Add a disallowdocumentaccess iframe attribute to prevent access from one

document to another.

Add steps that cause a newly created browsing context group at the iframe
boundary.

Fixes #4435

source

@@ -30110,6 +30110,7 @@ href="?audio">audio&lt;/a> test instead.)&lt;/p></code></pre>
    <dd><code data-x="attr-iframe-allow">allow</code></dd>
    <dd><code data-x="attr-iframe-allowfullscreen">allowfullscreen</code></dd>
    <dd><code data-x="attr-iframe-allowpaymentrequest">allowpaymentrequest</code></dd>
+   <dd><code data-x="attr-iframe-disallowdocumentaccess">disallowdocumentaccess</code></dd>
    <dd><code data-x="attr-dim-width">width</code></dd>
    <dd><code data-x="attr-dim-height">height</code></dd>
    <dd><code data-x="attr-iframe-referrerpolicy">referrerpolicy</code></dd>
@@ -30130,6 +30131,7 @@ interface <dfn>HTMLIFrameElement</dfn> : <span>HTMLElement</span> {
   [<span>CEReactions</span>] attribute DOMString <span data-x="dom-iframe-allow">allow</span>;
   [<span>CEReactions</span>] attribute boolean <span data-x="dom-iframe-allowFullscreen">allowFullscreen</span>;
   [<span>CEReactions</span>] attribute boolean <span data-x="dom-iframe-allowPaymentRequest">allowPaymentRequest</span>;
+  [<span>CEReactions</span>] attribute boolean <span data-x="dom-iframe-disallowDocumentAccess">disallowDocumentAccess</span>;
   [<span>CEReactions</span>] attribute DOMString <span data-x="dom-dim-width">width</span>;
   [<span>CEReactions</span>] attribute DOMString <span data-x="dom-dim-height">height</span>;
   [<span>CEReactions</span>] attribute DOMString <span data-x="dom-iframe-referrerPolicy">referrerPolicy</span>;
@@ -30720,6 +30722,12 @@ interface <dfn>HTMLIFrameElement</dfn> : <span>HTMLElement</span> {
   data-x="navigate">navigated</span>. Adding or removing them has no effect on an already-loaded
   document.</p>
 
+  <p>The <dfn><code data-x="attr-iframe-disallowdocumentaccess">disallowdocumentaccess</code></dfn>
+  attribute is a <span>boolean attribute</span>. When specified, it indicates that
+  the <code>iframe</code> element's <span>nested browsing context</span> will contain a newly
+  created <span>agent cluster map</span>. This will cause any <span>agent</span> to be created
+  in for a <span>browsing context</span> below the <code>iframe</code> element not to share the
+  same <span>agent</span> thereby not being allowed to share data.</p>
 
   <hr> <!-- DIM ATTRIBUTES -->
 
@@ -30771,6 +30779,11 @@ interface <dfn>HTMLIFrameElement</dfn> : <span>HTMLElement</span> {
   attribute must <span>reflect</span> the <code
   data-x="attr-iframe-allowpaymentrequest">allowpaymentrequest</code> content attribute.</p>
 
+  <p>The <dfn><code data-x="dom-iframe-disallowDocumentAccess">disallowDocumentAccess</code></dfn>
+  IDL attribute must <span>reflect</span> the <code
+  data-x="attr-iframe-disallowdocumentaccess">disallowdocumentaccessallowfullscreen</code> content
+  attribute.</p>
+
   <p>The <dfn><code data-x="dom-iframe-referrerPolicy">referrerPolicy</code></dfn> IDL attribute
   must <span>reflect</span> the <code data-x="attr-iframe-referrerpolicy">referrerpolicy</code>
   content attribute, <span>limited to only known values</span>.</p>
@@ -78984,6 +78997,12 @@ dictionary <dfn>DragEventInit</dfn> : <span>MouseEventInit</span> {
   <code>Document</code>, if any such browsing context exists and has not been <span data-x="a
   browsing context is discarded">discarded</span>, and null otherwise.</p>
 
