Much of the navigation process is concerned with determining how to create a new
+ Document, which ultimately happens in the create and initialize a Document object
+ algorithm. The parameters to this algorithm are tracked via a navigation params
+ struct, which has the following items:
DocumentDocumentDocumentDocumentOnce a navigation params struct is created, this standard does not + mutate any of its items. They are only passed onward to other + algorithms.
+Navigation always involves source browsing context, which is the browsing context which was responsible for starting the navigation.
@@ -82568,16 +82607,20 @@ interface Location { // but see also url, finalSandboxFlags, incumbentNavigationOrigin, and activeDocumentNavigationOrigin. -Let responseCOOP be "unsafe-none".
Let browsingContextSwitchNeeded be false.
Run process a navigate response with null, resource, - navigationType, the source browsing context, - browsingContext, finalSandboxFlags, responseOrigin, - incumbentNavigationOrigin, activeDocumentNavigationOrigin, null, - responseCOOP, and browsingContextSwitchNeeded.
Let navigationParams be a new navigation params whose request is null, response is resource, origin is responseOrigin, final sandboxing flag set is
+ finalSandboxFlags, cross-origin opener
+ policy is "unsafe-none", reserved environment is null, browsing context is
+ browsingContext, and browsing
+ context switch needed is false.
Run process a navigate response with navigationType, the + source browsing context, and navigationParams.
Run process a navigate response with resource, - response, navigationType, the source browsing context, - browsingContext, finalSandboxFlags, - activeDocumentNavigationOrigin, incumbentNavigationOrigin, - activeDocumentNavigationOrigin, null, browsingContext's active - document's cross-origin opener policy, and - false.
Let navigationParams be a new navigation params whose request is resource, response is response, origin is activeDocumentNavigationOrigin, + final sandboxing flag set is + finalSandboxFlags, cross-origin opener + policy is browsingContext's active document's cross-origin opener policy, reserved environment is null, browsing context is + browsingContext, and browsing + context switch needed is false.
Run process a navigate response with navigationType, the + source browsing context, and navigationParams.
So for example a
- Run process a navigate response given request,
- response, navigationType, the source browsing context,
- browsingContext, finalSandboxFlags, responseOrigin,
- incumbentNavigationOrigin, activeDocumentNavigationOrigin,
- responseCOOP, browsingContextSwitchNeeded, and
- reservedEnvironment. Let navigationParams be a new navigation params whose request is request, response is response, origin is responseOrigin, final sandboxing flag set is
+ finalSandboxFlags, cross-origin opener
+ policy is responseCOOP, reserved environment is
+ reservedEnvironment, browsing
+ context is browsingContext, and browsing context switch needed is
+ browsingContextSwitchNeeded. Run process a navigate response with navigationType, the
+ source browsing context, and navigationParams. To process a navigate response, given null or a request request, a response response, a string navigationType,
- two browsing contexts source and
- browsingContext, a sandboxing flag set finalSandboxFlags, three
- origins finalResponseOrigin,
- incumbentNavigationOrigin, and activeDocumentNavigationOrigin, a
- cross-origin opener policy responseCOOP, a boolean
- browsingContextSwitchNeeded, and null or an environment
- reservedEnvironment, run these steps: To process a navigate response, given a string
+ navigationType, a browsing context source, and a
+ navigation params navigationParams: Let response be navigationParams's response. If any of the following are true, then display the inline
- content with an appropriate error shown to the user, with the newly created
- If any of the following are true: response is a network error. response is a network error. TODO: Define The Should navigation response to navigation request of type from source in target
be blocked by Content Security Policy? algorithm returns "
+
Document object's origin set to a new opaque origin, run the environment discarding steps for reservedEnvironment, and
- return.
-
X-Frame-Options processing here (tracked
as issue #1230).Blocked" when executed upon request, response,
- navigationType, source, and browsingContext.
The result of checking a - navigation response's adherence to its embedder policy with response - and browsingContext is false.
then:
+ +Display the inline content with an appropriate error + shown to the user given navigationParams's browsing context.
Run the environment discarding steps + for navigationParams's reserved environment.
Return.
This is where the network errors defined and propagated by Fetch, such as DNS or TLS errors, end up being displayed to users.
-If response's status is
- 204 or 205, then return.
If response's status is 204 or 205, then return.
