In HTML5, there are iframe, which can contain an HTML document inside the parent document. There are several sanboxing options as this W3C page shows it. As far as I understand it, it prevents the iframe scripts from accessing/modifying/interfering with the parent DOM. That is a parent protection against its child.
Now, in HTML5, is there a parameter of the iframe (or it could be another tag) that prevent the parent page to access to the iframe content? Meaning, a child protection against its parent? And of course, if it is an iframe attribute, that would need to be an attribute that can't be removed through a javascript call such as ".removeAttribute()".
Related
A quickie: In my code
$("iframe").append(" <b>Appended iframe by element</b>."); is not being appended.
I also found that $("img").append(" <b>Appended p by element</b>."); also doesn't work.
A fiddle is here: https://jsfiddle.net/stephan_luis/9hqo72ua/8/
jQ select by ID is also tried, both work for a <p></p> tag.
My question is why doesn't this work? The docs don't mention anything https://api.jquery.com/append/ Is there a list of html element that jquery methods don't 'do'?
This doesn't really have anything to do with jQuery. It is about the HTML you are trying to generate.
append() adds child elements to an element.
The children of an iframe element in HTML 4.x were alternative content that is only displayed if the browser doesn't support iframes. Today, iframe elements aren't allowed children.
Image elements (like iframes) are replaced elements, but they aren't allowed children at all (and never have). <img><b>Appended p by element</b></img> is just invalid HTML.
The HTML specification tells you what content each element is allowed to have in the entry for that element.
e.g. for iframe it says:
Content model:
Nothing.
Is this a valid scenario:
Code:
<html>
<div role = "main">
<div role = "main">
</div>
</div>
</html>
Having a role main inside a div having role main. Will it cause any problem or issues in screen readers?
The HTML5 documentation says
Authors must not include more than one main element in a document.
(the term "document" is important and has to be understood correctly, see below)
That being said:
will it cause any problem or issues in screen readers?
Yes. It may cause problem as the main element is a non-obtrusive alternative for "skip to main content" links. So having two main nodes could lead to unspecified behavior.
EDIT: about the ARIA documentation
The ARIA documentation says
Note: Because document and application elements can be nested in the DOM, they may have multiple main elements as DOM descendants, assuming each of those is associated with different document nodes, either by a DOM nesting (e.g., document within document) or by use of the aria-owns attribute.
As long as an HTML standard web page has only one document node (which is the default role for body), it then MUST NOT contain more than one main (or role=main) element. But you still may nest document nodes inside the body tag and have no more than one main element associated with each document.
The docs are pretty clear on this (note: should, not must)
Within any document or application, the author SHOULD mark no more than one element with the main role.
Whether this will cause issues in screen readers probably varies.
The HTML spec is instructive here as well.
Edit: update in the HTML 5.2 spec:
There must not be more than one visible main element in a document. If greater than one main element is present in a document, all other instances must be hidden using §5.1 The hidden attribute.
W3 says:
Equal to the computed value of font-size on the root element. When specified on the font-size property of the root element, the rem units refer to the property’s initial value.
What is this "root element" referring to? <html>? <body>?
See the HTML specification.
For an HTML document, the root element is <html>.
See also the XML specification:
There is exactly one element, called the root, or document element, no part of which appears in the content of any other element.] For all other elements, if the start-tag is in the content of another element, the end-tag is in the content of the same element.
All bodies of web with html standards start with <html>.This is why the root element is html tag. Even if you remove html tag from a html file and open it using browser, you can check the code by inspect element feature that browsers added html tags for you.
Seems HTML5 Recommendation has a little ambiguity about <link> position: http://www.w3.org/TR/html5/document-metadata.html#the-link-element
There is a phrase
Contexts in which this element can be used: Where metadata content is expected.
And there is no exact definition of this contexts. But the whole page describes a content of this kind e.g. head, title, base, link, meta, style.
There is also a paragraph:
A link element must have a rel attribute.
If the rel attribute is used, the element is restricted to the head element.
Seems that it has redundant or mutually exclusive phrases.
So could anybody clarify the situation with <link> tag position?
Is Google right about https://developers.google.com/speed/docs/insights/OptimizeCSSDelivery#example or does it violate the W3C Recommendation?
link is not permitted outside of the html element. The html element is the single permitted root element.
Inserting an element into head cannot place it out of html because head must also be in html.
The <link> element must go inside the <head> element, which in turn must go inside the </html>.
The only thing you can put outside of an <html> is a comment or the DOCTYPE
I'm experimenting with custom tag in html 5.
I tried the following:
<my-script src='script.js' />
this is inside the 'head' tag in the source code - but the browser (FF \ chrome) renders it inside the body. Also, it is rendered with an extra 'closing' tag:
<my-script src='script.js'> </my-script>
And, all the content of the 'body' tag gets nested inside this custom tag (the browser is wrapping the content of 'body' with my custom tag).
I tried using a custom DTD, but just can't get it to work...any ideas anyone ?
Browsers treat a tag like <my-script src='script.js' /> as the start tag of an unknown element (except if the page is served with an XML content type). Since such a tag is not allowed within head, it implicitly closes the head element and starts the body element.
DTDs have nothing to do with this, since browsers don’t even read DTDs (and there is no DTD for HTML5, and it is impossible to write a DTD that matches HTML5 syntax rules).
So, in effect, you cannot use a custom element inside the head element. If you wish to use a custom element with no content, put it inside the body element and write it with the end tag spelled out: <my-script src='script.js'></my-script>. That way, it will not affect the display or the parsing of the page, and will have no effect except via client-side scripting that accesses it via the DOM.