Merge with PR 548e7b2

w3c-fedid · Sep 3, 2024 · 8831339 · 8831339
1 parent 931272c
commit 8831339
Showing 1 changed file with 26 additions and 3 deletions.
diff --git a/spec/login-status.bs b/spec/login-status.bs
@@ -65,6 +65,29 @@ value |value|:
 
 </div>
 
+<!-- ============================================================ -->
+# Infrastructure algorithm # {#infra-algorithm}
+<!-- ============================================================ -->
+
+<div algorithm>
+An [=environment settings object=] (|settings|) is <dfn noexport>same-site with its
+  ancestors</dfn> if the following algorithm returns `true`:
+
+1.  If |settings|'s [=relevant global object=] has no [=associated Document=],
+    return `false`.
+1.  Let |document| be |settings|' [=relevant global object=]'s [=associated Document=].
+1.  If |document| has no [=Document/browsing context=], return `false`.
+1.  Let |origin| be |settings|' [=environment settings object/origin=].
+1.  Let |navigable| be |document|'s [=node navigable=].
+1.  While |navigable| has a non-null [=navigable/parent=]:
+    1.  Set |navigable| to |navigable|'s [=navigable/parent=].
+    1.  If |navigable|'s [=active document=]'s [=Document/origin=] is not
+        [=/same site=] with |origin|, return `false`.
+1.  Return `true`.
+
+</div>
+
+
 <!-- ============================================================ -->
 # HTTP header API # {#login-status-http}
 <!-- ============================================================ -->
@@ -84,9 +107,9 @@ process this header as follows:
 1. Let |client| be the [=/request=]'s [=request/client=].
 1. If the request's [=request/destination=] is not `"document"`:
     1. If |client| is null, return.
-    1. If |origin| is not [=same origin=] with the [=/request=]'s
+    1. If |origin| is not [=/same site=] with the [=/request=]'s
         [=request/origin=], return.
-    1. If |client| is not [=same-origin with its ancestors=], return.
+    1. If |client| is not [=same-site with its ancestors=], return.
 1. Assert that |value| is a tuple.
 1. Let |token| be the first entry of |value|.
 1. If |token| is `"logged-in"`, [=set the login status=] for |origin|
@@ -121,7 +144,7 @@ partial interface Navigator {
 
 <div algorithm="setStatus">
 When {{NavigatorLogin/setStatus()}} is called with argument |status|:
-1. If the [=current settings object=] is not [=same-origin with its ancestors=],
+1. If the [=current settings object=] is not [=same-site with its ancestors=],
     throw a {{SecurityError}} {{DOMException}}.
 1. Let |origin| be the [=current settings object=]'s
     [=environment settings object/origin=].