@@ -285,12 +285,10 @@ <h3>
|
285 | 285 | </p> |
286 | 286 | <p> |
287 | 287 | A <dfn data-lt="web share targets">web share target</dfn> is a web |
288 | | - site in a <a data-cite="!SECURE-CONTEXTS#secure-context">secure |
289 | | - context</a> with a valid manifest containing a <a>share_target</a> |
290 | | - member. A web share target is a type of <a data-cite= |
| 288 | + site with a valid manifest containing a <a>share_target</a> member. A |
| 289 | + web share target is a type of <a data-cite= |
291 | 290 | "!WebShare#dfn-share-target">share target</a>. |
292 | 291 | </p> |
293 | | -<div class="issue" data-number="27"></div> |
294 | 292 | <p> |
295 | 293 | The steps for <dfn>post-processing the <code>share_target</code> |
296 | 294 | member</dfn> is given by the following algorithm. The algorithm takes |
@@ -341,6 +339,13 @@ <h3>
|
341 | 339 | "!appmanifest#dfn-navigation-scope">navigation scope</a> , and |
342 | 340 | return <code>undefined</code>. |
343 | 341 | </li> |
| 342 | +<li>If the <a data-cite="!URL#concept-url-origin">origin</a> of <var> |
| 343 | + action</var> is not <a data-cite= |
| 344 | + "!SECURE-CONTEXTS/#is-origin-trustworthy">potentially |
| 345 | + trustworthy</a>, <a data-cite= |
| 346 | + "!appmanifest#dfn-issue-a-developer-warning">issue a developer |
| 347 | + warning</a> and return <code>undefined</code>. |
| 348 | +</li> |
344 | 349 | <li>Set <var>share target</var>["<a data-link-for= |
345 | 350 | "ShareTarget">action</a>"] to <var>action</var>. |
346 | 351 | </li> |
@@ -662,10 +667,11 @@ <h2>
|
662 | 667 | from an online index, rather than a set of targets that the end user |
663 | 668 | has explicitly installed or registered. |
664 | 669 | </li> |
665 | | -<li>The requirement that the web share target be a <a data-cite= |
666 | | - "SECURE-CONTEXTS#secure-context">secure context</a> is to prevent |
667 | | - private user data from being transmitted to a party that does not |
668 | | - control the origin in question, or in clear text over the network. |
| 670 | +<li>The requirement that the web share target's origin be |
| 671 | +<a data-cite="SECURE-CONTEXTS/#is-origin-trustworthy">potentially |
| 672 | + trustworthy</a> is to prevent private user data from being |
| 673 | + transmitted to a party that does not control the origin in question, |
| 674 | + or in clear text over the network. |
669 | 675 | </li> |
670 | 676 | </ul> |
671 | 677 | </section> |
|