diff --git a/complete.html b/complete.html
index 11636f218ac..5568da01f0c 100644
--- a/complete.html
+++ b/complete.html
@@ -110,7 +110,7 @@
You can take part in this work. Join the working group's discussion list. Web designers! We have a FAQ, a forum, and a help mailing list for you! This flag prevents content from using the This prevents a page inserted using the Web Applications 1.0
- Draft Standard — 4 December 2009
+ Draft Standard — 6 December 2009
4.8.3 The
iframe
+
seamless
attribute on
+ descendant iframe
elements.allow-same-origin
+ keyword from using a CSS-selector-based method of probing the DOM
+ of other pages on the same site (in particular, pages that contain
+ user-sensitive information).sandbox
attribute's
value, when split on
@@ -20526,13 +20543,16 @@ 4.8.3 The
is to be rendered in a manner that makes it appear to
be part of the containing document (seamlessly included in the
parent document). Specifically, when the
- attribute is set on an element and while the browsing
- context's active document has the same
- origin as the iframe
context
iframe
element's document, or the
- browsing context's active document's
- address has the
- same origin as the iframe
element's
- document, the following requirements apply:
iframe
element whose owner
+ Document
's browsing context does not have
+ the sandboxed seamless iframes flag set and while
+ either the browsing context's active
+ document has the same origin as the
+ iframe
element's document, or the browsing
+ context's active document's address has the same
+ origin as the iframe
element's document, the
+ following requirements apply:
This flag prevents content from using the seamless
attribute on
+ descendant iframe
elements.
This prevents a page inserted using the allow-same-origin
+ keyword from using a CSS-selector-based method of probing the DOM
+ of other pages on the same site (in particular, pages that contain
+ user-sensitive information).
sandbox
attribute's
value, when split on
@@ -20364,13 +20381,16 @@ href="?audio">audio</a> test instead.)</p>
context is to be rendered in a manner that makes it appear to
be part of the containing document (seamlessly included in the
parent document). Specifically, when the
- attribute is set on an element and while the browsing
- context's active document has the same
- origin as the iframe
element's document, or the
- browsing context's active document's
- address has the
- same origin as the iframe
element's
- document, the following requirements apply:
+ attribute is set on an iframe
element whose owner
+ Document
's browsing context does not have
+ the sandboxed seamless iframes flag set and while
+ either the browsing context's active
+ document has the same origin as the
+ iframe
element's document, or the browsing
+ context's active document's address has the same
+ origin as the iframe
element's document, the
+ following requirements apply:
This flag prevents content from using the seamless
attribute on
+ descendant iframe
elements.
This prevents a page inserted using the allow-same-origin
+ keyword from using a CSS-selector-based method of probing the DOM
+ of other pages on the same site (in particular, pages that contain
+ user-sensitive information).
sandbox
attribute's
value, when split on
@@ -21826,13 +21845,16 @@ href="?audio">audio</a> test instead.)</p>
context is to be rendered in a manner that makes it appear to
be part of the containing document (seamlessly included in the
parent document). Specifically, when the
- attribute is set on an element and while the browsing
- context's active document has the same
- origin as the iframe
element's document, or the
- browsing context's active document's
- address has the
- same origin as the iframe
element's
- document, the following requirements apply:
+ attribute is set on an iframe
element whose owner
+ Document
's browsing context does not have
+ the sandboxed seamless iframes flag set and while
+ either the browsing context's active
+ document has the same origin as the
+ iframe
element's document, or the browsing
+ context's active document's address has the same
+ origin as the iframe
element's document, the
+ following requirements apply: