@@ -31,10 +31,8 @@ ISSUE(whatwg/html#11534): This section is probably best read as a patch to HTML,
3131[Exposed=*]
3232interface Origin {
3333 constructor();
34- constructor(USVString serializedOrigin);
3534
36- static Origin? parse(USVString serializedOrigin);
37- static Origin? fromURL(USVString serializedURL);
35+ static Origin? from(any value);
3836
3937 readonly attribute boolean opaque;
4038
@@ -53,69 +51,116 @@ The <dfn for="Origin" constructor lt="Origin()">`new Origin()`</dfn> constructor
5351
5452</div> <!-- new Origin() -->
5553
56- <div algorithm="new Origin(serializedOrigin)">
57- The <dfn for="Origin" constructor lt="Origin(serializedOrigin)">`new Origin(serializedOrigin)`</dfn>
58- constructor accepts a {{USVString}} |serializedOrigin| which contains the [=ASCII serialization of an
59- origin=] . If |serializedOrigin| is not a valid serialization, the constructor will throw a
60- {{TypeError}} . Otherwise, the constructed object will hold the deserialized [=origin=] :
6154
62- 1. If |serializedOrigin| is "`null`":
55+ <div algorithm="from(value)">
56+ The static <dfn for="Origin" method lt="from(value)">`from(value)`</dfn> accepts
57+ method accepts an arbitrary object |value|, and either returns a newly-constructed `Origin`
58+ object if one can be extracted from |value|, or `null` otherwise:
6359
64- 1. Set [=this=] 's {{Origin/[[origin]]}} to a unique [=/opaque origin=] .
65- 2. Return.
60+ 1. Let |origin| be the result of executing |value|'s [$extract an origin$] algorithm.
6661
67- 2. Let |origin as url| be the result of executing the [=basic URL parser=] on |serializedOrigin| .
62+ 2. If |origin| is `null`, return `null` .
6863
69- 3. If |origin as url| is failure, throw a " {{TypeError}} " {{DOMException}} .
64+ 3. Return a new {{Origin}} object whose {{Origin/[[origin]]}} is set to |origin| .
7065
71- 4. If |origin as url|'s [=url/origin=]' s [=ASCII serialization of an origin|serialization=] is
72- not |serializedOrigin|, throw a "{{TypeError}} " {{DOMException}} .
66+ </div> <!-- from(value) -->
7367
74- 5. Set [=this=] 's {{Origin/[[origin]]}} to |origin as url|' s [=url/origin=] .
7568
76- Note: The algorithm above parses |serializedOrigin| as a URL, then compares it against the
77- serialization of that URL's origin. This seems like the cheapest way to reuse all the infrastructure
78- in [[URL]] , while still ensuring that we require a validly serialized origin. It would of course be
79- possible to extract a strict origin parser from the algorithms in URL, but it seems at least
80- somewhat likely that they might drift apart at some point in the future. Reusing the existing
81- algorithms, then checking the result for correctness, seems robust and straightforward enough to
82- rely upon.
83- </div> <!-- new Origin(serializedOrigin) -->
69+ The <dfn for="Origin" attribute>`opaque`</dfn> attribute getter steps are to return `true`
70+ if [=this=] 's {{Origin/[[origin]]}} is an [=opaque origin=] , and `false` otherwise.
71+
72+ The <dfn for="Origin" method>`isSameOrigin(other)`</dfn> method steps are to return `true`
73+ if [=this=] 's {{Origin/[[origin]]}} is [=same origin=] with <var ignore>other</var>' s
74+ {{Origin/[[origin]]}} , and `false` otherwise.
75+
76+ <div algorithm="isSameSite(other)">
77+ The <dfn for="Origin" method>`isSameSite(other)`</dfn> method steps are to return `true`
78+ if [=this=] 's {{Origin/[[origin]]}} is [=same site=] with <var ignore>other</var>' s
79+ {{Origin/[[origin]]}} , and `false` otherwise.
80+
81+ Note: This is a [=same site=] , not [=schemelessly same site=] , comparison.
82+ </div> <!-- isSameSite(other) -->
83+
84+
85+ Origin Extraction {#extraction}
86+ -----------------
87+
88+ [=Platform objects=] have an <dfn abstract-op>extract an origin</dfn> operation which returns
89+ `null` unless otherwise specified.
90+
91+ ISSUE(whatwg/html#11534): The following implementations should be colocated with their
92+ definitions in HTML.
93+
94+
95+ ### `HTMLHyperlinkElementUtils` ### {#extraction-HTMLHyperlinkElementUtils}
96+
97+ <div algorithm="extract an origin HTMLHyperlinkElementUtils">
98+ An object implementing the {{HTMLHyperlinkElementUtils}} mixin's [$extract an origin$] operation
99+ runs the following steps:
100+
101+ 1. If [=this=] 's `url` is `null`, return `null`.
102+
103+ 2. Return [=this=] 's `url`' s [=url/origin=] .
104+
105+ </div> <!-- HTMLHyperlinkElementUtils -->
106+
107+
108+ ### `Location` ### {#extraction-Location}
84109
85- <div algorithm="parse(serializedOrigin)">
86- Like {{Origin}} 's {{Origin/Origin(serializedOrigin)}} constructor, the static
87- <dfn for="Origin" method lt="parse(serializedOrigin)">`parse(serializedOrigin)`</dfn> method
88- accepts a {{USVString}} |serializedOrigin| which contains the [=ASCII serialization of an
89- origin=] . If |serializedOrigin| is not a valid serialization, the method will return `null`.
