A user account is required in order to edit this wiki, but we've had to disable public user registrations due to spam.
To request an account, ask an autoconfirmed user on Chat (such as one of these permanent autoconfirmed members).
Contexts: Difference between revisions
Jump to navigation
Jump to search
m (added Category:Spec coordination using HotCat) |
(→Context types: Add CSP directives and 'plugin' context.) |
||
| Line 10: | Line 10: | ||
! Used in HTML? | ! Used in HTML? | ||
! Used in CSS? | ! Used in CSS? | ||
! Sniffing Algorithm | ! [[MIME Sniffing|Sniffing]] Algorithm | ||
! CSP Directives | |||
|- | |- | ||
| browsing | | browsing | ||
| Line 19: | Line 20: | ||
| No? | | No? | ||
| [http://mimesniff.spec.whatwg.org/#mime-type-sniffing-algorithm MIME type sniffing algorithm] | | [http://mimesniff.spec.whatwg.org/#mime-type-sniffing-algorithm MIME type sniffing algorithm] | ||
| [https://dvcs.w3.org/hg/content-security-policy/raw-file/tip/csp-specification.dev.html#connect-src <code>connect-src</code>], [https://dvcs.w3.org/hg/content-security-policy/raw-file/tip/csp-specification.dev.html#frame-src <code>frame-src</code>] | |||
|- | |- | ||
| image | | image | ||
| Line 27: | Line 29: | ||
| Yes | | Yes | ||
| [http://mimesniff.spec.whatwg.org/#rules-for-sniffing-images-specifically rules for sniffing images specifically] | | [http://mimesniff.spec.whatwg.org/#rules-for-sniffing-images-specifically rules for sniffing images specifically] | ||
| [https://dvcs.w3.org/hg/content-security-policy/raw-file/tip/csp-specification.dev.html#img-src <code>img-src</code>] | |||
|- | |- | ||
| audio/video | | audio/video | ||
| Line 35: | Line 38: | ||
| No? | | No? | ||
| [http://mimesniff.spec.whatwg.org/#rules-for-sniffing-audio-and-video-specifically rules for sniffing audio and video specifically] | | [http://mimesniff.spec.whatwg.org/#rules-for-sniffing-audio-and-video-specifically rules for sniffing audio and video specifically] | ||
| [https://dvcs.w3.org/hg/content-security-policy/raw-file/tip/csp-specification.dev.html#media-src <code>media-src</code>] | |||
|- | |||
| plugin | |||
| | |||
| | |||
| Yes? | |||
| Yes | |||
| No? | |||
| | |||
| [https://dvcs.w3.org/hg/content-security-policy/raw-file/tip/csp-specification.dev.html#object-src <code>object-src</code>] | |||
|- | |- | ||
| style | | style | ||
| Line 43: | Line 56: | ||
| Yes? | | Yes? | ||
| | | | ||
| [https://dvcs.w3.org/hg/content-security-policy/raw-file/tip/csp-specification.dev.html#style-src <code>style-src</code>] | |||
|- | |- | ||
| script | | script | ||
| Line 51: | Line 65: | ||
| No? | | No? | ||
| | | | ||
| [https://dvcs.w3.org/hg/content-security-policy/raw-file/tip/csp-specification.dev.html#script-src <code>script-src</code>] | |||
|- | |- | ||
| font | | font | ||
| Line 59: | Line 74: | ||
| Yes | | Yes | ||
| [http://mimesniff.spec.whatwg.org/#rules-for-sniffing-fonts-specifically rules for sniffing fonts specifically] | | [http://mimesniff.spec.whatwg.org/#rules-for-sniffing-fonts-specifically rules for sniffing fonts specifically] | ||
| [https://dvcs.w3.org/hg/content-security-policy/raw-file/tip/csp-specification.dev.html#font-src <code>font-src</code>] | |||
|- | |- | ||
| text track | | text track | ||
| Line 66: | Line 82: | ||
| Yes | | Yes | ||
| No | | No | ||
| | |||
| | | | ||
|- | |- | ||
| Line 74: | Line 91: | ||
| Yes | | Yes | ||
| No | | No | ||
| | |||
| | | | ||
|} | |} | ||
Revision as of 18:20, 5 June 2013
Context types
| Context | Definition | Type Hint | Scriptable? | Used in HTML? | Used in CSS? | Sniffing Algorithm | CSP Directives |
|---|---|---|---|---|---|---|---|
| browsing | HTML | — | Yes | Yes | No? | MIME type sniffing algorithm | connect-src, frame-src
|
| image | No | Yes | Yes | rules for sniffing images specifically | img-src
| ||
| audio/video | No | Yes | No? | rules for sniffing audio and video specifically | media-src
| ||
| plugin | Yes? | Yes | No? | object-src
| |||
| style | @type or "text/css"
|
No | Yes | Yes? | style-src
| ||
| script | @type or "text/javascript"
|
Yes? | Yes | No? | script-src
| ||
| font | format()
|
No | No | Yes | rules for sniffing fonts specifically | font-src
| |
| text track | "text/vtt"
|
No | Yes | No | |||
| cache manifest | "text/cache-manifest"
|
No | Yes | No |
How to use a context
- Identify context.
- Determine whether to fetch resource based on type hint, if any.
- Set no-sniff flag on resource, if necessary.
- Fetch resource.
- Handle resource.
- Sniff resource.
- Process and display resource or prompt to download resource, as appropriate.