> using <var>target</var>
+   as the name and <var>form browsing context</var> as the context in which the algorithm is
+   executed, and let <var>target browsing context</var> be the resulting <span>browsing
+   context</span>.</p></li>
 
    <li><p>If <var>target browsing context</var> was created in the previous step, or,
    alternatively, if the <var>form document</var> has not yet <span>completely
@@ -77856,15 +77862,16 @@ console.assert(iframeWindow.frameElement === null);
 
   <p class="tablenote"><small>Most of the restrictions on sandboxed browsing contexts are applied by
   other algorithms, e.g. the <span data-x="navigate">navigation</span> algorithm, not <span>the rules
-  for choosing a browsing context given a browsing context name</span> given below.</small></p>
+  for choosing a browsing context</span> given below.</small></p>
 
   <div w-nodev>
 
   <hr>
 
-  <p><dfn>The rules for choosing a browsing context given a browsing context name</dfn> are as
-  follows. The rules assume that they are being applied in the context of a <span>browsing
-  context</span>, as part of the execution of a <span data-x="concept-task">task</span>.</p>
+  <p><dfn>The rules for choosing a browsing context</dfn> given a browsing context name and disown
+  opener flag are as follows. The rules assume that they are being applied in the context of a
+  <span>browsing context</span>, as part of the execution of a <span
+  data-x="concept-task">task</span>.</p>
 
   <ol>
 
@@ -77890,10 +77897,10 @@ console.assert(iframeWindow.frameElement === null);
     browsing context whose <span data-x="browsing context name">name</span> is the same as the given
     browsing context name, and the current browsing context is <span>familiar with</span> that
     browsing context, and the user agent determines that the two browsing contexts are related
-    enough that it is ok if they reach each other, then that browsing context must be the chosen
-    one. If there are multiple matching browsing contexts, the user agent should select one in some
-    arbitrary consistent manner, such as the most recently opened, most recently focused, or more
-    closely related.</p>
+    enough that it is ok if they reach each other, and the disown opener flag is false, then that
+    browsing context must be the chosen one. If there are multiple matching browsing contexts, the
+    user agent should select one in some arbitrary consistent manner, such as the most recently
+    opened, most recently focused, or more closely related.</p>
 
    </li>
 
@@ -77941,11 +77948,11 @@ console.assert(iframeWindow.frameElement === null);
      create a new browsing context:</dt>
 
      <dd>
-      <p>A new <span>auxiliary browsing context</span> must be created, with the <span>opener
-      browsing context</span> being the current one. If the given browsing context name is not
-      <code data-x="">_blank</code>, then the new auxiliary browsing context's name must be the
-      given browsing context name (otherwise, it has no name). The chosen browsing context must be
-      this new browsing context.</p>
+      <p>A new <span>top-level browsing context</span> must be created. Its <span>opener
+      browsing context</span> is the current one if the disown opener flag is false, and empty
+      otherwise. If the given browsing context name is not <code data-x="">_blank</code>, then the
+      new browsing context's name must be the given browsing context name (otherwise, it has no
+      name). The chosen browsing context must be this new browsing context.</p>
 
       <p class="note">If the newly created <span>browsing context</span> is immediately <span
       data-x="navigate">navigated</span>, then the navigation will be done with <span>replacement
@@ -78626,6 +78633,10 @@ callback <dfn>FrameRequestCallback</dfn> = void (<span>DOMHighResTimeStamp</span
    <li><p>If <var>target</var> is the empty string, let it be the string "<code
    data-x="">_blank</code>" instead.</p></li>
 
+   <li><p>Let <var>disown opener</var> be true if the result of <span data-x="split a string on
+   commas">splitting <var>features</var> on commas</span> contains the token "<code
+   data-x="">noopener</code>"
+
    <li>
 
     <p>If the user has indicated a preference for which <span>browsing context</span> to navigate,
@@ -78649,19 +78660,19 @@ callback <dfn>FrameRequestCallback</dfn> = void (<span>DOMHighResTimeStamp</span
     holds the control key down, the user agent could override the selection of the target browsing
     context to instead target a new tab.</p>
 
-    <p>Otherwise, apply <span>the rules for choosing a browsing context given a browsing context
-    name</span> using <var>target</var> as the name and <var>source browsing context</var> as the
-    context in which the algorithm is executed. If this results in there not being a chosen browsing
-    context, then throw an <span>"<code>InvalidAccessError</code>"</span> <code>DOMException</code>
-    and abort these steps. Otherwise, let <var>target browsing context</var> be the <span>browsing
-    context</span> so obtained.</p>
+    <p>Otherwise, apply <span>the rules for choosing a browsing context</span> using
+    <var>target</var> as the name, <var>disown opener</var>, and <var>source browsing context</var>
+    as the context in which the algorithm is executed. If this results in there not being a chosen
+    browsing context, then throw an <span>"<code>InvalidAccessError</code>"</span>
+    <code>DOMException</code> and abort these steps. Otherwise, let <var>target browsing
+    context</var> be the <span>browsing context</span> so obtained.</p>
 
    </li>
 
    <li><p>If <var>target browsing context</var> was just created, either as part of <span>the rules
-   for choosing a browsing context given a browsing context name</span> or due to the user
-   indicating a preference for navigating a new <span>top-level browsing context</span>, then let
-   <var>new</var> be true. Otherwise, let it be false.</p></li>
+   for choosing a browsing context</span> or due to the user indicating a preference for navigating
+   a new <span>top-level browsing context</span>, then let <var>new</var> be true. Otherwise, let it
+   be false.</p></li>
 
    <li><p>Interpret <var>features</var> <span data-x="dom-open-features">as defined in the CSSOM
    View specification</span>. <ref spec="CSSOMVIEW"></p></li>
@@ -78721,9 +78732,8 @@ callback <dfn>FrameRequestCallback</dfn> = void (<span>DOMHighResTimeStamp</span
 
     <ol>
 
-     <li><p>If the result of <span data-x="split a string on commas">splitting <var>features</var>
-     on commas</span> contains the token "<code data-x="">noopener</code>", <span data-x="disowned
-     its opener">disown <var>target browsing context</var>'s opener</span>, and return <code
+     <li><p>If <var>disown opener</var> is true, <span data-x="disowned its opener">disown
+     <var>target browsing context</var>'s opener</span>, and return <code
      data-x="">null</code>.</p></li>
 
      <li><p>Otherwise, return the <code>WindowProxy</code> object of <var>target browsing
@@ -80196,7 +80206,7 @@ callback <dfn>FrameRequestCallback</dfn> = void (<span>DOMHighResTimeStamp</span
   <p>Every <span>top-level browsing context</span> has a <dfn>popup sandboxing flag set</dfn>, which
   is a <span>sandboxing flag set</span>. When a <span>browsing context</span> is created, its
   <span>popup sandboxing flag set</span> must be empty. It is populated by <span>the rules for
-  choosing a browsing context given a browsing context name</span>.</p>
+  choosing a browsing context</span>.</p>
 
   <p>Every <span>browsing context</span> that is a <span>nested browsing context</span> has an
   <dfn><code>iframe</code> sandboxing flag set</dfn>, which is a <span>sandboxing flag set</span>.