HTML5

When an algorithm B says to return to another algorithm A, it implies that A called B. Upon returning to A, the implementation must continue from where it left off in calling B.

A user agent must not consider the types text/plain and application/octet-stream as having a registered plugin.

Browsers should take extreme care when interacting with external content intended for plugins. When third-party software is run with the same privileges as the user agent itself, vulnerabilities in the third-party software become as dangerous as those in the user agent.

Since different users having differents sets of plugins provides a fingerprinting vector that increases the chances of users being uniquely identified, user agents are encouraged to support the exact same set of plugins for each user.

Requirements phrased in the imperative as part of algorithms (such as "strip any leading space characters" or "return false and abort these steps") are to be interpreted with the meaning of the key word ("must", "should", "may", etc) used in introducing the algorithm.

To eat an orange, the user must:
1. Peel the orange.
2. Separate each slice of the orange.
3. Eat the orange slices.

To eat an orange:
1. The user must peel the orange.
2. The user must separate each slice of the orange.
3. The user must eat the orange slices.

Conformance requirements phrased as algorithms or specific steps may be implemented in any manner, so long as the end result is equivalent. (In particular, the algorithms defined in this specification are intended to be easy to follow, and not intended to be performant.)

2.2.1 Conformance classes

This specification describes the conformance criteria for user agents (relevant to implementors) and documents (relevant to authors and authoring tool implementors).

Conforming documents are those that comply with all the conformance criteria for documents. For readability, some of these conformance requirements are phrased as conformance requirements on authors; such requirements are implicitly requirements on documents: by definition, all documents are assumed to have had an author. (In some cases, that author may itself be a user agent — such user agents are subject to additional rules, as explained below.)

For example, if a requirement states that "authors must not use the foobar element", it would imply that documents are not allowed to contain elements named foobar.

There is no implied relationship between document conformance requirements and implementation conformance requirements. User agents are not free to handle non-conformant documents as they please; the processing model described in this specification applies to implementations regardless of the conformity of the input documents.

User agents fall into several (overlapping) categories with different conformance requirements.

Web browsers and other interactive user agents

Web browsers that support the XHTML syntax must process elements and attributes from the HTML namespace found in XML documents as described in this specification, so that users can interact with them, unless the semantics of those elements have been overridden by other specifications.

A conforming XHTML processor would, upon finding an XHTML script element in an XML document, execute the script contained in that element. However, if the element is found within a transformation expressed in XSLT (assuming the user agent also supports XSLT), then the processor would instead treat the script element as an opaque element that forms part of the transform.

Web browsers that support the HTML syntax must process documents labeled with an HTML MIME type as described in this specification, so that users can interact with them.

Unless explicitly stated, specifications that override the semantics of HTML elements do not override the requirements on DOM objects representing those elements. For example, the script element in the example above would still implement the HTMLScriptElement interface.

Non-interactive presentation user agents

User agents that process HTML and XHTML documents purely to render non-interactive versions of them must comply to the same conformance criteria as Web browsers, except that they are exempt from requirements regarding user interaction.

Typical examples of non-interactive presentation user agents are printers (static UAs) and overhead displays (dynamic UAs). It is expected that most static non-interactive presentation user agents will also opt to lack scripting support.

A non-interactive but dynamic presentation UA would still execute scripts, allowing forms to be dynamically submitted, and so forth. However, since the concept of "focus" is irrelevant when the user cannot interact with the document, the UA would not need to support any of the focus-related DOM APIs.

Visual user agents that support the suggested default rendering

User agents, whether interactive or not, may be designated (possibly as a user option) as supporting the suggested default rendering defined by this specification.

This is not required. In particular, even user agents that do implement the suggested default rendering are encouraged to offer settings that override this default to improve the experience for the user, e.g. changing the color contrast, using different focus styles, or otherwise making the experience more accessible and usable to the user.

User agents that are designated as supporting the suggested default rendering must, while so designated, implement the rules in the rendering section that that section defines as the behavior that user agents are expected to implement.

User agents with no scripting support

Implementations that do not support scripting (or which have their scripting features disabled entirely) are exempt from supporting the events and DOM interfaces mentioned in this specification. For the parts of this specification that are defined in terms of an events model or in terms of the DOM, such user agents must still act as if events and the DOM were supported.

Scripting can form an integral part of an application. Web browsers that do not support scripting, or that have scripting disabled, might be unable to fully convey the author's intent.

Conformance checkers

Conformance checkers must verify that a document conforms to the applicable conformance criteria described in this specification. Automated conformance checkers are exempt from detecting errors that require interpretation of the author's intent (for example, while a document is non-conforming if the content of a blockquote element is not a quote, conformance checkers running without the input of human judgement do not have to check that blockquote elements only contain quoted material).

Conformance checkers must check that the input document conforms when parsed without a browsing context (meaning that no scripts are run, and that the parser's scripting flag is disabled), and should also check that the input document conforms when parsed with a browsing context in which scripts execute, and that the scripts never cause non-conforming states to occur other than transiently during script execution itself. (This is only a "SHOULD" and not a "MUST" requirement because it has been proven to be impossible. [COMPUTABLE])

The term "HTML validator" can be used to refer to a conformance checker that itself conforms to the applicable requirements of this specification.

XML DTDs cannot express all the conformance requirements of this specification. Therefore, a validating XML processor and a DTD cannot constitute a conformance checker. Also, since neither of the two authoring formats defined in this specification are applications of SGML, a validating SGML system cannot constitute a conformance checker either.

To put it another way, there are three types of conformance criteria:

1. Criteria that can be expressed in a DTD.
2. Criteria that cannot be expressed by a DTD, but can still be checked by a machine.
3. Criteria that can only be checked by a human.

A conformance checker must check for the first two. A simple DTD-based validator only checks for the first class of errors and is therefore not a conforming conformance checker according to this specification.

Data mining tools

Applications and tools that process HTML and XHTML documents for reasons other than to either render the documents or check them for conformance should act in accordance with the semantics of the documents that they process.

A tool that generates document outlines but increases the nesting level for each paragraph and does not increase the nesting level for each section would not be conforming.

Authoring tools and markup generators

Authoring tools and markup generators must generate conforming documents. Conformance criteria that apply to authors also apply to authoring tools, where appropriate.

Authoring tools are exempt from the strict requirements of using elements only for their specified purpose, but only to the extent that authoring tools are not yet able to determine author intent. However, authoring tools must not automatically misuse elements or encourage their users to do so.

For example, it is not conforming to use an address element for arbitrary contact information; that element can only be used for marking up contact information for the author of the document or section. However, since an authoring tool is likely unable to determine the difference, an authoring tool is exempt from that requirement. This does not mean, though, that authoring tools can use address elements for any block of italics text (for instance); it just means that the authoring tool doesn't have to verify that when the user uses a tool for inserting contact information for a section, that the user really is doing that and not inserting something else instead.

In terms of conformance checking, an editor has to output documents that conform to the same extent that a conformance checker will verify.

When an authoring tool is used to edit a non-conforming document, it may preserve the conformance errors in sections of the document that were not edited during the editing session (i.e. an editing tool is allowed to round-trip erroneous content). However, an authoring tool must not claim that the output is conformant if errors have been so preserved.

Authoring tools are expected to come in two broad varieties: tools that work from structure or semantic data, and tools that work on a What-You-See-Is-What-You-Get media-specific editing basis (WYSIWYG).

The former is the preferred mechanism for tools that author HTML, since the structure in the source information can be used to make informed choices regarding which HTML elements and attributes are most appropriate.

However, WYSIWYG tools are legitimate. WYSIWYG tools should use elements they know are appropriate, and should not use elements that they do not know to be appropriate. This might in certain extreme cases mean limiting the use of flow elements to just a few elements, like div, b, i, and span and making liberal use of the style attribute.

All authoring tools, whether WYSIWYG or not, should make a best effort attempt at enabling users to create well-structured, semantically rich, media-independent content.

User agents may impose implementation-specific limits on otherwise unconstrained inputs, e.g. to prevent denial of service attacks, to guard against running out of memory, or to work around platform-specific limitations.

For compatibility with existing content and prior specifications, this specification describes two authoring formats: one based on XML (referred to as the XHTML syntax), and one using a custom format inspired by SGML (referred to as the HTML syntax). Implementations must support at least one of these two formats, although supporting both is encouraged.

Some conformance requirements are phrased as requirements on elements, attributes, methods or objects. Such requirements fall into two categories: those describing content model restrictions, and those describing implementation behavior. Those in the former category are requirements on documents and authoring tools. Those in the second category are requirements on user agents. Similarly, some conformance requirements are phrased as requirements on authors; such requirements are to be interpreted as conformance requirements on the documents that authors produce. (In other words, this specification does not distinguish between conformance criteria on authors and conformance criteria on documents.)

2.2.2 Dependencies

This specification relies on several other underlying specifications.

Unicode and Encoding

The Unicode character set is used to represent textual data, and the Encoding standard defines requirements around character encodings. [UNICODE]

This specification introduces terminology based on the terms defined in those specifications, as described earlier.

The following terms are used as defined in the Encoding specification: [ENCODING]

• Getting an encoding
• The encoder and decoder algorithms for various encodings, including the UTF-8 encoder and UTF-8 decoder
• The generic decode algorithm which takes a byte stream and an encoding and returns a character stream
• The UTF-8 decode algorithm which takes a byte stream and returns a character stream, additionally stripping one leading UTF-8 Byte Order Mark (BOM), if any

The UTF-8 decoder is distinct from the UTF-8 decode algorithm. The latter first strips a Byte Order Mark (BOM), if any, and then invokes the former.

The decoder algorithm may produce an error, referred to in this specification as a decoder error.

For readability, character encodings are sometimes referenced in this specification with a case that differs from the canonical case given in the encoding standard. (For example, "UTF-16LE" instead of "utf-16le".)

XML

Implementations that support the XHTML syntax must support some version of XML, as well as its corresponding namespaces specification, because that syntax uses an XML serialization with namespaces. [XML] [XMLNS]

URLs

The following terms are defined in the URL standard: [URL]

• URL
• Absolute URL
• Relative URL
• Relative schemes
• The URL parser
• Parsed URL, which is the result of processing a URL through the URL parser
• The scheme component of a parsed URL
• The scheme data component of a parsed URL
• The username component of a parsed URL
• The password component of a parsed URL
• The host component of a parsed URL
• The port component of a parsed URL
• The path component of a parsed URL
• The query component of a parsed URL
• The fragment component of a parsed URL
• Parse errors from the URL parser
• The URL serializer
• Default encode set
• Percent encode
• UTF-8 percent encode
• Percent decode
• URLUtils interface
• href attribute
• protocol attribute
• The get the base hook for URLUtils
• The update steps hook for URLUtils
• The set the input algorithm for URLUtils
• The query encoding of an URLUtils object
• The input of an URLUtils object
• The url of an URLUtils object

Cookies

The following terms are defined in the Cookie specification: [COOKIES]

• cookie-string
• receives a set-cookie-string

CORS

The following terms are defined in the CORS specification: [CORS]

• cross-origin request
• cross-origin request status
• custom request headers
• simple cross-origin request
• redirect steps
• omit credentials flag
• resource sharing check

Web IDL

The IDL blocks in this specification are conforming IDL fragments as defined by the WebIDL specification. [WEBIDL]

The terms supported property indices, determine the value of an indexed property, support named properties, supported property names, determine the value of a named property, platform array objects, and read only (when applied to arrays) are used as defined in the Web IDL specification. The algorithm to convert a DOMString to a sequence of Unicode characters is similarly that defined in the Web IDL specification.

When this specification requires a user agent to create a Date object representing a particular time (which could be the special value Not-a-Number), the milliseconds component of that time, if any, must be truncated to an integer, and the time value of the newly created Date object must represent the resulting truncated time.

For instance, given the time 23045 millionths of a second after 01:00 UTC on January 1st 2000, i.e. the time 2000-01-01T00:00:00.023045Z, then the Date object created representing that time would represent the same time as that created representing the time 2000-01-01T00:00:00.023Z, 45 millionths earlier. If the given time is NaN, then the result is a Date object that represents a time value NaN (indicating that the object does not represent a specific instant of time).

JavaScript

Some parts of the language described by this specification only support JavaScript as the underlying scripting language. [ECMA262]

The term "JavaScript" is used to refer to ECMA262, rather than the official term ECMAScript, since the term JavaScript is more widely known. Similarly, the MIME type used to refer to JavaScript in this specification is text/javascript, since that is the most commonly used type, despite it being an officially obsoleted type according to RFC 4329. [RFC4329]

The term JavaScript global environment refers to the global environment concept defined in the ECMAScript specification.

The ECMAScript SyntaxError exception is also defined in the ECMAScript specification. [ECMA262]

DOM

The Document Object Model (DOM) is a representation — a model — of a document and its content. The DOM is not just an API; the conformance criteria of HTML implementations are defined, in this specification, in terms of operations on the DOM. [DOM]

Implementations must support DOM and the events defined in DOM Events, because this specification is defined in terms of the DOM, and some of the features are defined as extensions to the DOM interfaces. [DOM] [DOMEVENTS]

In particular, the following features are defined in the DOM specification: [DOM]

• Attr interface
• Comment interface
• DOMImplementation interface
• Document interface
• DocumentFragment interface
• DocumentType interface
• DOMException interface
• ChildNode interface
• Element interface
• Node interface
• NodeList interface
• ProcessingInstruction interface
• Text interface
• HTMLCollection interface
• item() method
• The terms collections and represented by the collection
• DOMTokenList interface
• DOMSettableTokenList interface
• createDocument() method
• createHTMLDocument() method
• createElement() method
• createElementNS() method
• getElementById() method
• insertBefore() method
• ownerDocument attribute
• childNodes attribute
• localName attribute
• parentNode attribute
• namespaceURI attribute
• tagName attribute
• id attribute
• textContent attribute
• The insert, append, remove, replace, and adopt algorithms for nodes
• The nodes are inserted and nodes are removed concepts
• The attribute list concept.
• The data of a text node.
• Event interface
• EventTarget interface
• EventInit dictionary type
• target attribute
• isTrusted attribute
• The type of an event
• The concept of an event listener and the event listeners associated with an EventTarget
• The concept of a regular event parent and a cross-boundary event parent
• The encoding (herein the character encoding) and content type of a Document
• The distinction between XML documents and HTML documents
• The terms quirks mode, limited-quirks mode, and no-quirks mode
• The algorithm to clone a Node, and the concept of cloning steps used by that algorithm
• The concept of base URL change steps and the definition of what happens when an element is affected by a base URL change
• The concept of an element's unique identifier (ID)
• The concept of a DOM range, and the terms start, end, and boundary point as applied to ranges.
• MutationObserver interface
• The MutationObserver scripting environment concept
• The invoke MutationObserver objects algorithm
• Promise interface
• The resolver concept
• The fulfill and reject algorithms

The term throw in this specification is used as defined in the DOM specification. The following DOMException types are defined in the DOM specification: [DOM]

1. IndexSizeError
3. HierarchyRequestError
4. WrongDocumentError
5. InvalidCharacterError
7. NoModificationAllowedError
8. NotFoundError
9. NotSupportedError
11. InvalidStateError
12. SyntaxError
13. InvalidModificationError
14. NamespaceError
15. InvalidAccessError
18. SecurityError
19. NetworkError
20. AbortError
21. URLMismatchError
22. QuotaExceededError
23. TimeoutError
24. InvalidNodeTypeError
25. DataCloneError

For example, to throw a TimeoutError exception, a user agent would construct a DOMException object whose type was the string "TimeoutError" (and whose code was the number 23, for legacy reasons) and actually throw that object as an exception.

The URL associated with a Document, as defined in the DOM specification, is referred to in this specification as the document's address.

The following features are defined in the DOM Events specification: [DOMEVENTS]

• MouseEvent interface
• MouseEventInit dictionary type
• The UIEvent interface's detail attribute
• click event

This specification sometimes uses the term name to refer to the event's type; as in, "an event named click" or "if the event name is keypress". The terms "name" and "type" for events are synonymous.

The following features are defined in the DOM Parsing and Serialization specification: [DOMPARSING]

• innerHTML
• outerHTML

User agents are also encouraged to implement the features described in the HTML Editing APIs and UndoManager and DOM Transaction specifications. [EDITING] [UNDO]

The following parts of the Fullscreen specification are referenced from this specification to define how the Fullscreen API interacts with the sandboxing features in HTML: [FULLSCREEN]

• The top layer concept
• requestFullscreen()
• The fullscreen enabled flag
• The fully exit fullscreen algorithm

Typed Arrays

The ArrayBuffer and ArrayBufferView interfaces and underlying concepts from the Typed Array Specification are used for several features in this specification. The Uint8ClampedArray interface type is specifically used in the definition of the canvas element's 2D API. [TYPEDARRAY]

File API

This specification uses the following features defined in the File API specification: [FILEAPI]

• Blob
• File
• FileList
• Blob.close()
• Blob.type
• The concept of read errors

XMLHttpRequest

This specification references the XMLHttpRequest specification in some non-normative notes and examples. The following features and terms are defined in the XMLHttpRequest specification: [XHR]

• XMLHttpRequest

Progress Events

This specification references the Progress Events specification to describe how the two specifications interact and to use its ProgressEvent features. The following features and terms are defined in the Progress Events specification: [PROGRESS-EVENTS]

• ProgressEvent
• Fire a progress event named e

Server-Sent Events

The following terms are defined in Server-Sent Events: [EVENTSOURCE]

• EventSource
• forcibly close

Media Queries

Implementations must support the Media Queries language. [MQ]

CSS modules

While support for CSS as a whole is not required of implementations of this specification (though it is encouraged, at least for Web browsers), some features are defined in terms of specific CSS requirements.

In particular, some features require that a string be parsed as a CSS <color> value. When parsing a CSS value, user agents are required by the CSS specifications to apply some error handling rules. These apply to this specification also. [CSSCOLOR] [CSS]

For example, user agents are required to close all open constructs upon finding the end of a style sheet unexpectedly. Thus, when parsing the string "rgb(0,0,0" (with a missing close-parenthesis) for a color value, the close parenthesis is implied by this error handling rule, and a value is obtained (the color 'black'). However, the similar construct "rgb(0,0," (with both a missing parenthesis and a missing "blue" value) cannot be parsed, as closing the open construct does not result in a viable value.

The term CSS element reference identifier is used as defined in the CSS Image Values and Replaced Content specification to define the API that declares identifiers for use with the CSS 'element()' function. [CSSIMAGES]

Similarly, the term provides a paint source is used as defined in the CSS Image Values and Replaced Content specification to define the interaction of certain HTML elements with the CSS 'element()' function. [CSSIMAGES]

The term default object size is also defined in the CSS Image Values and Replaced Content specification. [CSSIMAGES]

Support for the CSS Object Model is required for implementations that support scripting. The following features and terms are defined in the CSSOM specifications: [CSSOM] [CSSOMVIEW]

• Screen
• LinkStyle
• CSSStyleDeclaration
• cssText attribute of CSSStyleDeclaration
• StyleSheet
• sheet
• disabled
• Alternative style sheet sets and the preferred style sheet set
• Serializing a CSS value
• Scroll an element into view
• Scroll to the beginning of the document

The term CSS styling attribute is defined in the CSS Style Attributes specification. [CSSATTR]

The CanvasRenderingContext2D object's use of fonts depends on the features described in the CSS Fonts and Font Load Events specifications, including in particular FontLoader. [CSSFONTS] [CSSFONTLOAD]

SVG

The following interface is defined in the SVG specification: [SVG]

• SVGMatrix

WebGL

The following interface is defined in the WebGL specification: [WEBGL]

• WebGLRenderingContext

WebVTT

Implementations may support WebVTT as a text track format for subtitles, captions, chapter titles, metadata, etc, for media resources. [WEBVTT]

The following terms, used in this specification, are defined in the WebVTT specification:

• WebVTT file
• WebVTT file using cue text
• WebVTT file using chapter title text
• WebVTT file using only nested cues
• WebVTT parser
• The rules for updating the display of WebVTT text tracks
• The rules for interpreting WebVTT cue text
• The WebVTT text track cue writing direction

The WebSocket protocol

The following terms are defined in the WebSocket protocol specification: [WSP]

• establish a WebSocket connection
• the WebSocket connection is established
• validate the server's response
• extensions in use
• subprotocol in use
• headers to send appropriate cookies
• cookies set during the server's opening handshake
• a WebSocket message has been received
• fail the WebSocket connection
• close the WebSocket connection
• start the WebSocket closing handshake
• the WebSocket closing handshake is started
• the WebSocket connection is closed (possibly cleanly)
• the WebSocket connection close code
• the WebSocket connection close reason

Web Workers

The following terms are defined in Web Workers: [WEBWORKERS]

• Worker
• closing

2D Context

The following terms are defined in 2D Context: [CANVAS2D]

• Set bitmap dimensions

Web Messaging

The following terms are defined in Web Messaging: [WEBMSG]

• MessagePort

ARIA

The terms strong native semantics is used as defined in the ARIA specification. The term default implicit ARIA semantics has the same meaning as the term implicit WAI-ARIA semantics as used in the ARIA specification. [ARIA]

The role and aria-* attributes are defined in the ARIA specification. [ARIA]

This specification does not require support of any particular network protocol, style sheet language, scripting language, or any of the DOM specifications beyond those required in the list above. However, the language described by this specification is biased towards CSS as the styling language, JavaScript as the scripting language, and HTTP as the network protocol, and several features assume that those languages and protocols are in use.

A user agent that implements the HTTP protocol must implement the Web Origin Concept specification and the HTTP State Management Mechanism specification (Cookies) as well. [HTTP] [ORIGIN] [COOKIES]

This specification might have certain additional requirements on character encodings, image formats, audio formats, and video formats in the respective sections.

If such extensions are nonetheless needed, e.g. for experimental purposes, then vendors are strongly urged to use one of the following extension mechanisms:

• For markup-level features that can be limited to the XML serialization and need not be supported in the HTML serialization, vendors should use the namespace mechanism to define custom namespaces in which the non-standard elements and attributes are supported.

• For markup-level features that are intended for use with the HTML syntax, extensions should be limited to new attributes of the form "x-vendor-feature", where vendor is a short string that identifies the vendor responsible for the extension, and feature is the name of the feature. New element names should not be created. Using attributes for such extensions exclusively allows extensions from multiple vendors to co-exist on the same element, which would not be possible with elements. Using the "x-vendor-feature" form allows extensions to be made without risk of conflicting with future additions to the specification.

  For instance, a browser named "FerretBrowser" could use "ferret" as a vendor prefix, while a browser named "Mellblom Browser" could use "mb". If both of these browsers invented extensions that turned elements into scratch-and-sniff areas, an author experimenting with these features could write:

  <p>This smells of lemons!
  <span x-ferret-smellovision x-ferret-smellcode="LEM01"
        x-mb-outputsmell x-mb-smell="lemon juice"></span></p>

Attribute names beginning with the two characters "x-" are reserved for user agent use and are guaranteed to never be formally added to the HTML language. For flexibility, attributes names containing underscores (the U+005F LOW LINE character) are also reserved for experimental purposes and are guaranteed to never be formally added to the HTML language.

Pages that use such attributes are by definition non-conforming.

For DOM extensions, e.g. new methods and IDL attributes, the new members should be prefixed by vendor-specific strings to prevent clashes with future versions of this specification.

For events, experimental event types should be prefixed with vendor-specific strings.

All extensions must be defined so that the use of extensions neither contradicts nor causes the non-conformance of functionality defined in the specification.

When adding new reflecting IDL attributes corresponding to content attributes of the form "x-vendor-feature", the IDL attribute should be named "vendorFeature" (i.e. the "x" is dropped from the IDL attribute's name).

User agents must treat elements and attributes that they do not understand as semantically neutral; leaving them in the DOM (for DOM processors), and styling them according to CSS (for CSS processors), but not inferring any meaning from them.

When support for a feature is disabled (e.g. as an emergency measure to mitigate a security problem, or to aid in development, or for performance reasons), user agents must act as if they had no support for the feature whatsoever, and as if the feature was not mentioned in this specification. For example, if a particular feature is accessed via an attribute in a Web IDL interface, the attribute itself would be omitted from the objects that implement that interface — leaving the attribute on the object but making it return null or throw an exception is insufficient.

2.2.4 Interactions with XPath and XSLT

Implementations of XPath 1.0 that operate on HTML documents parsed or created in the manners described in this specification (e.g. as part of the document.evaluate() API) must act as if the following edit was applied to the XPath 1.0 specification.

