The 22 June 2010 spec says in section 6.5.1 Navigating across documents:
If the source browsing
context<http://www.whatwg.org/specs/web-apps/current-work/#source-browsing-context>
is not the same as the browsing
context<http://www.whatwg.org/specs/web-apps/current-work/#browsing-context>
being navigated, ..., and the source browsing
context<http://www.whatwg.org/specs/web-apps/current-work/#source-browsing-context>
had its sandboxed navigation browsing context
flag<http://www.whatwg.org/specs/web-apps/current-work/#sandboxed-navigation-browsing-context-flag>
set when its active
document<http://www.whatwg.org/specs/web-apps/current-work/#active-document>
was created, then abort these steps.
(emphasis mine.) When exactly is its active document created? I can read this
clause in several ways:
* When documents are created they must set the sandboxed navigation
browsing context flag on their browsing context. But documents are created
before they are active in some browsing context, so that seems wrong.
* When documents are set as active within a browsing context. But that
doesn't sound like "creation" time, so that seems wrong too.
* At the instant the document was allocated, the browsing context
happened to record its current context flags despite the document not being
active in the browsing context yet. But that seems implausible at best.
Additionally, the sandboxing flags seem to be more a feature of the <iframe>
element than of the browsing context, because they depend on the value of the
<iframe>'s sandbox attribute. Can these flags ever be set on a top-level
browsing context? No, correct?
The spec then talks about the seamless browsing context flag. Is this flag
distinct from the sandbox-seamless-iframes flag? And when is this flag set?
It seems different from the others, because it can be set by manipulating
content attributes:
Specifically, when the attribute is set on an iframe element whose owner
Document's browsing context did not have the sandboxed seamless iframes flag
set when that Document was created, and while either the browsing context's
active document has the same origin as the iframe element's document, or the
browsing context's active document's address has the same origin as the iframe
element's document, the following requirements apply:
The user agent must set the seamless browsing context flag to
true for that browsing context. This will cause links to open in the parent
browsing context.
WARNING! It is important that user agents recheck the above conditions whenever
the active document of the nested browsing context of the iframe changes, such
that the seamless browsing context flag gets unset if the nested browsing
context is navigated to another origin.
Again the question of "when the document was created". Additionally, the
seamless flag refers to the iframe, the iframe's owner document, the iframe's
owner document's browsing context, and the iframe's browsing context itself.
These don't seem intrinsically like flags on the browsing context...
Are there any other flags that might apply to browsing contexts that might
equally well apply to iframes instead?
