diff --git a/source b/source index 2f92781ba5c..228809451e6 100644 --- a/source +++ b/source @@ -11470,6 +11470,14 @@ partial interface Document {

Each Document has an open dialogs list, which is a list of dialog elements, initially empty.

+

Each Document has a boolean embedder has margin attributes, initially + false.

+ +

This is set to true when the container is a frame element or an + iframe element with a marginwidth or a marginheight attribute specified. This is used + in the Rendering section.

+

The DocumentOrShadowRoot interface

DOM defines the cross-origin isolated capability.

+

  • Let embedderHasMarginAttributes be true if embedder is a + frame element or an iframe element that has a marginwidth or a marginheight attribute specified, and false + otherwise.

    • +

  • Let document be a new Document, with:

    @@ -104489,6 +104503,9 @@ interface NotRestoredReasons {
    custom element registry
    a new CustomElementRegistry object
    + +
    embedder has margin attributes
    +
    embedderHasMarginAttributes
    • @@ -111257,6 +111274,16 @@ location.href = '#foo';     data-x="concept-response-timing-info">timing info's start time.

    +

  • Let embedder be navigationParams's navigable's container.

    • + +

  • Let embedderHasMarginAttributes be true if embedder is a + frame element or an iframe element that has a marginwidth or a marginheight attribute specified, and false + otherwise.

    • +

  • Let document be a new Document, with

    @@ -111314,6 +111341,9 @@ location.href = '#foo';
    custom element registry
    a new CustomElementRegistry object
    + +
    embedder has margin attributes
    +
    embedderHasMarginAttributes
    • @@ -145088,11 +145118,12 @@ html, body { display: block; }
    -

    For each property in the table below, given a body element, the first attribute - that exists maps to the pixel length property on the body element. If - none of the attributes for a property are found, or if the value of the attribute that was found - cannot be parsed successfully, then a default value of 8px is expected to be used - for that property instead.

    +

    For each property in the table below, given a body + element body, the first attribute that exists maps to the pixel length + property on body. If none of the attributes for a property are found, or if the + value of the attribute that was found cannot be parsed successfully, then the default body + margin given body is expected to be used for that property + instead.

    @@ -145101,52 +145132,31 @@ html, body { display: block; } - - - - - - - - - - - - - -
    Source
    'margin-top' - The body element's marginheight attribute -
    The body element's topmargin attribute -
    The body element's container frame element's marginheight attribute -
    'margin-right' - The body element's marginwidth attribute -
    The body element's rightmargin attribute + 'margin-top', 'margin-bottom' + body's marginheight attribute
    The body element's container frame element's marginwidth attribute + body's topmargin attribute
    'margin-bottom' - The body element's marginheight attribute -
    The body element's bottommargin attribute -
    The body element's container frame element's marginheight attribute -
    'margin-left' - The body element's marginwidth attribute -
    The body element's leftmargin attribute + 'margin-left', 'margin-right' + body's marginwidth attribute
    The body element's container frame element's marginwidth attribute + body's leftmargin attribute
    -

    If the body element's node document's node navigable is - a child navigable, and the container of that - navigable is a frame or iframe element, then the - container frame element of the body element is that frame or - iframe element. Otherwise, there is no container frame element.

    +

    The default body margin given a body element body is 0px + if body's node document's embedder has margin attributes is true, + and 8px otherwise.

    -

    The above requirements imply that a page can change the margins of another page - (including one from another origin) using, for example, an iframe. This - is potentially a security risk, as it might in some cases allow an attack to contrive a situation - in which a page is rendered not as the author intended, possibly for the purposes of phishing or - otherwise misleading the user.

    +

    The above requirements imply that a page can change the margins of another + page to 0px (including one from another origin) using, for example, an + iframe. This is potentially a security risk, as it might in some cases allow an + attack to contrive a situation in which a page is rendered not as the author intended, possibly + for the purposes of phishing or otherwise misleading the user.