Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ensure that 'noopener' does not reuse a browsing context #1842

Closed
wants to merge 2 commits into from
Closed
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
104 changes: 60 additions & 44 deletions source
Original file line number Diff line number Diff line change
Expand Up @@ -18558,9 +18558,12 @@ interface <dfn>HTMLAnchorElement</dfn> : <span>HTMLElement</span> {
<span>triggered by user activation</span>; or, if the user has not indicated a specific
<span>browsing context</span> for following the link, and the element's <code
data-x="attr-hyperlink-target">target</code> attribute is present, and applying <span>the rules
for choosing a browsing context given a browsing context name</span>, using the value of the
<code data-x="attr-hyperlink-target">target</code> attribute as the browsing context name, would
result in there not being a chosen browsing context, then run these substeps:</p>
for choosing a browsing context</span>, using the value of the <code
data-x="attr-hyperlink-target">target</code> attribute as the browsing context name, and a
disown opener flag of true if the element has a <code data-x="attr-hyperlink-rel">rel</code>
attribute whose value is "<code data-x="">noopener</code>" or "<code
data-x="">noreferrer</code>", and false otherwise would result in there not being a chosen
browsing context, then run these substeps:</p>

<ol>

Expand Down Expand Up @@ -22142,20 +22145,27 @@ interface <dfn>HTMLHyperlinkElementUtils</dfn> {
<span>one permitted sandboxed navigator</span>.</p>

<p>Otherwise, if <var>subject</var> is an <code>a</code> or <code>area</code> element
that has a <code data-x="attr-hyperlink-target">target</code> attribute, then let <var>target</var> be the <span>browsing context</span> that is chosen by applying <span>the
rules for choosing a browsing context given a browsing context name</span>, using the value of
the <code data-x="attr-hyperlink-target">target</code> attribute as the browsing context name. If
these rules result in the creation of a new <span>browsing context</span>, set <var>replace</var> to true.</p>
that has a <code data-x="attr-hyperlink-target">target</code> attribute, then let
<var>target</var> be the <span>browsing context</span> that is chosen by applying <span>the
rules for choosing a browsing context</span>, using the value of the <code
data-x="attr-hyperlink-target">target</code> attribute as the browsing context name, and
a disown opener flag of true if the element has a <code data-x="attr-hyperlink-rel">rel</code>
attribute whose value is "<code data-x="">noopener</code>" or "<code
data-x="">noreferrer</code>", and false otherwise. If these rules result in the creation of a
new <span>browsing context</span>, set <var>replace</var> to true.</p>

<p>Otherwise, if <var>target</var> is an <code>a</code> or <code>area</code> element
with no <code data-x="attr-hyperlink-target">target</code> attribute, but the
<code>Document</code> contains a <code>base</code> element with a <code
data-x="attr-base-target">target</code> attribute, then let <var>target</var> be the
<span>browsing context</span> that is chosen by applying <span>the rules for choosing a browsing
context given a browsing context name</span>, using the value of the <code
data-x="attr-base-target">target</code> attribute of the first such <code>base</code> element as
the browsing context name. If these rules result in the creation of a new <span>browsing
context</span>, set <var>replace</var> to true.</p> <!-- c.f. concept-fs-target -->
context</span>, using the value of the <code data-x="attr-base-target">target</code> attribute
of the first such <code>base</code> element as the browsing context name, and a disown opener
flag of true if the element has a <code data-x="attr-hyperlink-rel">rel</code>
attribute whose value is "<code data-x="">noopener</code>" or "<code
data-x="">noreferrer</code>", and false otherwise. If these rules result in the creation of a
new <span>browsing context</span>, set <var>replace</var> to true.</p>
<!-- c.f. concept-fs-target -->

<p>Otherwise, let <var>target</var> be <var>source</var>.</p>

Expand Down Expand Up @@ -37402,10 +37412,12 @@ interface <dfn>HTMLAreaElement</dfn> : <span>HTMLElement</span> {
attribute and the algorithm is not <span>triggered by user activation</span>; or, if the user
has not indicated a specific <span>browsing context</span> for following the link, and the
element's <code data-x="attr-hyperlink-target">target</code> attribute is present, and applying
<span>the rules for choosing a browsing context given a browsing context name</span>, using the
value of the <code data-x="attr-hyperlink-target">target</code> attribute as the browsing
context name, would result in there not being a chosen browsing context, then run these
substeps:</p>
<span>the rules for choosing a browsing context</span>, using the value of the <code
data-x="attr-hyperlink-target">target</code> attribute as the browsing context name, and a
disown opener flag of true if the element has a <code data-x="attr-hyperlink-rel">rel</code>
attribute whose value is "<code data-x="">noopener</code>" or "<code
data-x="">noreferrer</code>", and false otherwise would result in there not being a chosen
browsing context, then run these substeps:</p>

<ol>

Expand Down Expand Up @@ -54677,10 +54689,10 @@ fur

<li><p>If the user indicated a specific <span>browsing context</span> to use when submitting the
form, then let <var>target browsing context</var> be that <span>browsing context</span>.
Otherwise, apply <span>the rules for choosing a browsing context given a browsing context
name</span> using <var>target</var> as the name and <var>form browsing
context</var> as the context in which the algorithm is executed, and let <var>target
browsing context</var> be the resulting <span>browsing context</span>.</p></li>
Otherwise, apply <span>the rules for choosing a browsing context</span> using <var>target</var>
as the name, false as the disown opener flag, and <var>form browsing context</var> as the context
in which the algorithm is executed, and let <var>target browsing context</var> be the resulting
<span>browsing context</span>.</p></li>

<li><p>If <var>target browsing context</var> was created in the previous step, or,
alternatively, if the <var>form document</var> has not yet <span>completely
Expand Down Expand Up @@ -77877,15 +77889,16 @@ console.assert(iframeWindow.frameElement === null);

<p class="tablenote"><small>Most of the restrictions on sandboxed browsing contexts are applied by
other algorithms, e.g. the <span data-x="navigate">navigation</span> algorithm, not <span>the rules
for choosing a browsing context given a browsing context name</span> given below.</small></p>
for choosing a browsing context</span> given below.</small></p>

<div w-nodev>

<hr>

<p><dfn>The rules for choosing a browsing context given a browsing context name</dfn> are as
follows. The rules assume that they are being applied in the context of a <span>browsing
context</span>, as part of the execution of a <span data-x="concept-task">task</span>.</p>
<p><dfn>The rules for choosing a browsing context</dfn> given a browsing context name and disown
opener flag are as follows. The rules assume that they are being applied in the context of a
<span>browsing context</span>, as part of the execution of a <span
data-x="concept-task">task</span>.</p>

<ol>

Expand All @@ -77911,10 +77924,10 @@ console.assert(iframeWindow.frameElement === null);
browsing context whose <span data-x="browsing context name">name</span> is the same as the given
browsing context name, and the current browsing context is <span>familiar with</span> that
browsing context, and the user agent determines that the two browsing contexts are related
enough that it is ok if they reach each other, then that browsing context must be the chosen
one. If there are multiple matching browsing contexts, the user agent should select one in some
arbitrary consistent manner, such as the most recently opened, most recently focused, or more
closely related.</p>
enough that it is ok if they reach each other, and the disown opener flag is false, then that
browsing context must be the chosen one. If there are multiple matching browsing contexts, the
user agent should select one in some arbitrary consistent manner, such as the most recently
opened, most recently focused, or more closely related.</p>

</li>

Expand Down Expand Up @@ -77962,11 +77975,12 @@ console.assert(iframeWindow.frameElement === null);
create a new browsing context:</dt>

<dd>
<p>A new <span>auxiliary browsing context</span> must be created, with the <span>opener
browsing context</span> being the current one. If the given browsing context name is not
<code data-x="">_blank</code>, then the new auxiliary browsing context's name must be the
given browsing context name (otherwise, it has no name). The chosen browsing context must be
this new browsing context.</p>
<p>A new <span>top-level browsing context</span> must be created. It will not have an
<span>opener browsing context</span> if the disown opener flag is true, otherwise its
<span>opener browsing context</span> is the current one. If the given browsing context name is
not <code data-x="">_blank</code>, then the new browsing context's name must be the given
browsing context name (otherwise, it has no name). The chosen browsing context must be this
new browsing context.</p>

