diff --git a/source b/source
index 65d22ac3fe0..a40522aade3 100644
--- a/source
+++ b/source
@@ -18647,8 +18647,8 @@ interface HTMLAnchorElement : HTMLElement {
triggered by user activation; or, if the user has not indicated a specific
browsing context for following the link, and the element's target
attribute is present, and applying the rules
- for choosing a browsing context given a browsing context name, using the value of the
- target
attribute as the browsing context name, would
+ for choosing a browsing context, using the value of the target
attribute as the browsing context name, would
result in there not being a chosen browsing context, then run these substeps:
Otherwise, if subject is an a
or area
element
- that has a target
attribute, then let target be the browsing context that is chosen by applying the
- rules for choosing a browsing context given a browsing context name, using the value of
- the target
attribute as the browsing context name. If
- these rules result in the creation of a new browsing context, set replace to true.
target
attribute, then let
+ target be the browsing context that is chosen by applying the
+ rules for choosing a browsing context, using the value of the target
attribute as the browsing context name, and
+ a disown opener flag of true if the element has a rel
+ attribute whose value is "noopener
" or "noreferrer
", and false otherwise. If these rules result in the creation of a
+ new browsing context, set replace to true.
Otherwise, if target is an a
or area
element
with no target
attribute, but the
Document
contains a base
element with a target
attribute, then let target be the
browsing context that is chosen by applying the rules for choosing a browsing
- context given a browsing context name, using the value of the target
attribute of the first such base
element as
- the browsing context name. If these rules result in the creation of a new browsing
- context, set replace to true.
target
attribute
+ of the first such base
element as the browsing context name, and a disown opener
+ flag of true if the element has a rel
+ attribute whose value is "noopener
" or "noreferrer
", and false otherwise. If these rules result in the creation of a
+ new browsing context, set replace to true.
+
Otherwise, let target be source.
@@ -37493,10 +37500,9 @@ interface HTMLAreaElement : HTMLElement { attribute and the algorithm is not triggered by user activation; or, if the user has not indicated a specific browsing context for following the link, and the element'starget
attribute is present, and applying
- the rules for choosing a browsing context given a browsing context name, using the
- value of the target
attribute as the browsing
- context name, would result in there not being a chosen browsing context, then run these
- substeps:
+ the rules for choosing a browsing context, using the value of the target
attribute as the browsing context name, would
+ result in there not being a chosen browsing context, then run these substeps:
If the user indicated a specific browsing context to use when submitting the form, then let target browsing context be that browsing context. - Otherwise, apply the rules for choosing a browsing context given a browsing context - name using target as the name and form browsing - context as the context in which the algorithm is executed, and let target - browsing context be the resulting browsing context.
If target browsing context was created in the previous step, or,
alternatively, if the form document has not yet completely
@@ -77856,15 +77862,16 @@ console.assert(iframeWindow.frameElement === null);
Most of the restrictions on sandboxed browsing contexts are applied by
other algorithms, e.g. the navigation algorithm, not the rules
- for choosing a browsing context given a browsing context name given below.
The rules for choosing a browsing context given a browsing context name are as - follows. The rules assume that they are being applied in the context of a browsing - context, as part of the execution of a task.
+The rules for choosing a browsing context given a browsing context name and disown + opener flag are as follows. The rules assume that they are being applied in the context of a + browsing context, as part of the execution of a task.
A new auxiliary browsing context must be created, with the opener
- browsing context being the current one. If the given browsing context name is not
- _blank
, then the new auxiliary browsing context's name must be the
- given browsing context name (otherwise, it has no name). The chosen browsing context must be
- this new browsing context.
A new top-level browsing context must be created. Its opener
+ browsing context is the current one if the disown opener flag is false, and empty
+ otherwise. If the given browsing context name is not _blank
, then the
+ new browsing context's name must be the given browsing context name (otherwise, it has no
+ name). The chosen browsing context must be this new browsing context.
If the newly created browsing context is immediately navigated, then the navigation will be done with replacement
@@ -78626,6 +78633,10 @@ callback FrameRequestCallback = void (DOMHighResTimeStamp If target is the empty string, let it be the string " Let disown opener be true if the result of splitting features on commas contains the token " If the user has indicated a preference for which browsing context to navigate,
@@ -78649,19 +78660,19 @@ callback FrameRequestCallback = void (DOMHighResTimeStamp
- Otherwise, apply the rules for choosing a browsing context given a browsing context
- name using target as the name and source browsing context as the
- context in which the algorithm is executed. If this results in there not being a chosen browsing
- context, then throw an " Otherwise, apply the rules for choosing a browsing context using
+ target as the name, disown opener, and source browsing context
+ as the context in which the algorithm is executed. If this results in there not being a chosen
+ browsing context, then throw an " If target browsing context was just created, either as part of the rules
- for choosing a browsing context given a browsing context name or due to the user
- indicating a preference for navigating a new top-level browsing context, then let
- new be true. Otherwise, let it be false._blank
" instead.noopener
"
+
InvalidAccessError
" DOMException
- and abort these steps. Otherwise, let target browsing context be the browsing
- context so obtained.InvalidAccessError
"
+ DOMException
and abort these steps. Otherwise, let target browsing
+ context be the browsing context so obtained.
Interpret features as defined in the CSSOM View specification.
If the result of splitting features
- on commas contains the token " If disown opener is true, disown
+ target browsing context's opener, and return noopener
", disown target browsing context's opener, and return null
.
Otherwise, return the WindowProxy
object of target browsing
@@ -80196,7 +80206,7 @@ callback FrameRequestCallback = void (DOMHighResTimeStampEvery top-level browsing context has a popup sandboxing flag set, which
is a sandboxing flag set. When a browsing context is created, its
popup sandboxing flag set must be empty. It is populated by the rules for
- choosing a browsing context given a browsing context name.
Every browsing context that is a nested browsing context has an
iframe
sandboxing flag set, which is a sandboxing flag set.