+  <p>A <span>browsing context</span> has an associated <dfn>agent cluster map</dfn> (a weak
+  <span data-x="ordered map">map</span> of <span data-x="agent cluster key">agent cluster
+  keys</span> to <span data-x="agent cluster">agent clusters</span>). User agents are
+  responsible for collecting agent clusters when it is deemed that nothing can access them
+  anymore.</p>
+
   <p class="note">In general, there is a 1-to-1 mapping from the <code>Window</code> object to the
   <code>Document</code> object, as long as the <code>Document</code> object has a non-null <span
   data-x="concept-document-bc">browsing context</span>. There is one exception. A
@@ -79071,15 +79090,18 @@ dictionary <dfn>DragEventInit</dfn> : <span>MouseEventInit</span> {
   </ol>
 
   <p>To <dfn data-x="creating a new browsing context">create a new browsing context</dfn>, given
-  null or a <code>Document</code> object <var>creator</var> and <span>browsing context group</span>
-  <var>group</var>:</p>
+  null or a <code>Document</code> object <var>creator</var> and <span>agent cluster map</span>
+  <var>clusterMap</var>:</p>
 
   <!-- Note: Do not append the new browsing context to group as we might be creating a nested
        browsing context and not a top level browsing context -->
 
   <ol>
    <li><p>Let <var>browsingContext</var> be a new <span>browsing context</span>.</p></li>
 
+   <li><p>Let <var>browsingContext</var>'s <span>agent cluster map</span> be
+   <var>clusterMap</var>.</p></li>
+
    <li id="creator-browsing-context"><p>If <var>creator</var> is non-null, then set
    <var>browsingContext</var>'s <span>creator origin</span> to return <var>creator</var>'s
    <span>origin</span>, <var>browsingContext</var>'s <span>creator URL</span> to return
@@ -79099,7 +79121,7 @@ dictionary <dfn>DragEventInit</dfn> : <span>MouseEventInit</span> {
 
    <li><p>Let <var>agent</var> be the result of <span
    data-x="obtain-similar-origin-window-agent">obtaining a similar-origin window agent</span> given
-   <var>origin</var> and <var>group</var>.</p></li>
+   <var>origin</var> and <var>browsingContext</var>.</p></li>
 
    <li>
     <p>Let <var>realm execution context</var> be the result of <span>creating a new JavaScript
@@ -79171,7 +79193,8 @@ dictionary <dfn>DragEventInit</dfn> : <span>MouseEventInit</span> {
    this directly.</p></li>
 
    <li><p>Let <var>browsingContext</var> be the result of <span>creating a new browsing
-   context</span> with <var>opener</var>'s <span>active document</span> and <var>group</var>.</p></li>
+   context</span> with <var>opener</var>'s <span>active document</span> and <var>opener</var>'s
+   <span>agent cluster map</span>.</p></li>
 
    <li><p><span data-x="bcg append">Append</span> <var>browsingContext</var> to
    <var>group</var>.</p></li>
@@ -79201,10 +79224,17 @@ dictionary <dfn>DragEventInit</dfn> : <span>MouseEventInit</span> {
   given an element <var>element</var>:</p>
 
   <ol>
-   <li><p>Let <var>browsingContext</var> be the result of <span>creating a new browsing
-   context</span> with <var>element</var>'s <span>node document</span> and <var>element</var>'s
+   <li><p>Let <var>agentClusterMap</var> be <var>element</var>'s
    <span>node document</span>'s <span data-x="concept-document-bc">browsing context</span>'s
-   <span>top-level browsing context</span>'s <span data-x="tlbc group">group</span>.</p></li>
+   <span>agent cluster map</span>.</p></li>
+
+   <li><p>If <var>element</var> is an <span>iframe</span> element and <var>element</var>'s <code
+   data-x="attr-iframe-disallowdocumentaccess">disallowdocumentaccess</code> attribute is set then
+   let <var>agentClusterMap</var> be a new <span>agent cluster map</span>.</p></li>
+
+   <li><p>Let <var>browsingContext</var> be the result of <span>creating a new browsing
+   context</span> with <var>element</var>'s <span>node document</span> and
+   <var>agentClusterMap</var>.</p></li>
 