First, remove this paragraph:

A QName in the node test is expanded into an expanded-name using the namespace declarations from the expression context. This is the same way expansion is done for element type names in start and end-tags except that the default namespace declared with xmlns is not used: if the QName does not have a prefix, then the namespace URI is null (this is the same way attribute names are expanded). It is an error if the QName has a prefix for which there is no namespace declaration in the expression context.

Then, insert in its place the following:

A QName in the node test is expanded into an expanded-name using the namespace declarations from the expression context. If the QName has a prefix, then there must be a namespace declaration for this prefix in the expression context, and the corresponding namespace URI is the one that is associated with this prefix. It is an error if the QName has a prefix for which there is no namespace declaration in the expression context.

If the QName has no prefix and the principal node type of the axis is element, then the default element namespace is used. Otherwise if the QName has no prefix, the namespace URI is null. The default element namespace is a member of the context for the XPath expression. The value of the default element namespace when executing an XPath expression through the DOM3 XPath API is determined in the following way:

1. If the context node is from an HTML DOM, the default element namespace is "http://www.w3.org/1999/xhtml".
2. Otherwise, the default element namespace URI is null.

This is equivalent to adding the default element namespace feature of XPath 2.0 to XPath 1.0, and using the HTML namespace as the default element namespace for HTML documents. It is motivated by the desire to have implementations be compatible with legacy HTML content while still supporting the changes that this specification introduces to HTML regarding the namespace used for HTML elements, and by the desire to use XPath 1.0 rather than XPath 2.0.

This change is a willful violation of the XPath 1.0 specification, motivated by desire to have implementations be compatible with legacy content while still supporting the changes that this specification introduces to HTML regarding which namespace is used for HTML elements. [XPATH10]

XSLT 1.0 processors outputting to a DOM when the output method is "html" (either explicitly or via the defaulting rule in XSLT 1.0) are affected as follows:

If the transformation program outputs an element in no namespace, the processor must, prior to constructing the corresponding DOM element node, change the namespace of the element to the HTML namespace, ASCII-lowercase the element's local name, and ASCII-lowercase the names of any non-namespaced attributes on the element.

This requirement is a willful violation of the XSLT 1.0 specification, required because this specification changes the namespaces and case-sensitivity rules of HTML in a manner that would otherwise be incompatible with DOM-based XSLT transformations. (Processors that serialize the output are unaffected.) [XSLT10]

This specification does not specify precisely how XSLT processing interacts with the HTML parser infrastructure (for example, whether an XSLT processor acts as if it puts any elements into a stack of open elements). However, XSLT processors must stop parsing if they successfully complete, and must set the current document readiness first to "interactive" and then to "complete" if they are aborted.

This specification does not specify how XSLT interacts with the navigation algorithm, how it fits in with the event loop, nor how error pages are to be handled (e.g. whether XSLT errors are to replace an incremental XSLT output, or are rendered inline, etc).

There are also additional non-normative comments regarding the interaction of XSLT and HTML in the script element section, and of XSLT, XPath, and HTML in the template element section.

Converting a string to ASCII uppercase means replacing all characters in the range U+0061 to U+007A (i.e. LATIN SMALL LETTER A to LATIN SMALL LETTER Z) with the corresponding characters in the range U+0041 to U+005A (i.e. LATIN CAPITAL LETTER A to LATIN CAPITAL LETTER Z).

Converting a string to ASCII lowercase means replacing all characters in the range U+0041 to U+005A (i.e. LATIN CAPITAL LETTER A to LATIN CAPITAL LETTER Z) with the corresponding characters in the range U+0061 to U+007A (i.e. LATIN SMALL LETTER A to LATIN SMALL LETTER Z).

Implementors are strongly urged to carefully examine any third-party libraries they might consider using to implement the parsing of syntaxes described below. For example, date libraries are likely to implement error handling behavior that differs from what is required in this specification, since error-handling behavior is often not defined in specifications that describe date syntaxes similar to those used in this specification, and thus implementations tend to vary greatly in how they handle errors.

2.4.1 Common parser idioms

Some of the micro-parsers described below follow the pattern of having an input variable that holds the string being parsed, and having a position variable pointing at the next character to parse in input.

For parsers based on this pattern, a step that requires the user agent to collect a sequence of characters means that the following algorithm must be run, with characters being the set of characters that can be collected:

1. Let input and position be the same variables as those of the same name in the algorithm that invoked these steps.

2. Let result be the empty string.

3. While position doesn't point past the end of input and the character at position is one of the characters, append that character to the end of result and advance position to the next character in input.

4. Return result.

The step skip whitespace means that the user agent must collect a sequence of characters that are space characters. The collected characters are not used.

When a user agent is to strip line breaks from a string, the user agent must remove any "LF" (U+000A) and "CR" (U+000D) characters from that string.

When a user agent is to strip leading and trailing whitespace from a string, the user agent must remove all space characters that are at the start or end of the string.

When a user agent is to strip and collapse whitespace in a string, it must replace any sequence of one or more consecutive space characters in that string with a single U+0020 SPACE character, and then strip leading and trailing whitespace from that string.

When a user agent has to strictly split a string on a particular delimiter character delimiter, it must use the following algorithm:

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Let tokens be an ordered list of tokens, initially empty.

4. While position is not past the end of input:

   1. Collect a sequence of characters that are not the delimiter character.

   2. Append the string collected in the previous step to tokens.

   3. Advance position to the next character in input.

5. Return tokens.

For the special cases of splitting a string on spaces and on commas, this algorithm does not apply (those algorithms also perform whitespace trimming).

The rules for parsing integers are as given in the following algorithm. When invoked, the steps must be followed in the order given, aborting at the first step that returns a value. This algorithm will return either an integer or an error.

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Let sign have the value "positive".

4. Skip whitespace.

5. If position is past the end of input, return an error.

6. If the character indicated by position (the first character) is a "-" (U+002D) character:

   1. Let sign be "negative".
   2. Advance position to the next character.
   3. If position is past the end of input, return an error.

   Otherwise, if the character indicated by position (the first character) is a "+" (U+002B) character:

   1. Advance position to the next character. (The "+" is ignored, but it is not conforming.)
   2. If position is past the end of input, return an error.

7. If the character indicated by position is not an ASCII digit, then return an error.

8. Collect a sequence of characters that are ASCII digits, and interpret the resulting sequence as a base-ten integer. Let value be that integer.

9. If sign is "positive", return value, otherwise return the result of subtracting value from zero.

The rules for parsing non-negative integers are as given in the following algorithm. When invoked, the steps must be followed in the order given, aborting at the first step that returns a value. This algorithm will return either zero, a positive integer, or an error.

1. Let input be the string being parsed.

2. Let value be the result of parsing input using the rules for parsing integers.

3. If value is an error, return an error.

4. If value is less than zero, return an error.

5. Return value.

The best representation of the number n as a floating-point number is the string obtained from applying the JavaScript operator ToString to n. The JavaScript operator ToString is not uniquely determined. When there are multiple possible strings that could be obtained from the JavaScript operator ToString for a particular value, the user agent must always return the same string for that value (though it may differ from the value used by other user agents).

The rules for parsing floating-point number values are as given in the following algorithm. This algorithm must be aborted at the first step that returns something. This algorithm will return either a number or an error.

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Let value have the value 1.

4. Let divisor have the value 1.

5. Let exponent have the value 1.

6. Skip whitespace.

7. If position is past the end of input, return an error.

8. If the character indicated by position is a U+002D HYPHEN-MINUS character (-):

   1. Change value and divisor to −1.
   2. Advance position to the next character.
   3. If position is past the end of input, return an error.

   Otherwise, if the character indicated by position (the first character) is a "+" (U+002B) character:

   1. Advance position to the next character. (The "+" is ignored, but it is not conforming.)
   2. If position is past the end of input, return an error.

9. If the character indicated by position is a "." (U+002E), and that is not the last character in input, and the character after the character indicated by position is an ASCII digit, then set value to zero and jump to the step labeled fraction.

10. If the character indicated by position is not an ASCII digit, then return an error.

11. Collect a sequence of characters that are ASCII digits, and interpret the resulting sequence as a base-ten integer. Multiply value by that integer.

12. If position is past the end of input, jump to the step labeled conversion.

13. Fraction: If the character indicated by position is a "." (U+002E), run these substeps:

    1. Advance position to the next character.

    2. If position is past the end of input, or if the character indicated by position is not an ASCII digit, "e" (U+0065), or "E" (U+0045), then jump to the step labeled conversion.

    3. If the character indicated by position is a "e" (U+0065) character or a "E" (U+0045) character, skip the remainder of these substeps.

    4. Fraction loop: Multiply divisor by ten.

    5. Add the value of the character indicated by position, interpreted as a base-ten digit (0..9) and divided by divisor, to value.

    6. Advance position to the next character.

    7. If position is past the end of input, then jump to the step labeled conversion.

    8. If the character indicated by position is an ASCII digit, jump back to the step labeled fraction loop in these substeps.

14. If the character indicated by position is a "e" (U+0065) character or a "E" (U+0045) character, run these substeps:

    1. Advance position to the next character.

    2. If position is past the end of input, then jump to the step labeled conversion.

    3. If the character indicated by position is a "-" (U+002D) character:

       1. Change exponent to −1.
       2. Advance position to the next character.

       3. If position is past the end of input, then jump to the step labeled conversion.

       Otherwise, if the character indicated by position is a "+" (U+002B) character:

       1. Advance position to the next character.

       2. If position is past the end of input, then jump to the step labeled conversion.

    4. If the character indicated by position is not an ASCII digit, then jump to the step labeled conversion.

    5. Collect a sequence of characters that are ASCII digits, and interpret the resulting sequence as a base-ten integer. Multiply exponent by that integer.

    6. Multiply value by ten raised to the exponentth power.

15. Conversion: Let S be the set of finite IEEE 754 double-precision floating-point values except −0, but with two special values added: 2¹⁰²⁴ and −2¹⁰²⁴.

16. Let rounded-value be the number in S that is closest to value, selecting the number with an even significand if there are two equally close values. (The two special values 2¹⁰²⁴ and −2¹⁰²⁴ are considered to have even significands for this purpose.)

17. If rounded-value is 2¹⁰²⁴ or −2¹⁰²⁴, return an error.

18. Return rounded-value.

2.4.4.4 Percentages and lengths

The rules for parsing dimension values are as given in the following algorithm. When invoked, the steps must be followed in the order given, aborting at the first step that returns a value. This algorithm will return either a number greater than or equal to 1.0, or an error; if a number is returned, then it is further categorized as either a percentage or a length.

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Skip whitespace.

4. If position is past the end of input, return an error.

5. If the character indicated by position is a U+002B PLUS SIGN character (+), advance position to the next character.

6. Collect a sequence of characters that are "0" (U+0030) characters, and discard them.

7. If position is past the end of input, return an error.

8. If the character indicated by position is not one of "1" (U+0031) to "9" (U+0039), then return an error.

9. Collect a sequence of characters that are ASCII digits, and interpret the resulting sequence as a base-ten integer. Let value be that number.

10. If position is past the end of input, return value as a length.

11. If the character indicated by position is a U+002E FULL STOP character (.):

    1. Advance position to the next character.

    2. If position is past the end of input, or if the character indicated by position is not an ASCII digit, then return value as a length.

    3. Let divisor have the value 1.

    4. Fraction loop: Multiply divisor by ten.

    5. Add the value of the character indicated by position, interpreted as a base-ten digit (0..9) and divided by divisor, to value.

    6. Advance position to the next character.

    7. If position is past the end of input, then return value as a length.

    8. If the character indicated by position is an ASCII digit, return to the step labeled fraction loop in these substeps.

12. If position is past the end of input, return value as a length.

13. If the character indicated by position is a "%" (U+0025) character, return value as a percentage.

14. Return value as a length.

The rules for parsing a list of integers are as follows:

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Let numbers be an initially empty list of integers. This list will be the result of this algorithm.

4. If there is a character in the string input at position position, and it is either a U+0020 SPACE, U+002C COMMA, or U+003B SEMICOLON character, then advance position to the next character in input, or to beyond the end of the string if there are no more characters.