<p class="note">If the newly created <span>browsing context</span> is immediately <span
data-x="navigate">navigated</span>, then the navigation will be done with <span>replacement
Expand Down Expand Up @@ -78647,6 +78661,10 @@ callback <dfn>FrameRequestCallback</dfn> = void (<span>DOMHighResTimeStamp</span
<li><p>If <var>target</var> is the empty string, let it be the string "<code
data-x="">_blank</code>" instead.</p></li>

<li><p>Let <var>disown opener</var> be true if the result of <span data-x="split a string on
commas">splitting <var>features</var> on commas</span> contains the token "<code
data-x="">noopener</code>"

<li>

<p>If the user has indicated a preference for which <span>browsing context</span> to navigate,
Expand All @@ -78670,18 +78688,18 @@ callback <dfn>FrameRequestCallback</dfn> = void (<span>DOMHighResTimeStamp</span
holds the control key down, the user agent could override the selection of the target browsing
context to instead target a new tab.</p>

<p>Otherwise, apply <span>the rules for choosing a browsing context given a browsing context
name</span> using <var>target</var> as the name and <var>source browsing context</var> as the
context in which the algorithm is executed. If this results in there not being a chosen browsing
context, then return null. Otherwise, let <var>target browsing context</var> be the
<p>Otherwise, apply <span>the rules for choosing a browsing context</span> using
<var>target</var> as the name, <var>disown opener</var>, and <var>source browsing context</var>
as the context in which the algorithm is executed. If this results in there not being a chosen
browsing context, then return null. Otherwise, let <var>target browsing context</var> be the
<span>browsing context</span> so obtained.</p>

</li>

<li><p>If <var>target browsing context</var> was just created, either as part of <span>the rules
for choosing a browsing context given a browsing context name</span> or due to the user
indicating a preference for navigating a new <span>top-level browsing context</span>, then let
<var>new</var> be true. Otherwise, let it be false.</p></li>
for choosing a browsing context</span> or due to the user indicating a preference for navigating
a new <span>top-level browsing context</span>, then let <var>new</var> be true. Otherwise, let it
be false.</p></li>

<li><p>Interpret <var>features</var> <span data-x="dom-open-features">as defined in the CSSOM
View specification</span>. <ref spec="CSSOMVIEW"></p></li>
Expand Down Expand Up @@ -78741,10 +78759,8 @@ callback <dfn>FrameRequestCallback</dfn> = void (<span>DOMHighResTimeStamp</span

<ol>

<li><p>If the result of <span data-x="split a string on commas">splitting <var>features</var>
on commas</span> contains the token "<code data-x="">noopener</code>", then <span
data-x="disowned its opener">disown <var>target browsing context</var>'s opener</span> and
return null.</p></li>
<li><p>If <var>disown opener</var> is true, and <var>new</var> is true, then return <code
data-x="">null</code>.</p></li>

<li><p>Otherwise, return the <code>WindowProxy</code> object of <var>target browsing
context</var>.</p></li>
Expand Down Expand Up @@ -80216,7 +80232,7 @@ callback <dfn>FrameRequestCallback</dfn> = void (<span>DOMHighResTimeStamp</span
<p>Every <span>top-level browsing context</span> has a <dfn>popup sandboxing flag set</dfn>, which
is a <span>sandboxing flag set</span>. When a <span>browsing context</span> is created, its
<span>popup sandboxing flag set</span> must be empty. It is populated by <span>the rules for
choosing a browsing context given a browsing context name</span>.</p>
choosing a browsing context</span>.</p>

<p>Every <span>browsing context</span> that is a <span>nested browsing context</span> has an
<dfn><code>iframe</code> sandboxing flag set</dfn>, which is a <span>sandboxing flag set</span>.
Expand Down