90- Otherwise, it will return a newly-constructed {{Origin}} holding the deserialized [=origin=] :
110+ <div algorithm="extract an origin Location">
111+ An object implementing the {{Location}} interface's [$extract an origin$] operation runs the
112+ following steps:
91113
92- 1. Let |origin| be a new {{Origin}} object.
114+ 1. If [=this=] 's <a dfn spec=HTML>relevant `Document`</a> is non-`null`, and its
115+ [=Document/origin=] is not [=same origin-domain=] with the
116+ <a dfn spec=HTML>entry settings object</a> 's [=environment settings object/origin=] , then
117+ return `null`.
93118
94- 2. If |serializedOrigin| is "`null`":
119+ 2. Return [=this=] 's `url`' s [=url/origin=] .
95120
96- 1. Set |origin|'s {{Origin/[[origin]]}} to a unique [=/opaque origin=] .
121+ Note: As `Location` is potentially accessible cross-origin, we need to maintain its getters'
122+ security checks here.
97123
98- 2. Return |origin|.
124+ </div> <!-- Location -->
99125
100- 3. Let |origin as url| be the result of executing the [=basic URL parser=] on |serializedOrigin|.
101126
102- 4. If |origin as url| is failure, return `null`.
127+ ### `WindowOrWorkerGlobalScope` ### {#extraction-WindowOrWorkerGlobalScope}
103128
104- 5. If |origin as url|'s [=url/origin=]' s [=ASCII serialization of an origin|serialization=] is
105- not |serializedOrigin|, return `null`.
129+ <div algorithm="extract an origin WindowOrWorkerGlobalScope">
130+ An object implementing the {{WindowOrWorkerGlobalScope}} mixin's [$extract an origin$] operation
131+ runs the following steps:
106132
107- 6 . Set |origin| 's {{Origin/[[origin]]}} to |origin as url| ' s [=url /origin=] .
133+ 1 . Return [=this=] 's [=relevant settings object=] ' s [=environment settings object /origin=] .
108134
109- 7. Return |origin|.
135+ </div> <!-- WindowOrWorkerGlobalScope -->
110136
111- </div> <!-- parse(serializedOrigin) -->
112137
113- <div algorithm="fromURL(serializedURL)">
114- The static <dfn for="Origin" method lt="fromURL(serializedURL)">`fromURL(serializedURL)`</dfn>
115- method accepts a {{USVString}} |serializedURL| which contains the [=URL serializer|serialization=]
116- of a [=URL=] . If |serializedURL| is not a valid serialization, the method will return `null`.
117- Otherwise, it will return a newly-constructed {{Origin}} object holding the deserialized [=URL=] 's
118- [=url/origin=] :
138+ ### `WorkerLocation` ### {#extraction-WorkerLocation}
139+
140+ <div algorithm="extract an origin WorkerLocation">
141+ An object implementing the {{WorkerLocation}} interface's [$extract an origin$] operation
142+ runs the following steps:
143+
144+ 1. Return [=this=] 's `WorkerGlobalScope`' s `url`'s `origin`.
145+
146+ </div> <!-- WorkerLocation -->
147+
148+
149+ ### `MessageEvent` ### {#extraction-MessageEvent}
150+
151+ <div algorithm="extract an origin MessageEvent">
152+ An object implementing the {{MessageEvent}} mixin's [$extract an origin$] operation
153+ runs the following steps:
154+
155+ 1. Return [=this=] 's [=relevant settings object=]' s [=environment settings object/origin=] .
156+
157+ </div> <!-- MessageEvent -->
158+
159+
160+ ### `String` ### {#extraction-String}
161+
162+ <div algorithm="extract an origin String">
163+ A {{String}} |serializedURL|'s [$extract an origin$] operation runs the following steps:
119164
1201651. Let |parsed url| be the result of running the [=basic URL parser=] on |serializedURL|.
121166
@@ -128,22 +173,7 @@ Otherwise, it will return a newly-constructed {{Origin}} object holding the dese
128173Note: Unlike {{URL/parse(url)|URL.parse}} , this method does not accept a base, but expects the
129174complete serialization of a URL. That seems clearer, and guides developers towards constructing
130175a {{URL}} object in some well-understood way that's distinct from their work with {{Origin}} .
131- </div> <!-- fromURL(serializedURL) -->
132-
133- The <dfn for="Origin" attribute>`opaque`</dfn> attribute getter steps are to return `true`
134- if [=this=] 's {{Origin/[[origin]]}} is an [=opaque origin=] , and `false` otherwise.
135-
136- The <dfn for="Origin" method>`isSameOrigin(other)`</dfn> method steps are to return `true`
137- if [=this=] 's {{Origin/[[origin]]}} is [=same origin=] with <var ignore>other</var>' s
138- {{Origin/[[origin]]}} , and `false` otherwise.
139-
140- <div algorithm="isSameSite(other)">
141- The <dfn for="Origin" method>`isSameSite(other)`</dfn> method steps are to return `true`
142- if [=this=] 's {{Origin/[[origin]]}} is [=same site=] with <var ignore>other</var>' s
143- {{Origin/[[origin]]}} , and `false` otherwise.
144-
145- Note: This is a [=same site=] , not [=schemelessly same site=] , comparison.
146- </div> <!-- isSameSite(other) -->
176+ </div> <!-- String -->
147177
148178
149179Security Considerations {#security}
0 commit comments