HTML
Living Standard — Last Updated 8 November 2024
Living Standard — Last Updated 8 November 2024
multipart/x-mixed-replace
documentsX-Frame-Options` headerRefresh` headerWhen loading a document using one of the below algorithms, we use the
following steps to create and initialize a Document object,
given a type type, content type contentType, and
navigation params navigationParams:
Document objects are also created when creating a new browsing
context and document; such initial
about:blank Document are never created by this algorithm. Also,
browsing context-less Document objects can
be created via various APIs, such as document.implementation.createHTMLDocument().
Let browsingContext be navigationParams's navigable's active browsing context.
Set browsingContext to the result of the obtaining a browsing context to use for a navigation response given browsingContext, navigationParams's final sandboxing flag set, navigationParams's cross-origin opener policy, and navigationParams's COOP enforcement result.
This can result in a browsing context
group switch, in which case browsingContext will be a newly-created browsing context instead
of being navigationParams's navigable's active browsing
context. In such a case, the created Window, Document, and
agent will not end up being used; because the created Document's
origin is opaque, we will end up creating a new agent
and Window later in this algorithm to
go along with the new Document.
Let permissionsPolicy be the result of creating a permissions policy from a response given navigationParams's navigable's container, navigationParams's origin, and navigationParams's response. [PERMISSIONSPOLICY]
The creating a permissions policy from a response algorithm makes use of the
passed origin. If document.domain has
been used for navigationParams's navigable's container document, then its origin cannot be same origin-domain with
the passed origin, because these steps run before the document is created, so it
cannot itself yet have used document.domain. Note
that this means that Permissions Policy checks are less permissive compared to doing a
same origin check instead.
See below for some examples of this in action.
If navigationParams's request is non-null, then set creationURL to navigationParams's request's current URL.
Let window be null.
If browsingContext's active document's is initial
about:blank is true, and browsingContext's active
document's origin is same
origin-domain with navigationParams's origin, then set window to
browsingContext's active window.
This means that both the initial
about:blank Document, and the new Document that
is about to be created, will share the same Window object.
Otherwise:
Let oacHeader be the result of getting a structured field value
given `Origin-Agent-Cluster` and "item" from
navigationParams's response's
header list.
Let requestsOAC be true if oacHeader is not null and oacHeader[0] is the boolean true; otherwise false.
If navigationParams's reserved environment is a non-secure context, then set requestsOAC to false.
Let agent be the result of obtaining a similar-origin window agent given navigationParams's origin, browsingContext's group, and requestsOAC.
Let realmExecutionContext be the result of creating a new realm given agent and the following customizations:
For the global object, create a new Window object.
For the global this binding, use browsingContext's
WindowProxy object.
Set window to the global object of realmExecutionContext's Realm component.
Let topLevelCreationURL be creationURL.
Let topLevelOrigin be navigationParams's origin.
If navigable's container is not null, then:
Let parentEnvironment be navigable's container's relevant settings object.
Set topLevelCreationURL to parentEnvironment's top-level creation URL.
Set topLevelOrigin to parentEnvironment's top-level origin.
Set up a window environment settings object with creationURL, realmExecutionContext, navigationParams's reserved environment, topLevelCreationURL, and topLevelOrigin.
This is the usual case, where the new Document we're about to
create gets a new Window to go along with it.
Let loadTimingInfo be a new document load timing info with its navigation start time set to navigationParams's response's timing info's start time.
Let document be a new Document, with
loading"Set window's associated
Document to document.
Run CSP initialization for a Document given
document. [CSP]
If navigationParams's request is non-null, then:
Set document's referrer to the empty string.
If referrer is a URL record, then set document's referrer to the serialization of referrer.
Per Fetch, referrer will be either a URL
record or "no-referrer" at this point.
If navigationParams's fetch controller is not null, then:
Let fullTimingInfo be the result of extracting the full timing info from navigationParams's fetch controller.
