diff --git a/spec/index.bs b/spec/index.bs index 55e3bda..2cb2f61 100644 --- a/spec/index.bs +++ b/spec/index.bs @@ -1091,18 +1091,6 @@ Given a {{TrustedType}} type (|expectedType|), a [=realm/global object=] (|globa Given an {{HTMLScriptElement}} (|script|), this algorithm performs the following steps: -1. If |script| does not have a <{script/src}> content attribute, set its {{HTMLScriptElement/[[ScriptURL]]}} internal slot value to `null`. - -1. Otherwise, if |script|'s {{HTMLScriptElement/[[ScriptURL]]}} internal slot value is not equal to its <{script/src}> attribute value, - set |script|'s {{HTMLScriptElement/[[ScriptURL]]}} to the result of executing [$Get Trusted Type compliant string$], with the following arguments: - * {{TrustedScriptURL}} as |expectedType|, - * |script|'s {{Document}}'s [=relevant global object=] as |global|, - * |script|'s <{script/src}> attribute value as |input|, - * `HTMLScriptElement src` as |sink|, - * `'script'` as |sinkGroup|. - - If the algorithm threw an error, rethrow the error and abort further steps. - 1. If |script|'s {{HTMLScriptElement/[[ScriptText]]}} internal slot value is not equal to its [=child text content=], set |script|'s {{HTMLScriptElement/[[ScriptText]]}} to the result of executing [$Get Trusted Type compliant string$], with the following arguments: * {{TrustedScriptURL}} as |expectedType|, @@ -1113,6 +1101,20 @@ Given an {{HTMLScriptElement}} (|script|), this algorithm performs the following If the algorithm threw an error, rethrow the error. +## Validate attribute mutation ## {#validate-attribute-mutation} +Given {{Attr}} |attribute|, {{Element}} |element| and {{TrustedType}} or a string |newValue|, this algorithm performs the following steps: + +1. If |element| has an IDL attribute that [=reflects=] a content attribute with |attribute|'s [=Attr/local name=], let |idlAttribute| be that IDL attribute. Otherwise, return stringified |newValue|. +1. If {{StringContext}} IDL extended attribute does not appears on |idlAttribute|, return stringified |newValue|. +1. Set |value| to the result of executing [$Get Trusted Type compliant string$] with the following arguments: + * {{StringContext}} identifier as |expectedType| + * |newValue| as |input| + * |element|'s relevant global object as |global| + * the result of [=concatenating=] the list « |element|'s [=Element/local name=], |attribute|'s |localName| » with `"."` as a |separator| as |sink| + * 'script' as |sinkGroup| + + If the algorithm threw an error, rethrow the error. + # Integrations # {#integrations} 
@@ -1245,15 +1247,8 @@ partial interface Document {
 
 #### Slots with trusted values #### {#slots-with-trusted-values}
 
-Issue: Figure out if we can drop {{HTMLScriptElement/[[ScriptURL]]}} slot after IDL + DOM changes.
-
 This document modifies {{HTMLScriptElement}}s. Each script has:
 
-: `[[ScriptURL]]` internal slot.
-::  A string, containing the URL to execute the script from
-    that was set through a {{StringContext}} compliant sink. Equivalent to
-    {{HTMLScriptElement/src}} attribute value. Initially null.
-
 : `[[ScriptText]]` internal slot.
 ::  A string, containing the body of the script to execute that was set
     through a {{StringContext}} compliant sink. Equivalent to script's
@@ -1283,12 +1278,6 @@ On setting the {{HTMLElement/innerText}}, {{Node/textContent}} and {{HTMLScriptE
 1. Set {{HTMLScriptElement/[[ScriptText]]}} internal slot value to the stringified attribute value.
 1. Perform the usual attribute setter steps.
 
-
-On setting the {{HTMLScriptElement/src}} IDL attribute, execute the following algorithm:
-
-1. Set {{HTMLScriptElement/[[ScriptURL]]}} internal slot value to the stringified attribute value.
-1. Perform the usual attribute setter steps.
-
 #### Slot value verification #### {#slot-value-verification}
 
 The first few steps of the [=prepare the script element=] algorithm are modified as follows:
@@ -1312,14 +1301,6 @@ The first few steps of the [=prepare the script element=] algorithm are modified
   
  • Let source text be el's child text content. `[[ScriptText]]` internal slot value.
   
  • ...
   
-  
    In all subsequent steps, replace checks for src attribute existence with checks for non-null `[[ScriptURL]]` internal slot value, and replace references of src content attribute value with `[[ScriptURL]]` internal slot value. For example:
-  
      
-  
    • If el does not have a src content attributeel's `[[ScriptURL]]` internal slot value is null, and the Should element's inline
-   behavior be blocked by Content Security Policy? algorithm returns "Blocked" when given el, "script", and
-   source text, then return.
-   
    • If el's has a src content attribute`[[ScriptURL]]` internal slot value is not null, then:
-  
    • Let src be the value of el's src attribute`[[ScriptURL]]` internal slot.
-  
    
 
 ### Enforcement in element attributes ### {#enforcement-in-sinks}
 
@@ -1495,45 +1476,6 @@ On setting {{SVGAnimatedString/baseVal}}, the following steps are run:
 
 Note: SVG does not have a complete script processing model yet. Trusted Types assumes that the attribute and text body modification protections behave similarly to ones for HTML scripts outlined in [[#enforcement-in-scripts]].
 
-## Integration with DOM ## {#integration-with-dom}
-
-This document modifies the {{Element}} interface, adding attribute validation steps:
-
-
    This and other specifications may define
-attribute validation steps for
-elements. The algorithm is passed element, localName,
-value, and namespace.
-
-This document changes the  handle attribute changes algorithm, adding the following step at the beginning:
-
      
- 
    1. Run the attribute validation steps with element,
- attribute's local name, newValue and
- attribute's namespace. If this throws an exception, then
- rethrow the exception and abort further steps.
-
    
-
-Additionally, this document changes the append an attribute algorithm:
-
-
    To append an
-attribute attribute to an element element
-with a value, run these steps:
-
-
      
- 
    1. Handle attribute changes for attribute with element, null, and
- attribute's valuevalue.
-
- 
    2. Set attribute's value to value.
-
- 
    3. Append attribute to element's
- attribute list.
- 
    4. Set attribute's element to element.
-
    
-
-Callers of this algorithm are changed accordingly.
-
-Issue: Remove when DOM #809 is merged.
-
-
 ## Integration with DOM Parsing ## {#integration-with-dom-parsing}
 
 This document modifies the following interfaces defined by [[DOM-Parsing]]: