This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.
It might be good to spell out the behavior for each of the various possibilities for the target attribute when activated from within a sandboxed iframe. My expectation is that it would be defined as follows: _blank => fails _self => navigates the iframe's browsing context _parent => fails unless parent is top and the "sandboxed top-level navigation browsing context flag" is not set _top => fails unless the "sandboxed top-level navigation browsing context flag" is not set windowName => ok if windowName is a) the sandboxed iframe itself b) a descendent browsing context of the sandboxed iframe c) the top browsing context and the "sandboxed top-level navigation browsing context flag" is not set
EDITOR'S RESPONSE: This is an Editor's Response to your comment. If you are satisfied with this response, please change the state of this bug to CLOSED. If you have additional information and would like the editor to reconsider, please reopen this bug. If you would like to escalate the issue to the full HTML Working Group, please add the TrackerRequest keyword to this bug, and suggest title and text for the tracker issue; or you may create a tracker issue yourself, if you are able to do so. For more details, see this document: http://dev.w3.org/html5/decision-policy/decision-policy.html Status: Partially Accepted Change Description: see diff given below Rationale: I've added a non-normative summary table that discusses the various cases and what they mean. I hope it's sufficient; let me know if you see any mistakes or if it isn't detailed enough.
Checked in as WHATWG revision r6217. Check-in comment: Give a summary of how target='' and sandbox='' interact. http://html5.org/tools/web-apps-tracker?from=6216&to=6217
Checked in as WHATWG revision r6218. Check-in comment: Make the summary a bit more detailed. http://html5.org/tools/web-apps-tracker?from=6217&to=6218
mass-move component to LC1