Let redirectCount be 0 if navigationParams's response's has cross-origin redirects is true; otherwise navigationParams's request's redirect count.
Create the navigation timing entry for document, given fullTimingInfo, redirectCount, navigationTimingType, navigationParams's response's service worker timing info, and navigationParams's response's body info.
Create the navigation timing entry for document, with navigationParams's response's timing info, redirectCount, navigationParams's navigation timing type, and navigationParams's response's service worker timing info.
If navigationParams's response
has a `Refresh` header, then:
Let value be the isomorphic decoding of the value of the header.
Run the shared declarative refresh steps with document and value.
We do not currently have a spec for how to handle multiple `Refresh`
headers. This is tracked as issue #2900.
If navigationParams's commit early hints is not null, then call navigationParams's commit early hints with document.
Process link headers given document,
navigationParams's response, and
"pre-media".
Return document.
In this example, the child document is not allowed to use PaymentRequest,
despite being same origin-domain at the time the child document tries to use
it. At the time the child document is initialized, only the parent document has set document.domain, and the child document has not.
<!-- https://foo.example.com/a.html -->
<!doctype html>
< script >
document. domain = 'example.com' ;
</ script >
< iframe src = b.html ></ iframe > <!-- https://bar.example.com/b.html -->
<!doctype html>
< script >
document. domain = 'example.com' ; // This happens after the document is initialized
new PaymentRequest( …); // Not allowed to use
</ script > In this example, the child document is allowed to use
PaymentRequest, despite not being same origin-domain at the time
the child document tries to use it. At the time the child document is initialized, none of
the documents have set document.domain yet so
same origin-domain falls back to a normal same origin check.
<!-- https://example.com/a.html -->
<!doctype html>
< iframe src = b.html ></ iframe >
<!-- The child document is now initialized, before the script below is run. -->
< script >
document. domain = 'example.com' ;
</ script > <!-- https://example.com/b.html -->
<!doctype html>
< script >
new PaymentRequest( …); // Allowed to use
</ script > To populate with html/head/body given a
Document document:
Let html be the result of creating an
element given document, html, and the HTML
namespace.
Let head be the result of creating an
element given document, head, and the HTML
namespace.
Let body be the result of creating an
element given document, body, and the HTML
namespace.
Append html to document.
Append head to html.
Append body to html.
To load an HTML document, given navigation params navigationParams:
Let document be the result of creating and initializing a Document
object given "html", "text/html", and
navigationParams.
If document's URL is
about:blank, then populate with
html/head/body given document.
This special case, where even non-initial
about:blank Documents are synchronously given their element
nodes, is necessary for compatible with deployed content. In other words, it is not compatible
to instead go down the "otherwise" branch and feed the empty byte sequence into
an HTML parser to asynchronously populate document.
Otherwise, create an HTML parser and associate it with the document. Each task that the networking task source places on the task queue while fetching runs must then fill the parser's input byte stream with the fetched bytes and cause the HTML parser to perform the appropriate processing of the input stream.
The first task that the networking task
source places on the task queue while fetching runs must process link
headers given document, navigationParams's response, and "media", after
the task has been processed by the HTML parser.
Before any script execution occurs, the user agent must wait for scripts may run for the newly-created document to be true for document.
The input byte stream converts bytes into characters for use in the tokenizer. This process relies, in part, on character encoding information found in the real Content-Type metadata of the resource; the computed type is not used for this purpose.
When no more bytes are available, the user agent must queue a global task on
the networking task source given document's relevant global
object to have the parser process the implied EOF character, which eventually causes
a load event to be fired.
Return document.
When faced with displaying an XML file inline, provided navigation params
navigationParams and a string type, user agents must follow the
requirements defined in XML and Namespaces in XML, XML Media
Types, DOM, and other relevant specifications to create and initialize a Document object
document, given "xml", type, and
navigationParams, and return that Document. They must also create a
corresponding XML parser. [XML] [XMLNS] [RFC7303]
[DOM]
At the time of writing, the XML specification community had not actually yet specified how XML and the DOM interact.