If response has an `Content-Disposition` header specifying the attachment disposition type, then run the allowed to
- download algorithm with the source browsing context of the navigation and the
- browsing context being navigated. If the algorithm returns false,
- return; otherwise, handle response as a download and return.
If response has a `Content-Disposition` header specifying the attachment disposition type, then:
Let allowed be the result of running the allowed to download given + source and navigationParams's browsing context.
If allowed is true, then handle response + as a download.
Return.
Let type be the computed type of response.
text/vtt"multipart/x-mixed-replace"An explicitly supported XML MIME type is an XML MIME type for which
the user agent is configured to use an external application to render the content (either a
- plugin rendering directly in browsingContext, or a separate
- application), or one for which the user agent has dedicated processing rules (e.g. a web browser
- with a built-in Atom feed viewer would be said to explicitly support the
+ plugin rendering directly in navigationParams's browsing context, or a separate application),
+ or one for which the user agent has dedicated processing rules (e.g. a web browser with a
+ built-in Atom feed viewer would be said to explicitly support the
application/atom+xml MIME type), or one for which the user agent has a dedicated
handler.
An explicitly supported JSON MIME type is a JSON MIME type for which the user agent is configured to use an external application to render the content (either a - plugin rendering directly in browsingContext, or a separate - application), or one for which the user agent has dedicated processing rules, or one for which - the user agent has a dedicated handler.
+ plugin rendering directly in navigationParams's browsing context, or a separate application), + or one for which the user agent has dedicated processing rules, or one for which the user agent + has a dedicated handler.Non-document content: If, given type, the new resource is to be handled by displaying some sort of inline content, e.g., a native rendering of the content or an error message because the specified type is not supported, then display the inline content, and then return.
Otherwise, the document's type is such that the resource will not affect - browsingContext, e.g., because the resource is to be handed to an external application - or because it is an unknown type that will be processed as a download. Process the resource appropriately.
+ navigationParams's browsing + context, e.g., because the resource is to be handed to an external application or because + it is an unknown type that will be processed as a download. Process the resource appropriately.To process a navigate URL scheme, given a URL url and @@ -83116,7 +83178,7 @@ interface Location { // but see also a registered handler for the given scheme. Display the - inline content.
+ inline content given browsingContext.In the case of a registered handler being used, navigate will be invoked with a new URL.
@@ -83241,51 +83303,57 @@ interface Location { // but see also create and initialize aDocument object,
given a type type, content type contentType, a request request, a response response, a browsing context browsingContext, a sandboxing flag set
- finalSandboxFlags, three origins origin,
- incumbentNavigationOrigin, activeDocumentNavigationOrigin, null or an
- environment reservedEnvironment, a cross-origin opener policy
- navigationCOOP, and a boolean browsingContextSwitchNeeded:
+ data-x="concept-document-content-type">content type contentType, and
+ navigation params navigationParams:
If browsingContextSwitchNeeded is true, set browsingContext to the - result of the obtain a browsing context to use - for a navigation response algorithm, given browsingContext, - finalSandboxFlags, and navigationCOOP.
Let browsingContext be navigationParams's browsing context.
If navigationParams's browsing context switch needed is true, then + set browsingContext to the result of the obtain a browsing context to use for a navigation + response algorithm, given browsingContext, navigationParams's final sandboxing flag set, and + navigationParams's cross-origin opener + policy.
Let permissionsPolicy be the result of creating a permissions policy from a - response given browsingContext, origin, and response. -
+ response given browsingContext, navigationParams's origin, and navigationParams's response.The creating a permissions policy from a response algorithm makes use of
- origin. If document.domain has been used
- for the browsingContext container
- document, then its origin cannot be same origin-domain with
- origin, because these steps run before the document is created, so it
- cannot itself yet have used document.domain. Note
- that this means that Permissions Policy checks are less permissive compared to doing a
- same origin check instead.
The creating a permissions policy from a response algorithm makes use of the
+ passed origin. If document.domain has
+ been used for browsingContext's container document, then its origin cannot
+ be same origin-domain with the passed origin, because these steps run before the
+ document is created, so it cannot itself yet have used document.domain. Note that this means that Permissions
+ Policy checks are less permissive compared to doing a same origin check instead.
See below for some examples of this in action.
Let creationURL be response's Let creationURL be navigationParams's response's URL.
If request is non-null, then set creationURL to request's - current URL.
If browsingContext's only entry in its session history is the
- initial about:blank Document that was added when
- browsingContext was created, and
- navigation is occurring with replacement enabled, and that Document's
- origin is same origin-domain with origin, then do
+
If navigationParams's request + is non-null, then set creationURL to navigationParams's request's current URL.
If browsingContext's only entry in its
+ session history is the initial about:blank Document that
+ was added when that browsing context was created, and navigation is occurring with replacement enabled, and
+ that Document's origin is same origin-domain with
+ navigationParams's origin, then do
nothing.
Let realm execution context be the result of creating a new JavaScript @@ -83311,7 +83379,8 @@ interface Location { // but see also origin.
If browsingContext is not a top-level browsing context, then:
@@ -83329,44 +83398,53 @@ interface Location { // but see also reserved environment, + topLevelCreationURL, and topLevelOrigin.Let document be a new Document, whose type is type, content type is contentType,
- origin is origin, origin is navigationParams's origin, permissions policy is
permissionsPolicy, active sandboxing flag set is
- finalSandboxFlags, and cross-origin opener
- policy is navigationCOOP.
Set document's URL to creationURL.
Set document's HTTPS state - to the HTTPS state of - response.
Set document's referrer
policy to the result of parsing the
- `Referrer-Policy` header of response.
Referrer-Policy` header of navigationParams's response.
Set document's embedder - policy to the result of obtaining an - embedder policy from response.
Initialize a Document's CSP list given
- document, response, and request.
If request is non-null, then set document's referrer to the serialization of request's referrer, if request's If navigationParams's request is + non-null, then set document's referrer + to the serialization of + navigationParams's request's referrer, if navigationParams's request's referrer is a URL record, and the empty string otherwise.
@@ -83376,7 +83454,8 @@ interface Location { // but see also Refresh` header, then: +If navigationParams's response
+ has a `Refresh` header, then:
Let value be the isomorphic decoding @@ -83545,21 +83624,15 @@ new PaymentRequest(…); // Allowed to use
When an HTML document is to be loaded, given a - browsingContext, request, response, finalSandboxFlags, - finalResponseOrigin, incumbentNavigationOrigin, - activeDocumentNavigationOrigin, environment, responseCOOP, and - browsingContextSwitchNeeded the user agent must queue a task on the - networking task source to:
+When an HTML document is to be loaded, given navigation params + navigationParams, the user agent must queue a task on the networking task source + to:
Let document be the result of creating and initializing a Document
- object providing "html", "text/html",
- request, response, browsingContext, finalSandboxFlags,
- finalResponseOrigin, incumbentNavigationOrigin,
- activeDocumentNavigationOrigin, environment, responseCOOP, and
- browsingContextSwitchNeeded.
html", "text/html", and
+ navigationParams.Create an HTML parser and associate it with the document. Each @@ -83593,19 +83666,14 @@ new PaymentRequest(…); // Allowed to use
When faced with displaying an XML file inline, provided browsingContext,
- request, response, finalSandboxFlags,
- finalResponseOrigin, incumbentNavigationOrigin,
- activeDocumentNavigationOrigin, environment,responseCOOP, and
- browsingContextSwitchNeeded user agents must follow the requirements defined in
- XML and Namespaces in XML, XML Media Types, DOM,
- and other relevant specifications to create and
- initialize a Document object providing "xml",
- type, request, response, browsingContext,
- finalSandboxFlags, finalResponseOrigin incumbentNavigationOrigin,
- activeDocumentNavigationOrigin, environment, responseCOOP. and
- browsingContextSwitchNeeded. It must also create and a corresponding XML
- parser.
When faced with displaying an XML file inline, provided navigation params
+ navigationParams and a string type, user agents must follow the requirements
+ defined in XML and Namespaces in XML, XML Media Types,
+ DOM, and other relevant specifications to create and initialize a Document object
+ given "xml", type, and navigationParams. They must
+ also create a corresponding XML parser.
At the time of writing, the XML specification community had not actually yet specified how XML and the DOM interact.
@@ -83649,21 +83717,15 @@ new PaymentRequest(…); // Allowed to useWhen a plain text document is to be loaded, provided a browsingContext, - request, response, finalSandboxFlags, - finalResponseOrigin, incumbentNavigationOrigin, - activeDocumentNavigationOrigin, environment,responseCOOP, and - browsingContextSwitchNeeded the user agent must queue a task on the - networking task source to: +
When a plain text document is to be loaded, provided navigation params + navigationParams and a string type, the user agent must queue a + task on the networking task source to:
Let document be the result of creating and initializing a Document object
- providing "html", type, request,
- response, browsingContext, finalSandboxFlags,
- finalResponseOrigin, incumbentNavigationOrigin,
- activeDocumentNavigationOrigin, environment, responseCOOP, and
- browsingContextSwitchNeeded.
Document
+ object given "html", type, and
+ navigationParams.Create an HTML parser and associate it with the document. Act as if the tokenizer had emitted a start tag token with the tag name "pre" followed by a single @@ -83677,8 +83739,8 @@ new PaymentRequest(…); // Allowed to use
The rules for how to convert the bytes of the plain text document into actual characters, and the rules for actually rendering the text to the user, are defined by the specifications for the - computed MIME type of the resource (type - in the navigate algorithm).
+ computed MIME type of the resource (i.e., + type).The document's character encoding must be set to the character encoding used to decode the document.
@@ -83714,6 +83776,9 @@ new PaymentRequest(…); // Allowed to use browsing context, the user agent must parse the resource using the rules for multipart types. +This algorithm is passed navigation params, but it's unclear how + exactly to use them.
+For each body part obtained from the resource, the user agent must run process a navigate response using the new body part and the same browsing context, with replacement enabled if a previous body part from the same resource resulted in a @@ -83731,20 +83796,14 @@ new PaymentRequest(…); // Allowed to use
When an image, video, or audio resource is to be loaded, provided a browsingContext, - request, response, finalSandboxFlags, - finalResponseOrigin, incumbentNavigationOrigin, - activeDocumentNavigationOrigin, environment, responseCOOP, - browsingContextSwitchNeeded, the user agent should: +
When an image, video, or audio resource is to be loaded, provided navigation params + navigationParams and a string type, the user agent should:
Let document be the result of creating and initializing a Document object
- providing "html", type, request,
- response, browsingContext, finalSandboxFlags,
- finalResponseOrigin, incumbentNavigationOrigin,
- activeDocumentNavigationOrigin, environment, responseCOOP, and
- browsingContextSwitchNeeded.
Document
+ object given "html", type, and
+ navigationParams.Append an html element to document.
When a resource that requires an external resource to be rendered is to be loaded, provided a - browsingContext, request, response, finalSandboxFlags, - finalResponseOrigin, incumbentNavigationOrigin, - activeDocumentNavigationOrigin, environment, responseCOOP, and - browsingContextSwitchNeeded, the user agent should: +
When a resource that requires an external resource to be rendered is to be loaded, provided + navigation params navigationParams and a string type, the user + agent should:
Let document be the result of creating and initializing a Document object
- providing "html", type, request,
- response, browsingContext, finalSandboxFlags,
- finalResponseOrigin, incumbentNavigationOrigin,
- activeDocumentNavigationOrigin, environment, responseCOOP, and
- browsingContextSwitchNeeded.
Document
+ object given "html", type, and
+ navigationParmas.Mark document as being a plugin document
When the user agent is to display a user agent page inline, the user agent should create and initialize a Document object
- providing "html", "text/html", null, null,
- browsingContext, an empty set, null, null, and null, and then either associate that
- Document with a custom rendering that is not rendered using the normal
- Document rendering rules, or mutate that Document until it represents
- the content the user agent wants to render.
When the user agent is to display a user agent page inline, provided a browsing + context browsingContext, the user agent should:
+ +Let navigationParams be a new navigation params whose request is null, response is null, origin is a new opaque origin, final sandboxing flag set is an empty set, cross-origin opener policy is "unsafe-none", reserved environment is null, browsing context is
+ browsingContext, and browsing
+ context switch needed is false.
The algorithm called in the next step is not prepared to deal with a null response. Probably we should synthesize one + instead.
+Let document be the result of creating and initializing a Document
+ object given "html", "text/html", and
+ navigationParams.
Either associate document with a custom rendering that is not rendered using
+ the normal Document rendering rules, or mutate document until it
+ represents the content the user agent wants to render.