    <li><p>Set <var>element</var>'s <span>nested browsing context</span> to
    <var>browsingContext</var>.</p></li>
@@ -79666,11 +79696,6 @@ console.assert(iframeWindow.frameElement === null);
   <p>A <dfn>browsing context group</dfn> holds a <dfn>browsing context set</dfn> (a <span>set</span>
   of <span data-x="top-level browsing context">top-level browsing contexts</span>).</p>
 
-  <p>A <span>browsing context group</span> has an associated <dfn>agent cluster map</dfn> (a weak
-  <span data-x="ordered map">map</span> of <span data-x="agent cluster key">agent cluster
-  keys</span> to <span data-x="agent cluster">agent clusters</span>). User agents are responsible
-  for collecting agent clusters when it is deemed that nothing can access them anymore.</p>
-
   <p>To <dfn data-x="creating a new browsing context group">create a new browsing context
   group</dfn>, run these steps:</p>
 
@@ -91471,8 +91496,8 @@ import "https://example.com/foo/../module2.mjs";</code></pre>
   </ol>
 
   <p>To <dfn data-x="obtain-similar-origin-window-agent">obtain a similar-origin window agent</dfn>,
-  given an <span>origin</span> <var>origin</var> and <span>browsing context group</span>
-  <var>group</var>, run these steps:</p>
+  given an <span>origin</span> <var>origin</var> and <span>browsing context</span>
+  <var>context</var>, run these steps:</p>
 
   <ol>
    <li><p>Let <var>clusterKey</var> be the result of <span
@@ -91481,27 +91506,27 @@ import "https://example.com/foo/../module2.mjs";</code></pre>
 
    <li><p>Let <var>agentCluster</var> be the result of <span
    data-x="obtain-browsing-agent-cluster">obtaining a browsing context agent cluster</span> with
-   <var>group</var> and <var>clusterKey</var>.</p></li>
+   <var>context</var> and <var>clusterKey</var>.</p></li>
 
    <li><p>Return the single <span>similar-origin window agent</span> contained in
    <var>agentCluster</var>.</p></li>
   </ol>
 
   <p>To <dfn data-x="obtain-browsing-agent-cluster">obtain a browsing context agent cluster</dfn>,
-  given a <span>browsing context group</span> <var>group</var> and <span>agent cluster key</span>
+  given a <span>browsing context</span> <var>context</var> and <span>agent cluster key</span>
   <var>key</var>, run these steps:</p>
 
   <ol>
    <li>
-    <p>If <var>group</var>'s <span>agent cluster map</span>[<var>key</var>] <span data-x="map
+    <p>If <var>context</var>'s <span>agent cluster map</span>[<var>key</var>] <span data-x="map
     exists">does not exist, then:</span></p>
     <ol>
      <li><p>Let <var>agentCluster</var> be a new <span>agent cluster</span>.</p></li>
 
      <li><p>Add the result of <span data-x="similar-origin window agent">creating a similar-origin
      window agent</span> to <var>agentCluster</var>.</p></li>
 
-     <li><p>Set <var>group</var>'s <span>agent cluster map</span>[<var>key</var>] to
+     <li><p>Set <var>context</var>'s <span>agent cluster map</span>[<var>key</var>] to
      <var>agentCluster</var>.</p></li>
     </ol>
    </li>
@@ -122033,6 +122058,11 @@ interface <dfn>External</dfn> {
      <td> <code data-x="attr-iframe-allowpaymentrequest">iframe</code>
      <td> Whether the <code>iframe</code>'s contents are allowed to use the <code>PaymentRequest</code> interface to make payment requests
      <td> <span>Boolean attribute</span>
+    <tr>
+     <th> <code data-x="">disallowdocumentaccess</code>
+     <td> <code data-x="attr-iframe-disallowdocumentaccess">iframe</code>
+     <td> Whether the <code>iframe</code>'s <span>nested browsing context</span> inherits the <span>browsing context group</span> or not
+     <td> <span>Boolean attribute</span>
     <tr>
      <th> <code data-x="">alt</code>
      <td> <code data-x="attr-area-alt">area</code>;