The first task that the networking task source
places on the task queue while fetching runs must process link headers
given document, navigationParams's response, and "media", after
the task has been processed by the XML parser.
The actual HTTP headers and other metadata, not the headers as mutated or implied by the algorithms given in this specification, are the ones that must be used when determining the character encoding according to the rules given in the above specifications. Once the character encoding is established, the document's character encoding must be set to that character encoding.
Before any script execution occurs, the user agent must wait for scripts may run for the
newly-created document to be true for the newly-created Document.
Once parsing is complete, the user agent must set document's during-loading navigation ID for WebDriver BiDi to null.
For HTML documents this is reset when parsing is complete, after firing the load event.
Error messages from the parse process (e.g., XML namespace well-formedness errors) may be
reported inline by mutating the Document.
To load a text document, given a navigation params navigationParams and a string type:
Let document be the result of creating and initializing a Document
object given "html", type, and
navigationParams.
Set document's parser cannot change the mode flag to true.
Set document's mode
to "no-quirks".
Create an HTML parser and associate it with the document. Act as if the tokenizer had emitted a start tag token with the tag name "pre" followed by a single U+000A LINE FEED (LF) character, and switch the HTML parser's tokenizer to the PLAINTEXT state. Each task that the networking task source places on the task queue while fetching runs must then fill the parser's input byte stream with the fetched bytes and cause the HTML parser to perform the appropriate processing of the input stream.
document's encoding must be set to the character encoding used to decode the document during parsing.
The first task that the networking task
source places on the task queue while fetching runs must process link
headers given document, navigationParams's response, and "media", after
the task has been processed by the HTML parser.
Before any script execution occurs, the user agent must wait for scripts may run for the newly-created document to be true for document.
When no more bytes are available, the user agent must queue a global task on
the networking task source given document's relevant global
object to have the parser process the implied EOF character, which eventually causes
a load event to be fired.
User agents may add content to the head element of document, e.g.,
linking to a style sheet, providing script, or giving the document a title.
In particular, if the user agent supports the Format=Flowed feature of RFC 3676 then the user agent would need to apply
extra styling to cause the text to wrap correctly and to handle the quoting feature. This could
be performed using, e.g., a CSS extension.
Return document.
The rules for how to convert the bytes of the plain text document into actual characters, and the rules for actually rendering the text to the user, are defined by the specifications for the computed MIME type of the resource (i.e., type).
multipart/x-mixed-replace
documentsTo load a
multipart/x-mixed-replace document, given navigation params
navigationParams, source snapshot params sourceSnapshotParams,
and origin initiatorOrigin:
Parse navigationParams's response's body using the rules for multipart types. [RFC2046]
Let firstPartNavigationParams be a copy of navigationParams.
Set firstPartNavigationParams's response to a new response representing the first part of navigationParams's response's body's multipart stream.
Let document be the result of loading a document given firstPartNavigationParams, sourceSnapshotParams, and initiatorOrigin.
For each additional body part obtained from navigationParams's response, the user agent must navigate
document's node navigable to navigationParams's request's URL, using document, with response set to navigationParams's response and historyHandling set to "replace".
Return document.
For the purposes of algorithms processing these body parts as if they were complete stand-alone resources, the user agent must act as if there were no more bytes for those resources whenever the boundary following the body part is reached.
Thus, load events (and for that matter unload events) do fire for each body part loaded.
To load a media document, given navigationParams and a string type:
Let document be the result of creating and initializing a Document
object given "html", type, and
navigationParams.
Set document's mode
to "no-quirks".
Populate with html/head/body given
document.
Append an element host element for the media, as described below, to the
body element.
Set the appropriate attribute of the element host element, as described below, to the address of the image, video, or audio resource.
User agents may add content to the head element of document, or
attributes to host element, e.g., to link to a style sheet, to provide a script, to
give the document a title, or to make the media autoplay.