5. If position points to beyond the end of input, return numbers and abort.

6. If the character in the string input at position position is a U+0020 SPACE, U+002C COMMA, or U+003B SEMICOLON character, then return to step 4.

7. Let negated be false.

8. Let value be 0.

9. Let started be false. This variable is set to true when the parser sees a number or a "-" (U+002D) character.

10. Let got number be false. This variable is set to true when the parser sees a number.

11. Let finished be false. This variable is set to true to switch parser into a mode where it ignores characters until the next separator.

12. Let bogus be false.

13. Parser: If the character in the string input at position position is:

    A U+002D HYPHEN-MINUS character

    Follow these substeps:

    1. If got number is true, let finished be true.
    2. If finished is true, skip to the next step in the overall set of steps.
    3. If started is true, let negated be false.
    4. Otherwise, if started is false and if bogus is false, let negated be true.
    5. Let started be true.

    An ASCII digit

    Follow these substeps:

    1. If finished is true, skip to the next step in the overall set of steps.
    2. Multiply value by ten.
    3. Add the value of the digit, interpreted in base ten, to value.
    4. Let started be true.
    5. Let got number be true.

    A U+0020 SPACE character

    A U+002C COMMA character

    A U+003B SEMICOLON character

    Follow these substeps:

    1. If got number is false, return the numbers list and abort. This happens if an entry in the list has no digits, as in "1,2,x,4".
    2. If negated is true, then negate value.
    3. Append value to the numbers list.
    4. Jump to step 4 in the overall set of steps.

    A character in the range U+0001 to U+001F, U+0021 to U+002B, U+002D to U+002F, U+003A, U+003C to U+0040, U+005B to U+0060, U+007b to U+007F (i.e. any other non-alphabetic ASCII character)

    Follow these substeps:

    1. If got number is true, let finished be true.
    2. If finished is true, skip to the next step in the overall set of steps.
    3. Let negated be false.

    Any other character

    Follow these substeps:

    1. If finished is true, skip to the next step in the overall set of steps.
    2. Let negated be false.
    3. Let bogus be true.
    4. If started is true, then return the numbers list, and abort. (The value in value is not appended to the list first; it is dropped.)

14. Advance position to the next character in input, or to beyond the end of the string if there are no more characters.

15. If position points to a character (and not to beyond the end of input), jump to the big Parser step above.

16. If negated is true, then negate value.

17. If got number is true, then append value to the numbers list.

18. Return the numbers list and abort.

2.4.4.6 Lists of dimensions

The rules for parsing a list of dimensions are as follows. These rules return a list of zero or more pairs consisting of a number and a unit, the unit being one of percentage, relative, and absolute.

1. Let raw input be the string being parsed.

2. If the last character in raw input is a "," (U+002C) character, then remove that character from raw input.

3. Split the string raw input on commas. Let raw tokens be the resulting list of tokens.

4. Let result be an empty list of number/unit pairs.

5. For each token in raw tokens, run the following substeps:

   1. Let input be the token.

   2. Let position be a pointer into input, initially pointing at the start of the string.

   3. Let value be the number 0.

   4. Let unit be absolute.

   5. If position is past the end of input, set unit to relative and jump to the last substep.

   6. If the character at position is an ASCII digit, collect a sequence of characters that are ASCII digits, interpret the resulting sequence as an integer in base ten, and increment value by that integer.

   7. If the character at position is a "." (U+002E) character, run these substeps:

      1. Collect a sequence of characters consisting of space characters and ASCII digits. Let s be the resulting sequence.

      2. Remove all space characters in s.

      3. If s is not the empty string, run these subsubsteps:

         1. Let length be the number of characters in s (after the spaces were removed).

         2. Let fraction be the result of interpreting s as a base-ten integer, and then dividing that number by 10^length.

         3. Increment value by fraction.

   8. Skip whitespace.

   9. If the character at position is a "%" (U+0025) character, then set unit to percentage.

      Otherwise, if the character at position is a U+002A ASTERISK character (*), then set unit to relative.

   10. Add an entry to result consisting of the number given by value and the unit given by unit.

6. Return the list result.

While the formats described here are intended to be subsets of the corresponding ISO8601 formats, this specification defines parsing rules in much more detail than ISO8601. Implementors are therefore encouraged to carefully examine any date parsing libraries before using them to implement the parsing rules described below; ISO8601 libraries might not parse dates and times in exactly the same manner. [ISO8601]

The rules to parse a month string are as follows. This will return either a year and month, or nothing. If at any point the algorithm says that it "fails", this means that it is aborted at that point and returns nothing.

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Parse a month component to obtain year and month. If this returns nothing, then fail.

4. If position is not beyond the end of input, then fail.

5. Return year and month.

The rules to parse a month component, given an input string and a position, are as follows. This will return either a year and a month, or nothing. If at any point the algorithm says that it "fails", this means that it is aborted at that point and returns nothing.

1. Collect a sequence of characters that are ASCII digits. If the collected sequence is not at least four characters long, then fail. Otherwise, interpret the resulting sequence as a base-ten integer. Let that number be the year.

2. If year is not a number greater than zero, then fail.

3. If position is beyond the end of input or if the character at position is not a U+002D HYPHEN-MINUS character, then fail. Otherwise, move position forwards one character.

4. Collect a sequence of characters that are ASCII digits. If the collected sequence is not exactly two characters long, then fail. Otherwise, interpret the resulting sequence as a base-ten integer. Let that number be the month.

5. If month is not a number in the range 1 ≤ month ≤ 12, then fail.

6. Return year and month.

The rules to parse a date string are as follows. This will return either a date, or nothing. If at any point the algorithm says that it "fails", this means that it is aborted at that point and returns nothing.

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Parse a date component to obtain year, month, and day. If this returns nothing, then fail.

4. If position is not beyond the end of input, then fail.

5. Let date be the date with year year, month month, and day day.

6. Return date.

The rules to parse a date component, given an input string and a position, are as follows. This will return either a year, a month, and a day, or nothing. If at any point the algorithm says that it "fails", this means that it is aborted at that point and returns nothing.

1. Parse a month component to obtain year and month. If this returns nothing, then fail.

2. Let maxday be the number of days in month month of year year.

3. If position is beyond the end of input or if the character at position is not a U+002D HYPHEN-MINUS character, then fail. Otherwise, move position forwards one character.

4. Collect a sequence of characters that are ASCII digits. If the collected sequence is not exactly two characters long, then fail. Otherwise, interpret the resulting sequence as a base-ten integer. Let that number be the day.

5. If day is not a number in the range 1 ≤ day ≤ maxday, then fail.

6. Return year, month, and day.

The rules to parse a yearless date string are as follows. This will return either a month and a day, or nothing. If at any point the algorithm says that it "fails", this means that it is aborted at that point and returns nothing.

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Parse a yearless date component to obtain month and day. If this returns nothing, then fail.

4. If position is not beyond the end of input, then fail.

5. Return month and day.

The rules to parse a yearless date component, given an input string and a position, are as follows. This will return either a month and a day, or nothing. If at any point the algorithm says that it "fails", this means that it is aborted at that point and returns nothing.

1. Collect a sequence of characters that are "-" (U+002D) characters. If the collected sequence is not exactly zero or two characters long, then fail.

2. Collect a sequence of characters that are ASCII digits. If the collected sequence is not exactly two characters long, then fail. Otherwise, interpret the resulting sequence as a base-ten integer. Let that number be the month.

3. If month is not a number in the range 1 ≤ month ≤ 12, then fail.

4. Let maxday be the number of days in month month of any arbitrary leap year (e.g. 4 or 2000).

5. If position is beyond the end of input or if the character at position is not a U+002D HYPHEN-MINUS character, then fail. Otherwise, move position forwards one character.

6. Collect a sequence of characters that are ASCII digits. If the collected sequence is not exactly two characters long, then fail. Otherwise, interpret the resulting sequence as a base-ten integer. Let that number be the day.

7. If day is not a number in the range 1 ≤ day ≤ maxday, then fail.

8. Return month and day.

The rules to parse a time string are as follows. This will return either a time, or nothing. If at any point the algorithm says that it "fails", this means that it is aborted at that point and returns nothing.

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Parse a time component to obtain hour, minute, and second. If this returns nothing, then fail.

4. If position is not beyond the end of input, then fail.

5. Let time be the time with hour hour, minute minute, and second second.

6. Return time.

The rules to parse a time component, given an input string and a position, are as follows. This will return either an hour, a minute, and a second, or nothing. If at any point the algorithm says that it "fails", this means that it is aborted at that point and returns nothing.

1. Collect a sequence of characters that are ASCII digits. If the collected sequence is not exactly two characters long, then fail. Otherwise, interpret the resulting sequence as a base-ten integer. Let that number be the hour.

2. If hour is not a number in the range 0 ≤ hour ≤ 23, then fail.

3. If position is beyond the end of input or if the character at position is not a U+003A COLON character, then fail. Otherwise, move position forwards one character.

4. Collect a sequence of characters that are ASCII digits. If the collected sequence is not exactly two characters long, then fail. Otherwise, interpret the resulting sequence as a base-ten integer. Let that number be the minute.

5. If minute is not a number in the range 0 ≤ minute ≤ 59, then fail.

6. Let second be a string with the value "0".

7. If position is not beyond the end of input and the character at position is a U+003A COLON, then run these substeps:

   1. Advance position to the next character in input.

   2. If position is beyond the end of input, or at the last character in input, or if the next two characters in input starting at position are not both ASCII digits, then fail.

   3. Collect a sequence of characters that are either ASCII digits or U+002E FULL STOP characters. If the collected sequence is three characters long, or if it is longer than three characters long and the third character is not a U+002E FULL STOP character, or if it has more than one U+002E FULL STOP character, then fail. Otherwise, let the collected string be second instead of its previous value.

8. Interpret second as a base-ten number (possibly with a fractional part). Let second be that number instead of the string version.

9. If second is not a number in the range 0 ≤ second < 60, then fail.

10. Return hour, minute, and second.

The rules to parse a floating date and time string are as follows. This will return either a date and time, or nothing. If at any point the algorithm says that it "fails", this means that it is aborted at that point and returns nothing.

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Parse a date component to obtain year, month, and day. If this returns nothing, then fail.

4. If position is beyond the end of input or if the character at position is neither a U+0054 LATIN CAPITAL LETTER T character (T) nor a U+0020 SPACE character, then fail. Otherwise, move position forwards one character.

5. Parse a time component to obtain hour, minute, and second. If this returns nothing, then fail.

6. If position is not beyond the end of input, then fail.

7. Let date be the date with year year, month month, and day day.

8. Let time be the time with hour hour, minute minute, and second second.

9. Return date and time.

The rules to parse a time-zone offset string are as follows. This will return either a time-zone offset, or nothing. If at any point the algorithm says that it "fails", this means that it is aborted at that point and returns nothing.

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Parse a time-zone offset component to obtain timezone_hours and timezone_minutes. If this returns nothing, then fail.

4. If position is not beyond the end of input, then fail.

5. Return the time-zone offset that is timezone_hours hours and timezone_minutes minutes from UTC.

The rules to parse a time-zone offset component, given an input string and a position, are as follows. This will return either time-zone hours and time-zone minutes, or nothing. If at any point the algorithm says that it "fails", this means that it is aborted at that point and returns nothing.

1. If the character at position is a U+005A LATIN CAPITAL LETTER Z character (Z), then:

   1. Let timezone_hours be 0.

   2. Let timezone_minutes be 0.

   3. Advance position to the next character in input.

   Otherwise, if the character at position is either a "+" (U+002B) or a "-" (U+002D), then:

   1. If the character at position is a "+" (U+002B), let sign be "positive". Otherwise, it's a "-" (U+002D); let sign be "negative".

   2. Advance position to the next character in input.

   3. Collect a sequence of characters that are ASCII digits. Let s be the collected sequence.

   4. If s is exactly two characters long, then run these substeps:

      1. Interpret s as a base-ten integer. Let that number be the timezone_hours.

      2. If position is beyond the end of input or if the character at position is not a U+003A COLON character, then fail. Otherwise, move position forwards one character.

      3. Collect a sequence of characters that are ASCII digits. If the collected sequence is not exactly two characters long, then fail. Otherwise, interpret the resulting sequence as a base-ten integer. Let that number be the timezone_minutes.

      If s is exactly four characters long, then run these substeps:

      1. Interpret the first two characters of s as a base-ten integer. Let that number be the timezone_hours.

      2. Interpret the last two characters of s as a base-ten integer. Let that number be the timezone_minutes.

      Otherwise, fail.

   5. If timezone_hours is not a number in the range 0 ≤ timezone_hours ≤ 23, then fail.
   6. If sign is "negative", then negate timezone_hours.
   7. If timezone_minutes is not a number in the range 0 ≤ timezone_minutes ≤ 59, then fail.
   8. If sign is "negative", then negate timezone_minutes.

   Otherwise, fail.

2. Return timezone_hours and timezone_minutes.

The rules to parse a global date and time string are as follows. This will return either a time in UTC, with associated time-zone offset information for round-tripping or display purposes, or nothing. If at any point the algorithm says that it "fails", this means that it is aborted at that point and returns nothing.

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Parse a date component to obtain year, month, and day. If this returns nothing, then fail.

4. If position is beyond the end of input or if the character at position is neither a U+0054 LATIN CAPITAL LETTER T character (T) nor a U+0020 SPACE character, then fail. Otherwise, move position forwards one character.

5. Parse a time component to obtain hour, minute, and second. If this returns nothing, then fail.

6. If position is beyond the end of input, then fail.

7. Parse a time-zone offset component to obtain timezone_hours and timezone_minutes. If this returns nothing, then fail.

8. If position is not beyond the end of input, then fail.

9. Let time be the moment in time at year year, month month, day day, hours hour, minute minute, second second, subtracting timezone_hours hours and timezone_minutes minutes. That moment in time is a moment in the UTC time zone.

10. Let timezone be timezone_hours hours and timezone_minutes minutes from UTC.

11. Return time and timezone.

The rules to parse a week string are as follows. This will return either a week-year number and week number, or nothing. If at any point the algorithm says that it "fails", this means that it is aborted at that point and returns nothing.

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Collect a sequence of characters that are ASCII digits. If the collected sequence is not at least four characters long, then fail. Otherwise, interpret the resulting sequence as a base-ten integer. Let that number be the year.

4. If year is not a number greater than zero, then fail.

5. If position is beyond the end of input or if the character at position is not a U+002D HYPHEN-MINUS character, then fail. Otherwise, move position forwards one character.

6. If position is beyond the end of input or if the character at position is not a "W" (U+0057) character, then fail. Otherwise, move position forwards one character.

7. Collect a sequence of characters that are ASCII digits. If the collected sequence is not exactly two characters long, then fail. Otherwise, interpret the resulting sequence as a base-ten integer. Let that number be the week.

8. Let maxweek be the week number of the last day of year year.

9. If week is not a number in the range 1 ≤ week ≤ maxweek, then fail.

10. If position is not beyond the end of input, then fail.

11. Return the week-year number year and the week number week.

The rules to parse a duration string are as follows. This will return either a duration or nothing. If at any point the algorithm says that it "fails", this means that it is aborted at that point and returns nothing.

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Let months, seconds, and component count all be zero.

4. Let M-disambiguator be minutes.

   This flag's other value is months. It is used to disambiguate the "M" unit in ISO8601 durations, which use the same unit for months and minutes. Months are not allowed, but are parsed for future compatibility and to avoid misinterpreting ISO8601 durations that would be valid in other contexts.

5. Skip whitespace.

6. If position is past the end of input, then fail.

7. If the character in input pointed to by position is a U+0050 LATIN CAPITAL LETTER P character, then advance position to the next character, set M-disambiguator to months, and skip whitespace.

8. Run the following substeps in a loop, until a step requiring the loop to be broken or the entire algorithm to fail is reached:

   1. Let units be undefined. It will be assigned one of the following values: years, months, weeks, days, hours, minutes, and seconds.

   2. Let next character be undefined. It is used to process characters from the input.

   3. If position is past the end of input, then break the loop.

   4. If the character in input pointed to by position is a U+0054 LATIN CAPITAL LETTER T character, then advance position to the next character, set M-disambiguator to minutes, skip whitespace, and return to the top of the loop.

   5. Set next character to the character in input pointed to by position.

   6. If next character is a "." (U+002E) character, then let N equal zero. (Do not advance position. That is taken care of below.)

      Otherwise, if next character is an ASCII digit, then collect a sequence of characters that are ASCII digits, interpret the resulting sequence as a base-ten integer, and let N be that number.

      Otherwise next character is not part of a number; fail.

   7. If position is past the end of input, then fail.

   8. Set next character to the character in input pointed to by position, and this time advance position to the next character. (If next character was a U+002E FULL STOP character (.) before, it will still be that character this time.)

   9. If next character is a "." (U+002E) character, then run these substeps:

      1. Collect a sequence of characters that are ASCII digits. Let s be the resulting sequence.

      2. If s is the empty string, then fail.

      3. Let length be the number of characters in s.

      4. Let fraction be the result of interpreting s as a base-ten integer, and then dividing that number by 10^length.

      5. Increment N by fraction.

      6. Skip whitespace.

      7. If position is past the end of input, then fail.

      8. Set next character to the character in input pointed to by position, and advance position to the next character.

      9. If next character is neither a U+0053 LATIN CAPITAL LETTER S character nor a U+0073 LATIN SMALL LETTER S character, then fail.

      10. Set units to seconds.

      Otherwise, run these substeps:

      1. If next character is a space character, then skip whitespace, set next character to the character in input pointed to by position, and advance position to the next character.

      2. If next character is a U+0059 LATIN CAPITAL LETTER Y character, or a U+0079 LATIN SMALL LETTER Y character, set units to years and set M-disambiguator to months.

         If next character is a U+004D LATIN CAPITAL LETTER M character or a U+006D LATIN SMALL LETTER M character, and M-disambiguator is months, then set units to months.

         If next character is a U+0057 LATIN CAPITAL LETTER W character or a U+0077 LATIN SMALL LETTER W character, set units to weeks and set M-disambiguator to minutes.

         If next character is a U+0044 LATIN CAPITAL LETTER D character or a U+0064 LATIN SMALL LETTER D character, set units to days and set M-disambiguator to minutes.

         If next character is a U+0048 LATIN CAPITAL LETTER H character or a U+0068 LATIN SMALL LETTER H character, set units to hours and set M-disambiguator to minutes.

         If next character is a U+004D LATIN CAPITAL LETTER M character or a U+006D LATIN SMALL LETTER M character, and M-disambiguator is minutes, then set units to minutes.

         If next character is a U+0053 LATIN CAPITAL LETTER S character or a U+0073 LATIN SMALL LETTER S character, set units to seconds and set M-disambiguator to minutes.

         Otherwise if next character is none of the above characters, then fail.

   10. Increment component count.

   11. Let multiplier be 1.

   12. If units is years, multiply multiplier by 12 and set units to months.

   13. If units is months, add the product of N and multiplier to months.

       Otherwise, run these substeps:

       1. If units is weeks, multiply multiplier by 7 and set units to days.

       2. If units is days, multiply multiplier by 24 and set units to hours.

       3. If units is hours, multiply multiplier by 60 and set units to minutes.

       4. If units is minutes, multiply multiplier by 60 and set units to seconds.

       5. Forcibly, units is now seconds. Add the product of N and multiplier to seconds.

   14. Skip whitespace.

9. If component count is zero, fail.

10. If months is not zero, fail.

11. Return the duration consisting of seconds seconds.

The rules to parse a date or time string are as follows. The algorithm will return either a date, a time, a global date and time, or nothing. If at any point the algorithm says that it "fails", this means that it is aborted at that point and returns nothing.

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Set start position to the same position as position.

4. Set the date present and time present flags to true.

5. Parse a date component to obtain year, month, and day. If this fails, then set the date present flag to false.

6. If date present is true, and position is not beyond the end of input, and the character at position is either a "T" (U+0054) character or a U+0020 SPACE character, then advance position to the next character in input.

   Otherwise, if date present is true, and either position is beyond the end of input or the character at position is neither a "T" (U+0054) character nor a U+0020 SPACE character, then set time present to false.

   Otherwise, if date present is false, set position back to the same position as start position.

7. If the time present flag is true, then parse a time component to obtain hour, minute, and second. If this returns nothing, then fail.

8. If the date present and time present flags are both true, but position is beyond the end of input, then fail.

9. If the date present and time present flags are both true, parse a time-zone offset component to obtain timezone_hours and timezone_minutes. If this returns nothing, then fail.

10. If position is not beyond the end of input, then fail.

11. If the date present flag is true and the time present flag is false, then let date be the date with year year, month month, and day day, and return date.

    Otherwise, if the time present flag is true and the date present flag is false, then let time be the time with hour hour, minute minute, and second second, and return time.

    Otherwise, let time be the moment in time at year year, month month, day day, hours hour, minute minute, second second, subtracting timezone_hours hours and timezone_minutes minutes, that moment in time being a moment in the UTC time zone; let timezone be timezone_hours hours and timezone_minutes minutes from UTC; and return time and timezone.

The rules for parsing simple color values are as given in the following algorithm. When invoked, the steps must be followed in the order given, aborting at the first step that returns a value. This algorithm will return either a simple color or an error.

1. Let input be the string being parsed.

2. If input is not exactly seven characters long, then return an error.

3. If the first character in input is not a U+0023 NUMBER SIGN character (#), then return an error.

4. If the last six characters of input are not all ASCII hex digits, then return an error.

5. Let result be a simple color.

6. Interpret the second and third characters as a hexadecimal number and let the result be the red component of result.

7. Interpret the fourth and fifth characters as a hexadecimal number and let the result be the green component of result.

8. Interpret the sixth and seventh characters as a hexadecimal number and let the result be the blue component of result.

9. Return result.

The rules for serializing simple color values given a simple color are as given in the following algorithm:

1. Let result be a string consisting of a single "#" (U+0023) character.

2. Convert the red, green, and blue components in turn to two-digit hexadecimal numbers using lowercase ASCII hex digits, zero-padding if necessary, and append these numbers to result, in the order red, green, blue.

3. Return result, which will be a valid lowercase simple color.

Some obsolete legacy attributes parse colors in a more complicated manner, using the rules for parsing a legacy color value, which are given in the following algorithm. When invoked, the steps must be followed in the order given, aborting at the first step that returns a value. This algorithm will return either a simple color or an error.

1. Let input be the string being parsed.

2. If input is the empty string, then return an error.

3. Strip leading and trailing whitespace from input.

4. If input is an ASCII case-insensitive match for the string "transparent", then return an error.

5. If input is an ASCII case-insensitive match for one of the keywords listed in the SVG color keywords section of the CSS3 Color specification, then return the simple color corresponding to that keyword. [CSSCOLOR]

   CSS2 System Colors are not recognised.

6. If input is four characters long, and the first character in input is a "#" (U+0023) character, and the last three characters of input are all ASCII hex digits, then run these substeps:

   1. Let result be a simple color.

   2. Interpret the second character of input as a hexadecimal digit; let the red component of result be the resulting number multiplied by 17.

   3. Interpret the third character of input as a hexadecimal digit; let the green component of result be the resulting number multiplied by 17.

   4. Interpret the fourth character of input as a hexadecimal digit; let the blue component of result be the resulting number multiplied by 17.

   5. Return result.

7. Replace any characters in input that have a Unicode code point greater than U+FFFF (i.e. any characters that are not in the basic multilingual plane) with the two-character string "00".

8. If input is longer than 128 characters, truncate input, leaving only the first 128 characters.

9. If the first character in input is a "#" (U+0023) character, remove it.

10. Replace any character in input that is not an ASCII hex digit with the character "0" (U+0030).

11. While input's length is zero or not a multiple of three, append a "0" (U+0030) character to input.

12. Split input into three strings of equal length, to obtain three components. Let length be the length of those components (one third the length of input).

13. If length is greater than 8, then remove the leading length-8 characters in each component, and let length be 8.

14. While length is greater than two and the first character in each component is a "0" (U+0030) character, remove that character and reduce length by one.

15. If length is still greater than two, truncate each component, leaving only the first two characters in each.

16. Let result be a simple color.

17. Interpret the first component as a hexadecimal number; let the red component of result be the resulting number.

18. Interpret the second component as a hexadecimal number; let the green component of result be the resulting number.

19. Interpret the third component as a hexadecimal number; let the blue component of result be the resulting number.

20. Return result.

When a user agent has to split a string on spaces, it must use the following algorithm:

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Let tokens be an ordered list of tokens, initially empty.

4. Skip whitespace

5. While position is not past the end of input:

   1. Collect a sequence of characters that are not space characters.

   2. Append the string collected in the previous step to tokens.

   3. Skip whitespace

6. Return tokens.

When a user agent has to split a string on commas, it must use the following algorithm:

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Let tokens be an ordered list of tokens, initially empty.

4. Token: If position is past the end of input, jump to the last step.

5. Collect a sequence of characters that are not "," (U+002C) characters. Let s be the resulting sequence (which might be the empty string).

6. Strip leading and trailing whitespace from s.

7. Append s to tokens.

8. If position is not past the end of input, then the character at position is a "," (U+002C) character; advance position past that character.

9. Jump back to the step labeled token.

10. Return tokens.

The rules for parsing a hash-name reference to an element of type type are as follows:

1. If the string being parsed does not contain a U+0023 NUMBER SIGN character, or if the first such character in the string is the last character in the string, then return null and abort these steps.

2. Let s be the string from the character immediately after the first U+0023 NUMBER SIGN character in the string being parsed up to the end of that string.

3. Return the first element of type type that has an id attribute whose value is a case-sensitive match for s or a name attribute whose value is a compatibility caseless match for s.

2.5.2 Resolving URLs

Resolving a URL is the process of taking a relative URL and obtaining the absolute URL that it implies.

To resolve a URL to an absolute URL relative to either another absolute URL or an element, the user agent must use the following steps. Resolving a URL can result in an error, in which case the URL is not resolvable.

1. Let url be the URL being resolved.

2. Let encoding be determined as follows:

   If the URL had a character encoding defined when the URL was created or defined or when this algorithm was invoked

   The URL character encoding is as defined.

   If the URL came from a script (e.g. as an argument to a method)

   The URL character encoding is the API URL character encoding specified by the script's settings object.

   If the URL came from a DOM node (e.g. from an element)

   The node has a Document, and the URL character encoding is the document's character encoding.

3. If encoding is a UTF-16 encoding, then change the value of encoding to UTF-8.

4. If the algorithm was invoked with an absolute URL to use as the base URL, let base be that absolute URL.

   Otherwise, let base be the element's base URL.

5. Apply the URL parser to url, with base as the base URL, with encoding as the encoding.

6. If this returns failure, then abort these steps with an error.

7. Let parsed URL be the result of the URL parser.

8. Let serialized URL be the result of apply the URL serializer to parsed URL.

9. Return serialized URL as the resulting absolute URL and parsed URL as the resulting parsed URL.

Given an element, the element's base URL is the base URI of the element, as defined by the XML Base specification, with the base URI of the document entity being defined as the document base URL of the Document that owns the element. [XMLBASE]

For the purposes of the XML Base specification, user agents must act as if all Document objects represented XML documents.

It is possible for xml:base attributes to be present even in HTML fragments, as such attributes can be added dynamically using script. (Such scripts would not be conforming, however, as xml:base attributes are not allowed in HTML documents.)

2.5.3 Dynamic changes to base URLs

When an xml:base attribute is set, changed, or removed, the attribute's element, and all descendant elements, are affected by a base URL change.

When a document's document base URL changes, all elements in that document are affected by a base URL change.

The following are base URL change steps, which run when an element is affected by a base URL change (as defined by the DOM specification):

If the element creates a hyperlink

If the absolute URL identified by the hyperlink is being shown to the user, or if any data derived from that URL is affecting the display, then the href attribute should be re-resolved relative to the element and the UI updated appropriately.

For example, the CSS :link/:visited pseudo-classes might have been affected.

If the element is a q, blockquote, ins, or del element with a cite attribute

If the absolute URL identified by the cite attribute is being shown to the user, or if any data derived from that URL is affecting the display, then the URL should be re-resolved relative to the element and the UI updated appropriately.

Otherwise

The element is not directly affected.

For instance, changing the base URL doesn't affect the image displayed by img elements, although subsequent accesses of the src IDL attribute from script will return a new absolute URL that might no longer correspond to the image being shown.

2.6 Fetching resources

2.6.1 Terminology

User agents can implement a variety of transfer protocols, but this specification mostly defines behavior in terms of HTTP. [HTTP]

The HTTP GET method is equivalent to the default retrieval action of the protocol. For example, RETR in FTP. Such actions are idempotent and safe, in HTTP terms.

The HTTP response codes are equivalent to statuses in other protocols that have the same basic meanings. For example, a "file not found" error is equivalent to a 404 code, a server error is equivalent to a 5xx code, and so on.

The HTTP headers are equivalent to fields in other protocols that have the same basic meaning. For example, the HTTP authentication headers are equivalent to the authentication aspects of the FTP protocol.

A referrer source is either a Document or a URL.

2.6.2 Processing model

When a user agent is to fetch a resource or URL, optionally from an origin origin, optionally using a specific referrer source as an override referrer source, and optionally with any of a synchronous flag, a manual redirect flag, a force same-origin flag, and a block cookies flag, the following steps must be run. (When a URL is to be fetched, the URL identifies a resource to be obtained.)

1. If there is a specific override referrer source, and it is a URL, then let referrer be the override referrer source, and jump to the step labeled clean referrer.

2. Let document be the appropriate Document as given by the following list:

   If there is a specific override referrer source

   The override referrer source.

   When navigating

   The active document of the source browsing context.

   When fetching resources for an element

   The element's Document.

3. While document is an iframe srcdoc document, let document be document's browsing context's browsing context container's Document instead.

4. If the origin of Document is not a scheme/host/port tuple, then set referrer to the empty string and jump to the step labeled clean referrer.

5. Let referrer be the document's address of document.

6. Clean referrer: Apply the URL parser to referrer and let parsed referrer be the resulting parsed URL.

7. Let referrer be the result of applying the URL serializer to parsed referrer, with the exclude fragment flag set.

8. If referrer is not the empty string, is not a data: URL, and is not the URL "about:blank", then generate the address of the resource from which Request-URIs are obtained as required by HTTP for the Referer (sic) header from referrer. [HTTP]

   Otherwise, the Referer (sic) header must be omitted, regardless of its value.

9. If the algorithm was not invoked with the synchronous flag, perform the remaining steps asynchronously.

10. If the Document with which any tasks queued by this algorithm would be associated doesn't have an associated browsing context, then abort these steps.

11. This is the main step.

    If the resource is to be obtained from an application cache, then use the data from that application cache, as if it had been obtained in the manner appropriate given its URL.

    If the resource is identified by an absolute URL, and the resource is to be obtained using an idempotent action (such as an HTTP GET or equivalent), and it is already being downloaded for other reasons (e.g. another invocation of this algorithm), and this request would be identical to the previous one (e.g. same Accept and Origin headers), and the user agent is configured such that it is to reuse the data from the existing download instead of initiating a new one, then use the results of the existing download instead of starting a new one.

    Otherwise, if the resource is identified by an absolute URL with a scheme that does not define a mechanism to obtain the resource (e.g. it is a mailto: URL) or that the user agent does not support, then act as if the resource was an HTTP 204 No Content response with no other metadata.

    Otherwise, if the resource is identified by the URL about:blank, then the resource is immediately available and consists of the empty string, with no metadata.

    Otherwise, at a time convenient to the user and the user agent, download (or otherwise obtain) the resource, applying the semantics of the relevant specifications (e.g. performing an HTTP GET or POST operation, or reading the file from disk, or expanding data: URLs, etc).

    For the purposes of the Referer (sic) header, use the address of the resource from which Request-URIs are obtained generated in the earlier step.

    For the purposes of the Origin header, if the fetching algorithm was explicitly initiated from an origin, then the origin that initiated the HTTP request is origin. Otherwise, this is a request from a "privacy-sensitive" context. [ORIGIN]

12. If the algorithm was not invoked with the block cookies flag, and there are cookies to be set, then the user agent must run the following substeps:

    1. Wait until ownership of the storage mutex can be taken by this instance of the fetching algorithm.

    2. Take ownership of the storage mutex.

    3. Update the cookies. [COOKIES]

    4. Release the storage mutex so that it is once again free.

13. If the fetched resource is an HTTP redirect or equivalent, then:

    If the force same-origin flag is set and the URL of the target of the redirect does not have the same origin as the URL for which the fetch algorithm was invoked

    Abort these steps and return failure from this algorithm, as if the remote host could not be contacted.

    If the manual redirect flag is set

    Continue, using the fetched resource (the redirect) as the result of the algorithm. If the calling algorithm subsequently requires the user agent to transparently follow the redirect, then the user agent must resume this algorithm from the main step, but using the target of the redirect as the resource to fetch, rather than the original resource.

    Otherwise

    First, apply any relevant requirements for redirects (such as showing any appropriate prompts). Then, redo main step, but using the target of the redirect as the resource to fetch, rather than the original resource. For HTTP requests, the new request must include the same headers as the original request, except for headers for which other requirements are specified (such as the Host header). [HTTP]

    The HTTP specification requires that 301, 302, and 307 redirects, when applied to methods other than the safe methods, not be followed without user confirmation. That would be an appropriate prompt for the purposes of the requirement in the paragraph above. [HTTP]

14. If the algorithm was not invoked with the synchronous flag: When the resource is available, or if there is an error of some description, queue a task that uses the resource as appropriate. If the resource can be processed incrementally, as, for instance, with a progressively interlaced JPEG or an HTML file, additional tasks may be queued to process the data as it is downloaded. The task source for these tasks is the networking task source.

    Otherwise, return the resource or error information to the calling algorithm.

If the user agent can determine the actual length of the resource being fetched for an instance of this algorithm, and if that length is finite, then that length is the file's size. Otherwise, the subject of the algorithm (that is, the resource being fetched) has no known size. (For example, the HTTP Content-Length header might provide this information.)

The user agent must also keep track of the number of bytes downloaded for each instance of this algorithm. This number must exclude any out-of-band metadata, such as HTTP headers.

The application cache processing model introduces some changes to the networking model to handle the returning of cached resources.

The navigation processing model handles redirects itself, overriding the redirection handling that would be done by the fetching algorithm.

Whether the type sniffing rules apply to the fetched resource depends on the algorithm that invokes the rules — they are not always applicable.

2.6.3 Encrypted HTTP and related security concerns

Anything in this specification that refers to HTTP also applies to HTTP-over-TLS, as represented by URLs representing the https scheme. [HTTP]

User agents should report certificate errors to the user and must either refuse to download resources sent with erroneous certificates or must act as if such resources were in fact served with no encryption.

User agents should warn the user that there is a potential problem whenever the user visits a page that the user has previously visited, if the page uses less secure encryption on the second visit.

Not doing so can result in users not noticing man-in-the-middle attacks.

2.6.4 Determining the type of a resource

The Content-Type metadata of a resource must be obtained and interpreted in a manner consistent with the requirements of the MIME Sniffing specification. [MIMESNIFF]

The sniffed type of a resource must be found in a manner consistent with the requirements given in the MIME Sniffing specification for finding the sniffed media type of the relevant sequence of octets. [MIMESNIFF]

The rules for sniffing images specifically and the rules for distinguishing if a resource is text or binary are also defined in the MIME Sniffing specification. Both sets of rules return a MIME type as their result. [MIMESNIFF]

It is imperative that the rules in the MIME Sniffing specification be followed exactly. When a user agent uses different heuristics for content type detection than the server expects, security problems can occur. For more details, see the MIME Sniffing specification. [MIMESNIFF]

2.6.5 Extracting character encodings from meta elements

The algorithm for extracting a character encoding from a meta element, given a string s, is as follows. It either returns a character encoding or nothing.

1. Let position be a pointer into s, initially pointing at the start of the string.

2. Loop: Find the first seven characters in s after position that are an ASCII case-insensitive match for the word "charset". If no such match is found, return nothing and abort these steps.

3. Skip any space characters that immediately follow the word "charset" (there might not be any).

4. If the next character is not a "=" (U+003D), then move position to point just before that next character, and jump back to the step labeled loop.

5. Skip any space characters that immediately follow the equals sign (there might not be any).

6. Process the next character as follows:

   If it is a """ (U+0022) character and there is a later """ (U+0022) character in s

   If it is a "'" (U+0027) character and there is a later "'" (U+0027) character in s

   Return the result of getting an encoding from the substring that is between this character and the next earliest occurrence of this character.

   If it is an unmatched """ (U+0022) character

   If it is an unmatched "'" (U+0027) character

   If there is no next character

   Return nothing.

   Otherwise

   Return the result of getting an encoding from the substring that consists of this character up to but not including the first space character or ";" (U+003B) character, or the end of s, whichever comes first.

This algorithm is distinct from those in the HTTP specification (for example, HTTP doesn't allow the use of single quotes and requires supporting a backslash-escape mechanism that is not supported by this algorithm). While the algorithm is used in contexts that, historically, were related to HTTP, the syntax as supported by implementations diverged some time ago. [HTTP]

2.6.7 CORS-enabled fetch

When the user agent is required to perform a potentially CORS-enabled fetch of an absolute URL URL with a mode mode that is either "No CORS", "Anonymous", or "Use Credentials", optionally using a referrer source referrer source, with an origin origin, and with a default origin behaviour default which is either "taint" or "fail", it must run the first applicable set of steps from the following list. The default origin behaviour is only used if mode is "No CORS". This algorithm wraps the fetch algorithm above, and labels the obtained resource as either CORS-same-origin or CORS-cross-origin, or blocks the resource entirely.

If the URL has the same origin as origin

If the URL is a data: URL

If the URL is about:blank

Run these substeps:

1. Fetch URL, using referrer source if one was specified, with the manual redirect flag set.

2. Loop: Wait for the fetch algorithm to know if the result is a redirect or not.

3. Follow the first appropriate steps from the following list:

   If the result of the fetch is a redirect, and the origin of the target URL of the redirect is not the same origin as origin

   Set URL to the target URL of the redirect and return to the top of the potentially CORS-enabled fetch algorithm (this time, one of the other branches below might be taken, based on the value of mode).

   If the result of the fetch is a redirect

   The origin of the target URL of the redirect is the same origin as origin.

   Transparently follow the redirect and jump to the step labeled loop above.

   Otherwise

   The resource is available, it is not a redirect, and its origin is the same origin as origin.

   The tasks from the fetch algorithm are queued normally, and for the purposes of the calling algorithm, the obtained resource is CORS-same-origin.

If mode is "No CORS" and default is taint

The URL does not have the same origin as origin.

Fetch URL, using referrer source if one was specified.

The tasks from the fetch algorithm are queued normally, but for the purposes of the calling algorithm, the obtained resource is CORS-cross-origin. The user agent may report a cross-origin resource access failure to the user (e.g. in a debugging console).

If mode is "No CORS"

The URL does not have the same origin as origin, and default is fail.

Discard any data fetched as part of this algorithm, and prevent any tasks from such invocations of the fetch algorithm from being queued. For the purposes of the calling algorithm, the user agent must act as if there was a fatal network error and no resource was obtained. The user agent may report a cross-origin resource access failure to the user (e.g. in a debugging console).

If mode is "Anonymous" or "Use Credentials"

The URL does not have the same origin as origin.

Run these steps:

1. Perform a cross-origin request with the request URL set to URL, with the CORS referrer source set to referrer source if one was specified, the source origin set to origin, and with the omit credentials flag set if mode is "Anonymous" and not set otherwise. [CORS]

2. Wait for the CORS cross-origin request status to have a value.

3. Jump to the appropriate step from the following list:

   If the CORS cross-origin request status is not success

   Discard all fetched data and prevent any tasks from the fetch algorithm from being queued. For the purposes of the calling algorithm, the user agent must act as if there was a fatal network error and no resource was obtained. If a CORS resource sharing check failed, the user agent may report a cross-origin resource access failure to the user (e.g. in a debugging console).

   If the CORS cross-origin request status is success

   The tasks from the fetch algorithm are queued normally, and for the purposes of the calling algorithm, the obtained resource is CORS-same-origin.

In general, on getting, if the content attribute is not present, the IDL attribute must act as if the content attribute's value is the empty string; and on setting, if the content attribute is not present, it must first be added.

If a reflecting IDL attribute is a DOMString attribute whose content attribute is defined to contain a URL, then on getting, the IDL attribute must resolve the value of the content attribute relative to the element and return the resulting absolute URL if that was successful, or the empty string otherwise; and on setting, must set the content attribute to the specified literal value. If the content attribute is absent, the IDL attribute must return the default value, if the content attribute has one, or else the empty string.

If a reflecting IDL attribute is a DOMString attribute whose content attribute is defined to contain one or more URLs, then on getting, the IDL attribute must split the content attribute on spaces and return the concatenation of resolving each token URL to an absolute URL relative to the element, with a single U+0020 SPACE character between each URL, ignoring any tokens that did not resolve successfully. If the content attribute is absent, the IDL attribute must return the default value, if the content attribute has one, or else the empty string. On setting, the IDL attribute must set the content attribute to the specified literal value.

If a reflecting IDL attribute is a DOMString attribute whose content attribute is an enumerated attribute, and the IDL attribute is limited to only known values, then, on getting, the IDL attribute must return the conforming value associated with the state the attribute is in (in its canonical case), if any, or the empty string if the attribute is in a state that has no associated keyword value or if the attribute is not in a defined state (e.g. the attribute is missing and there is no missing value default); and on setting, the content attribute must be set to the specified new value.

If a reflecting IDL attribute is a DOMString attribute but doesn't fall into any of the above categories, then the getting and setting must be done in a transparent, case-preserving manner.

If a reflecting IDL attribute is a boolean attribute, then on getting the IDL attribute must return true if the content attribute is set, and false if it is absent. On setting, the content attribute must be removed if the IDL attribute is set to false, and must be set to the empty string if the IDL attribute is set to true. (This corresponds to the rules for boolean content attributes.)

If a reflecting IDL attribute has a signed integer type (long) then, on getting, the content attribute must be parsed according to the rules for parsing signed integers, and if that is successful, and the value is in the range of the IDL attribute's type, the resulting value must be returned. If, on the other hand, it fails or returns an out of range value, or if the attribute is absent, then the default value must be returned instead, or 0 if there is no default value. On setting, the given value must be converted to the shortest possible string representing the number as a valid integer and then that string must be used as the new content attribute value.

If a reflecting IDL attribute has a signed integer type (long) that is limited to only non-negative numbers then, on getting, the content attribute must be parsed according to the rules for parsing non-negative integers, and if that is successful, and the value is in the range of the IDL attribute's type, the resulting value must be returned. If, on the other hand, it fails or returns an out of range value, or if the attribute is absent, the default value must be returned instead, or −1 if there is no default value. On setting, if the value is negative, the user agent must throw an IndexSizeError exception. Otherwise, the given value must be converted to the shortest possible string representing the number as a valid non-negative integer and then that string must be used as the new content attribute value.

If a reflecting IDL attribute has an unsigned integer type (unsigned long) then, on getting, the content attribute must be parsed according to the rules for parsing non-negative integers, and if that is successful, and the value is in the range 0 to 2147483647 inclusive, the resulting value must be returned. If, on the other hand, it fails or returns an out of range value, or if the attribute is absent, the default value must be returned instead, or 0 if there is no default value. On setting, first, if the new value is in the range 0 to 2147483647, then let n be the new value, otherwise let n be the default value, or 0 if there is no default value; then, n must be converted to the shortest possible string representing the number as a valid non-negative integer and that string must be used as the new content attribute value.

If a reflecting IDL attribute has an unsigned integer type (unsigned long) that is limited to only non-negative numbers greater than zero, then the behavior is similar to the previous case, but zero is not allowed. On getting, the content attribute must first be parsed according to the rules for parsing non-negative integers, and if that is successful, and the value is in the range 1 to 2147483647 inclusive, the resulting value must be returned. If, on the other hand, it fails or returns an out of range value, or if the attribute is absent, the default value must be returned instead, or 1 if there is no default value. On setting, if the value is zero, the user agent must throw an IndexSizeError exception. Otherwise, first, if the new value is in the range 1 to 2147483647, then let n be the new value, otherwise let n be the default value, or 1 if there is no default value; then, n must be converted to the shortest possible string representing the number as a valid non-negative integer and that string must be used as the new content attribute value.

If a reflecting IDL attribute has a floating-point number type (double or unrestricted double), then, on getting, the content attribute must be parsed according to the rules for parsing floating-point number values, and if that is successful, the resulting value must be returned. If, on the other hand, it fails, or if the attribute is absent, the default value must be returned instead, or 0.0 if there is no default value. On setting, the given value must be converted to the best representation of the number as a floating-point number and then that string must be used as the new content attribute value.

If a reflecting IDL attribute has a floating-point number type (double or unrestricted double) that is limited to numbers greater than zero, then the behavior is similar to the previous case, but zero and negative values are not allowed. On getting, the content attribute must be parsed according to the rules for parsing floating-point number values, and if that is successful and the value is greater than 0.0, the resulting value must be returned. If, on the other hand, it fails or returns an out of range value, or if the attribute is absent, the default value must be returned instead, or 0.0 if there is no default value. On setting, if the value is less than or equal to zero, then the value must be ignored. Otherwise, the given value must be converted to the best representation of the number as a floating-point number and then that string must be used as the new content attribute value.

The values Infinity and Not-a-Number (NaN) values throw an exception on setting, as defined in the Web IDL specification. [WEBIDL]

If a reflecting IDL attribute has the type DOMTokenList or DOMSettableTokenList, then on getting it must return a DOMTokenList or DOMSettableTokenList object (as appropriate) whose associated element is the element in question and whose associated attribute's local name is the name of the attribute in question. The same DOMTokenList or DOMSettableTokenList object must be returned every time for each attribute.

If a reflecting IDL attribute has the type HTMLElement, or an interface that descends from HTMLElement, then, on getting, it must run the following algorithm (stopping at the first point where a value is returned):

1. If the corresponding content attribute is absent, then the IDL attribute must return null.
2. Let candidate be the element that the document.getElementById() method would find when called on the content attribute's document if it were passed as its argument the current value of the corresponding content attribute.
3. If candidate is null, or if it is not type-compatible with the IDL attribute, then the IDL attribute must return null.
4. Otherwise, it must return candidate.

On setting, if the given element has an id attribute, and has the same home subtree as the element of the attribute being set, and the given element is the first element in that home subtree whose ID is the value of that id attribute, then the content attribute must be set to the value of that id attribute. Otherwise, the content attribute must be set to the empty string.

The object's supported property indices are as defined for HTMLCollection objects.

The supported property names consist of the non-empty values of all the id attributes of all the elements represented by the collection, and the non-empty values of all the name attributes of all the a, applet, area, embed, form, frame, frameset, iframe, img, and object elements represented by the collection, in tree order, ignoring later duplicates, with the id of an element preceding its name if it contributes both, they differ from each other, and neither is the duplicate of an earlier entry.

The item(name) and namedItem(name) methods must act according to the following algorithm:

1. If name is the empty string, return null and stop the algorithm.

2. Let collection be an HTMLCollection object rooted at the same node as the HTMLAllCollection object on which the method was invoked, whose filter matches only elements that already match the filter of the HTMLAllCollection object on which the method was invoked and that are either:

   • a, applet, area, embed, form, frame, frameset, iframe, img, or object elements with a name attribute equal to name, or,
   • elements with an ID equal to name.
3. If, at the time the method is called, there is exactly one node in collection, then return that node and stop the algorithm.
4. Otherwise, if, at the time the method is called, collection is empty, return null and stop the algorithm.
5. Otherwise, return collection.

The tags(tagName) method must return an HTMLAllCollection rooted at the same node as the HTMLAllCollection object on which the method was invoked, whose filter matches only HTML elements whose local name is the tagName argument and that already match the filter of the HTMLAllCollection object on which the method was invoked. In HTML documents, the argument must first be converted to ASCII lowercase.

The object's supported property indices are as defined for HTMLCollection objects.

The supported property names consist of the non-empty values of all the id and name attributes of all the elements represented by the collection, in tree order, ignoring later duplicates, with the id of an element preceding its name if it contributes both, they differ from each other, and neither is the duplicate of an earlier entry.

The namedItem(name) method must act according to the following algorithm:

1. If name is the empty string, return null and stop the algorithm.
2. If, at the time the method is called, there is exactly one node in the collection that has either an id attribute or a name attribute equal to name, then return that node and stop the algorithm.
3. Otherwise, if there are no nodes in the collection that have either an id attribute or a name attribute equal to name, then return null and stop the algorithm.
4. Otherwise, create a new RadioNodeList object representing a live view of the HTMLFormControlsCollection object, further filtered so that the only nodes in the RadioNodeList object are those that have either an id attribute or a name attribute equal to name. The nodes in the RadioNodeList object must be sorted in tree order.
5. Return that RadioNodeList object.