Process link headers given document,
navigationParams's response, and
"media".
Act as if the user agent had stopped parsing document.
Return document.
The element host element to create for the media is the element given in the table below in the second cell of the row whose first cell describes the media. The appropriate attribute to set is the one given by the third cell in that same row.
| Type of media | Element for the media | Appropriate attribute |
|---|---|---|
| Image | img
| src
|
| Video | video
| src
|
| Audio | audio
| src
|
Before any script execution occurs, the user agent must wait for scripts may run for the
newly-created document to be true for the Document.
When the user agent is to create a document to display a user agent page or PDF viewer inline,
provided a navigable navigable, a navigation ID
navigationId, a NavigationTimingType navTimingType, the
user agent should:
Let origin be a new opaque origin.
Let coop be a new opener policy.
Let coopEnforcementResult be a new opener policy enforcement result with
Let navigationParams be a new navigation params with
Let document be the result of creating and initializing a Document
object given "html", "text/html", and
navigationParams.
Either associate document with a custom rendering that is not rendered using
the normal Document rendering rules, or mutate document until it
represents the content the user agent wants to render.
Return document.
Because we ensure the resulting Document's origin is opaque, and the resulting Document cannot run
script with access to the DOM, the existence and properties of this Document are not
observable to web developer code. This means that most of the above values, e.g., the
text/html type, do not matter.
Similarly, most of the items in navigationParams don't have any observable effect,
besides preventing the Document-creation
algorithm from getting confused, and so are set to default values.
Once the page has been set up, the user agent must act as if it had stopped parsing.
A Document has a completely loaded time (a time or null), which is
initially null.
A Document is considered completely loaded if its completely
loaded time is non-null.
To completely finish loading a Document document:
Assert: document's browsing context is non-null.
Set document's completely loaded time to the current time.
Let container be document's node navigable's container.
This will be null in the case where document is the initial about:blank Document in a
frame or iframe, since at the point of browsing context creation which calls this algorithm,
the container relationship has not yet been established. (That happens in a subsequent step of
create a new child navigable.)
The consequence of this is that the following steps do nothing, i.e., we do not fire an
asynchronous load event on the container element for such
cases. Instead, a synchronous load event is fired in a special
initial-insertion case when processing the
iframe attributes.
If container is an iframe element, then queue an element
task on the DOM manipulation task source given container to run
the iframe load event steps given container.
Otherwise, if container is non-null, then queue an element task on
the DOM manipulation task source given container to fire an event named load at
container.
A Document has a salvageable state, which must initially be
true, and a page showing flag, which must initially be false. The page
showing flag is used to ensure that scripts receive pageshow and pagehide events
in a consistent manner (e.g. that they never receive two pagehide events in a row without an intervening pageshow, or vice versa).
A Document has a DOMHighResTimeStamp suspension time,
initially 0.
A Document has a list of suspended timer handles,
initially empty.
Event loops have a termination nesting level counter, which must initially be 0.
Document objects have an unload
counter, which is used to ignore certain operations while the below algorithms run.
Initially, the counter must be set to zero.
To unload a Document
oldDocument, given an optional Document newDocument:
Assert: this is running as part of a task queued on oldDocument's relevant agent's event loop.
Let unloadTimingInfo be a new document unload timing info.
If newDocument is not given, then set unloadTimingInfo to null.
In this case there is no new document that needs to know about how long it took oldDocument to unload.
Otherwise, if newDocument's event loop is not oldDocument's event loop, then the user agent may be unloading oldDocument in parallel. In that case, the user agent should set unloadTimingInfo to null.
In this case newDocument's loading is not impacted by how long it takes to unload oldDocument, so it would be meaningless to communicate that timing info.
Let intendToKeepInBfcache be true if the user agent intends to keep oldDocument alive in a session history entry, such that it can later be used for history traversal.
This must be false if oldDocument is not salvageable, or if there are any descendants of oldDocument which the user agent does not intend to keep alive in the same way (including due to their lack of salvageability).
Let eventLoop be oldDocument's relevant agent's event loop.
Increase eventLoop's termination nesting level by 1.
Increase oldDocument's unload counter by 1.
If intendToKeepInBfcache is false, then set oldDocument's salvageable state to false.
If oldDocument's page showing is true:
Set oldDocument's page showing to false.
Fire a page transition event named pagehide at oldDocument's relevant global
object with oldDocument's salvageable state.
Update the visibility state of oldDocument to
"hidden".
If unloadTimingInfo is not null, then set unloadTimingInfo's unload event start time to the current high resolution time given newDocument's relevant global object, coarsened given oldDocument's relevant settings object's cross-origin isolated capability.
If oldDocument's salvageable
state is false, then fire an event named unload at oldDocument's relevant global
object, with legacy target override flag set.
If unloadTimingInfo is not null, then set unloadTimingInfo's unload event end time to the current high resolution time given newDocument's relevant global object, coarsened given oldDocument's relevant settings object's cross-origin isolated capability.
Decrease eventLoop's termination nesting level by 1.
Set oldDocument's suspension time to the current high resolution time given document's relevant global object.
Set oldDocument's suspended timer handles to the result of getting the keys for the map of active timers.
Set oldDocument's has been scrolled by the user to false.
Run any unloading document cleanup steps for oldDocument that are defined by this specification and other applicable specifications.
If oldDocument's node navigable is a top-level traversable, build not restored reasons for a top-level traversable and its descendants given oldDocument's node navigable.
If oldDocument's salvageable state is false, then destroy oldDocument.
Decrease oldDocument's unload counter by 1.
If newDocument is given, newDocument's was created via cross-origin redirects is false, and newDocument's origin is the same as oldDocument's origin, then set newDocument's previous document unload timing to unloadTimingInfo.
To unload a document and its descendants, given a Document
document, an optional Document-or-null newDocument (default
null), an optional set of steps afterAllUnloads, and an optional set of steps
firePageSwapSteps:
Assert: this is running within document's node navigable's traversable navigable's session history traversal queue.
Let childNavigables be document's child navigables.
Let numberUnloaded be 0.
For each childNavigable of childNavigable's in what order?, queue a global task on the navigation and traversal task source given childNavigable's active window to perform the following steps:
Let incrementUnloaded be an algorithm step which increments numberUnloaded.
Unload a document and its descendants given childNavigable's active document, null, and incrementUnloaded.
Wait until numberUnloaded equals childNavigable's size.
Queue a global task on the navigation and traversal task source given document's relevant global object to perform the following steps:
If firePageSwapSteps is given, then run firePageSwapSteps.
Unload document, passing along newDocument if it is not null.
If afterAllUnloads was given, then run it.
This specification defines the following unloading document cleanup steps.
Other specifications can define more. Given a Document document:
Let window be document's relevant global object.
For each WebSocket object webSocket whose relevant global
object is window, make disappear webSocket.
If this affected any WebSocket objects, then make document
unsalvageable given document and "websocket".
For each WebTransport object transport whose relevant global
object is window, run the context cleanup steps given
transport.
If document's salvageable state is false, then:
For each EventSource object eventSource whose relevant
global object is equal to window, forcibly close
eventSource.
Clear window's map of active timers.
It would be better if specification authors sent a pull request to add calls from here into their specifications directly, instead of using the unloading document cleanup steps hook, to ensure well-defined cross-specification call order. As of the time of this writing the following specifications are known to have unloading document cleanup steps, which will be run in an unspecified order: Fullscreen API, Web NFC, WebDriver BiDi, Compute Pressure, File API, Media Capture and Streams, Picture-in-Picture, Screen Orientation, Service Workers, WebLocks API, WebAudio API, WebRTC. [FULLSCREEN] [WEBNFC] [WEBDRIVERBIDI] [COMPUTEPRESSURE] [FILEAPI] [MEDIASTREAM] [PICTUREINPICTURE] [SCREENORIENTATION] [SW] [WEBLOCKS] [WEBAUDIO] [WEBRTC]
Issue #8906 tracks the work to make the order of these steps clear.