Members of the RadioNodeList interface inherited from the NodeList interface must behave as they would on a NodeList object.

The value IDL attribute on the RadioNodeList object, on getting, must return the value returned by running the following steps:

1. Let element be the first element in tree order represented by the RadioNodeList object that is an input element whose type attribute is in the Radio Button state and whose checkedness is true. Otherwise, let it be null.

2. If element is null, or if it is an element with no value attribute, return the empty string.

3. Otherwise, return the value of element's value attribute.

On setting, the value IDL attribute must run the following steps:

1. Let element be the first element in tree order represented by the RadioNodeList object that is an input element whose type attribute is in the Radio Button state and whose value content attribute is present and equal to the new value, if any. Otherwise, let it be null.

2. If element is not null, then set its checkedness to true.

The object's supported property indices are as defined for HTMLCollection objects.

On getting, the length attribute must return the number of nodes represented by the collection.

On setting, the behavior depends on whether the new value is equal to, greater than, or less than the number of nodes represented by the collection at that time. If the number is the same, then setting the attribute must do nothing. If the new value is greater, then n new option elements with no attributes and no child nodes must be appended to the select element on which the HTMLOptionsCollection is rooted, where n is the difference between the two numbers (new value minus old value). Mutation events must be fired as if a DocumentFragment containing the new option elements had been inserted. If the new value is lower, then the last n nodes in the collection must be removed from their parent nodes, where n is the difference between the two numbers (old value minus new value).

Setting length never removes or adds any optgroup elements, and never adds new children to existing optgroup elements (though it can remove children from them).

The supported property names consist of the non-empty values of all the id and name attributes of all the elements represented by the collection, in tree order, ignoring later duplicates, with the id of an element preceding its name if it contributes both, they differ from each other, and neither is the duplicate of an earlier entry.

The legacy caller of the HTMLOptionsCollection interface must act like the namedItem() method on the ancestor HTMLCollection interface.

When the user agent is to set the value of a new indexed property or set the value of an existing indexed property for a given property index index to a new value value, it must run the following algorithm:

1. If value is null, invoke the steps for the remove method with index as the argument, and abort these steps.

2. Let length be the number of nodes represented by the collection.

3. Let n be index minus length.

4. If n is greater than zero, then append a DocumentFragment consisting of n-1 new option elements with no attributes and no child nodes to the select element on which the HTMLOptionsCollection is rooted.

5. If n is greater than or equal to zero, append value to the select element. Otherwise, replace the indexth element in the collection by value.

The add(element, before) method must act according to the following algorithm:

1. If element is an ancestor of the select element on which the HTMLOptionsCollection is rooted, then throw a HierarchyRequestError exception and abort these steps.

2. If before is an element, but that element isn't a descendant of the select element on which the HTMLOptionsCollection is rooted, then throw a NotFoundError exception and abort these steps.

3. If element and before are the same element, then return and abort these steps.

4. If before is a node, then let reference be that node. Otherwise, if before is an integer, and there is a beforeth node in the collection, let reference be that node. Otherwise, let reference be null.

5. If reference is not null, let parent be the parent node of reference. Otherwise, let parent be the select element on which the HTMLOptionsCollection is rooted.

6. Act as if the DOM insertBefore() method was invoked on the parent node, with element as the first argument and reference as the second argument.

The remove(index) method must act according to the following algorithm:

1. If the number of nodes represented by the collection is zero, abort these steps.

2. If index is not a number greater than or equal to 0 and less than the number of nodes represented by the collection, abort these steps.

3. Let element be the indexth element in the collection.

4. Remove element from its parent node.

The selectedIndex IDL attribute must act like the identically named attribute on the select element on which the HTMLOptionsCollection is rooted

When a DOMStringMap object is instantiated, it is associated with three algorithms, one for getting the list of name-value pairs, one for setting names to certain values, and one for deleting names.

[OverrideBuiltins]
interface DOMStringMap {
  getter DOMString (DOMString name);
  setter creator void (DOMString name, DOMString value);
  deleter void (DOMString name);
};

The supported property names on a DOMStringMap object at any instant are the names of each pair returned from the algorithm for getting the list of name-value pairs at that instant, in the order returned.

To determine the value of a named property name in a DOMStringMap, the user agent must return the value component of the name-value pair whose name component is name in the list returned by the algorithm for getting the list of name-value pairs.

To set the value of a new or existing named property name to value value, the algorithm for setting names to certain values must be run, passing name as the name and the result of converting value to a DOMString as the value.

To delete an existing named property name, the algorithm for deleting names must be run, passing name as the name.

The DOMStringMap interface definition here is only intended for JavaScript environments. Other language bindings will need to define how DOMStringMap is to be implemented for those languages.

The following IDL block formalizes this:

[NoInterfaceObject]
interface Transferable { };
ArrayBuffer implements Transferable;
MessagePort implements Transferable;

To transfer a Transferable object to a new owner, the user agent must run the steps defined for the type of object in question. The steps will return a new object of the same type, and will permanently neuter the original object. (This is an irreversible and non-idempotent operation; once an object has been transferred, it cannot be transferred, or indeed used, again.)

To transfer an ArrayBuffer object old to a new owner owner, a user agent must create a new ArrayBuffer object pointing at the same underlying data as old, thus obtaining new, must neuter the old object, and must finally return new. [TYPEDARRAY]

Rules for how to transfer a MessagePort object are given in the relevant sections of this specification.

2.7.5 Safe passing of structured data

When a user agent is required to obtain a structured clone of a value, optionally with a transfer map, it must run the following algorithm, which either returns a separate value, or throws an exception. If a transfer map is provided, it consists of an association list of Transferable objects to placeholder objects.

1. Let input be the value being cloned.

2. Let transfer map be the transfer map passed to the algorithm, if any, or the empty list otherwise.

3. Let memory be an association list of pairs of objects, initially empty. This is used to handle duplicate references. In each pair of objects, one is called the source object and the other the destination object.

4. For each mapping in transfer map, add a mapping from the Transferable object (the source object) to the placeholder object (the destination object) to memory.

5. Let output be the value resulting from calling the internal structured cloning algorithm with input as the "input" argument, and memory as the "memory" argument.

6. Return output.

The internal structured cloning algorithm is always called with two arguments, input and memory, and its behavior is as follows:

1. If input is the source object of a pair of objects in memory, then return the destination object in that pair of objects and abort these steps.

2. If input is a primitive value, then return that value and abort these steps.

3. Let deep clone be none.

4. The input value is an object. Jump to the appropriate step below:

   If input is a Boolean object

   Let output be a newly constructed Boolean object with the same value as input.

   If input is a Number object

   Let output be a newly constructed Number object with the same value as input.

   If input is a String object

   Let output be a newly constructed String object with the same value as input.

   If input is a Date object

   Let output be a newly constructed Date object with the same value as input.

   If input is a RegExp object

   Let output be a newly constructed RegExp object with the same pattern and flags as input.

   The value of the lastIndex property is not copied.

   If input is a Blob object

   If input has been disabled through the close() method, throw a DataCloneError exception and abort the overall structured clone algorithm. Otherwise, let output be a newly constructed object of the same class as input, corresponding to the same underlying data.

   If input is a FileList object

   Let output be a newly constructed FileList object containing a list of newly constructed File objects corresponding to the same underlying data as those in input, maintaining their relative order.

   If input is an ImageData object

   Let output be a newly constructed ImageData object whose width, height, and resolution attributes have values equal to the corresponding attributes on input, and whose data attribute has the value obtained from invoking the internal structured cloning algorithm recursively with the value of the data attribute on input as the new "input" argument and memory as the new "memory" argument.

   If input is an ArrayBuffer object

   If input has been neutered, throw a DataCloneError exception and abort the overall structured clone algorithm. Otherwise, let output be a newly constructed ArrayBuffer object whose contents are a copy of input's contents, with the same length.

   If input is an ArrayBufferView object

   Let output be a newly constructed object of the same class as input, with each IDL attribute defined for that class being set to the value obtained from invoking the internal structured cloning algorithm recursively with the value of the attribute on input as the new "input" argument and memory as the new "memory" argument.

   Only IDL attributes defined on the class (including the ArrayBufferView attributes) are cloned. Properties added by a script, for example, are not cloned.

   If input is an Array object

   Let output be a newly constructed empty Array object whose length is equal to the length of input, and set deep clone to own.

   This means that the length of sparse arrays is preserved.

   If input is an Object object

   Let output be a newly constructed empty Object object, and set deep clone to own.

   If input is a Map object

   Let output be a newly constructed empty Map object, and set deep clone to map.

   If input is a Set object

   Let output be a newly constructed empty Set object, and set deep clone to set.

   If input is an object that another specification defines how to clone

   Let output be a clone of the object as defined by the other specification.

   If input is another native object type (e.g. Error, Function)

   If input is a host object (e.g. a DOM node)

   Throw a DataCloneError exception and abort the overall structured clone algorithm.

   For the purposes of the algorithm above, an object is a particular type of object class if its [[Class]] internal property is equal to class.

   For example, "input is an Object object" if input's [[Class]] internal property is equal to the string "Object".

5. Add a mapping from input (the source object) to output (the destination object) to memory.

6. If deep clone is set to map, then run these substeps. These substeps use the terminology and typographic conventions used in the JavaScript specification's definition of Maps. [ECMA262]

   1. Let source be the List that is the value of input's [[MapData]] internal slot, if any. If there is no such slot, then instead throw a DataCloneError exception and abort the overall structured clone algorithm. [ECMA262]

   2. Let target be the List that is the value of output's [[MapData]] internal slot.

   3. For each Record {[[key]], [[value]]} entry that is an element of source, run the following substeps:

      1. Let key have the value obtained from invoking the internal structured cloning algorithm recursively with entry.[[key]] as the new "input" argument and memory as the new "memory" argument.

      2. Let value have the value obtained from invoking the internal structured cloning algorithm recursively with entry.[[value]] as the new "input" argument and memory as the new "memory" argument.

      3. Let new entry be the Record {[[key]]: key, [[value]]: value}.

      4. Append new entry as the last element of target.

   4. Set deep clone to own.

7. If deep clone is set to set, then run these substeps. These substeps use the terminology and typographic conventions used in the JavaScript specification's definition of Sets. [ECMA262]

   1. Let source be the List that is the value of input's [[SetData]] internal slot, if any. If there is no such slot, then instead throw a DataCloneError exception and abort the overall structured clone algorithm. [ECMA262]

   2. Let target be the List that is the value of output's [[SetData]] internal slot.

   3. For each entry that is an element of source that is not empty, run the following substeps:

      1. Let new entry have the value obtained from invoking the internal structured cloning algorithm recursively with entry as the new "input" argument and memory as the new "memory" argument.

      2. Append new entry as the last element of target.

   4. Set deep clone to own.

8. If deep clone is set to own, then, for each enumerable own property in input, run the following steps:

   1. Let name be the name of the property.

   2. Let source value be the result of calling the [[Get]] internal method of input with the argument name. If the [[Get]] internal method of a property involved executing script, and that script threw an uncaught exception, then abort the overall structured clone algorithm, with that exception being passed through to the caller.

   3. Let cloned value be the result of invoking the internal structured cloning algorithm recursively with source value as the "input" argument and memory as the "memory" argument. If this results in an exception, then abort the overall structured clone algorithm, with that exception being passed through to the caller.

   4. Add a new property to output having the name name, and having the value cloned value.

   The order of the properties in the input and output objects must be the same, and any properties whose [[Get]] internal method involves running script must be processed in that same order.

   This does not walk the prototype chain.

   Property descriptors, setters, getters, and analogous features are not copied in this process. For example, the property in the input could be marked as read-only, but in the output it would just have the default state (typically read-write, though that could depend on the scripting environment).

   Properties of Array objects are not treated any differently than those of other Objects. In particular, this means that non-index properties of arrays are copied as well.

9. Return output.

This algorithm preserves cycles and preserves the identity of duplicate objects in graphs.

2.7.7 Garbage collection

There is an implied strong reference from any IDL attribute that returns a pre-existing object to that object.