To destroy a
Document document:
Assert: this is running as part of a task queued on document's relevant agent's event loop.
Abort document.
Set document's salvageable state to false.
Let ports be the list of MessagePorts whose relevant global
object's associated Document is
document.
For each port in ports, disentangle port.
Run any unloading document cleanup steps for document that are defined by this specification and other applicable specifications.
Remove any tasks whose document is document from any task queue (without running those tasks).
Set document's browsing context to null.
Set document's node navigable's active session history entry's document state's document to null.
Remove document from the
owner set of each WorkerGlobalScope object whose set contains document.
For each workletGlobalScope in document's worklet global scopes, terminate workletGlobalScope.
Even after destruction, the Document object itself might still be
accessible to script, in the case where we are destroying a child navigable.
To destroy a document and its descendants given a Document
document and an optional set of steps afterAllDestruction, perform the
following steps in parallel:
If document is not fully active, then:
Let reason be a string from user-agent specific blocking reasons. If none
apply, then let reason be "masked".
Make document unsalvageable given document and reason.
If document's node navigable is a top-level traversable, build not restored reasons for a top-level traversable and its descendants given document's node navigable.
Let childNavigables be document's child navigables.
Let numberDestroyed be 0.
For each childNavigable of childNavigable's in what order?, queue a global task on the navigation and traversal task source given childNavigable's active window to perform the following steps:
Let incrementDestroyed be an algorithm step which increments numberDestroyed.
Destroy a document and its descendants given childNavigable's active document and incrementDestroyed.
Wait until numberDestroyed equals childNavigable's size.
Queue a global task on the navigation and traversal task source given document's relevant global object to perform the following steps:
Destroy document.
If afterAllDestruction was given, then run it.
To abort a Document document:
Assert: this is running as part of a task queued on document's relevant agent's event loop.
Cancel any instances of the fetch algorithm in the
context of document, discarding any tasks queued for them, and discarding any further data received from the
network for them. If this resulted in any instances of the fetch algorithm being canceled or any queued tasks or any network data getting
discarded, then make document unsalvageable given document and
"fetch".
If document's during-loading navigation ID for WebDriver BiDi is non-null, then:
Invoke WebDriver BiDi navigation aborted with document's browsing context, and a new WebDriver BiDi navigation
status whose id is
document's during-loading navigation
ID for WebDriver BiDi, status is "canceled", and url is document's URL.
Set document's during-loading navigation ID for WebDriver BiDi to null.
If document has an active parser, then:
Set document's active parser was aborted to true.
Set document's salvageable to false.
Make document unsalvageable given document and
"parser-aborted".
To abort a document and its descendants given a Document
document:
Assert: this is running as part of a task queued on document's relevant agent's event loop.
Let descendantNavigables be document's descendant navigables.
For each descendantNavigable of descendantNavigables in what order?, queue a global task on the navigation and traversal task source given descendantNavigable's active window to perform the following steps:
Abort descendantNavigable's active document.
If descendantNavigable's active document's salvageable is false, then set document's salvageable to false.
Abort document.
To stop loading a navigable navigable:
Let document be navigable's active document.
If document's unload counter is 0, and navigable's ongoing navigation is a navigation ID, then set the ongoing navigation for navigable to null.
This will have the effect of aborting any ongoing navigations of navigable, since at certain points during navigation, changes to the ongoing navigation will cause further work to be abandoned.
Abort a document and its descendants given document.
Through their user interface, user agents also
allow stopping traversals, i.e. cases where the ongoing navigation is "traversal". The above algorithm does not account for this. (On the other hand,
user agents do not allow window.stop() to stop traversals,
so the above algorithm is correct for that caller.) See issue #6905.
X-Frame-Options` header