Do not repeat the referrer policies

domenic · web-flow · commit 4c228d3fd9e6 · 2016-08-25T17:33:48.000-04:00
Instead, simply delegate to the referrer policy spec. This makes it easier to add new referrer policies without editing HTML. Fixes whatwg#1656. See also w3c/webappsec-referrer-policy#62.
diff --git a/source b/source
@@ -2802,7 +2802,6 @@ a.setAttribute('href', 'http://example.com/'); // change the content attribute d
     <ul class="brief">
      <li><dfn data-noexport=""><code>about:blank</code></dfn>
      <li><dfn data-x-href="https://fetch.spec.whatwg.org/#concept-https-state-value">HTTPS state value</dfn>
-     <li><dfn data-x-href="https://fetch.spec.whatwg.org/#concept-referrer-policy">referrer policy</dfn>
      <li><dfn data-noexport="" data-x-href="https://fetch.spec.whatwg.org/#http-cors-protocol">CORS protocol</dfn>
      <li><dfn data-noexport="" data-x="default-user-agent-value" data-x-href="https://fetch.spec.whatwg.org/#default-user-agent-value">default `<code>User-Agent</code>` value</dfn>
      <li><dfn data-noexport="" data-x-href="https://fetch.spec.whatwg.org/#concept-header-extract-mime-type">extract a MIME type</dfn>
@@ -2863,16 +2862,8 @@ a.setAttribute('href', 'http://example.com/'); // change the content attribute d
     <p>The following terms are defined in <cite>Referrer Policy</cite>: <ref spec=REFERRERPOLICY></p>
 
     <ul class="brief">
+     <li><dfn data-x-href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy">referrer policy</dfn></li>
      <li>The <dfn data-x="referrer-policy-token" data-x-href="https://w3c.github.io/webappsec-referrer-policy/#policy-token"><code>policy-token</code></dfn> production</li>
-     <li>The
-     <dfn data-x="referrerpolicy-no-referrer" data-x-href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer">"<code>no-referrer</code>"</dfn>,
-     <dfn data-x="referrerpolicy-no-referrer-when-downgrade" data-x-href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">"<code>no-referrer-when-downgrade</code>"</dfn>,
-     <dfn data-x="referrerpolicy-same-origin" data-x-href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">"<code>same-origin</code>"</dfn>,
-     <dfn data-x="referrerpolicy-origin" data-x-href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-origin">"<code>origin</code>"</dfn>,
-     <dfn data-x="referrerpolicy-strict-origin" data-x-href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">"<code>strict-origin</code>"</dfn>,
-     <dfn data-x="referrerpolicy-origin-when-cross-origin" data-x-href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-origin-when-cross-origin">"<code>origin-when-cross-origin</code>"</dfn>,
-     <dfn data-x="referrerpolicy-strict-origin-when-cross-origin" data-x-href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin-when-cross-origin">"<code>strict-origin-when-cross-origin</code>"</dfn>, and
-     <dfn data-x="referrerpolicy-unsafe-url" data-x-href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-unsafe-url">"<code>unsafe-url</code>"</dfn> policies</li>
      <li>The `<dfn data-x="http-referrer-policy" data-x-href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-header-dfn"><code>Referrer-Policy</code></dfn>` HTTP header</li>
      <li>The <dfn data-x="parse-referrer-policy-header" data-x-href="https://w3c.github.io/webappsec-referrer-policy/#parse-referrer-policy-from-header">parse a referrer policy from a `<code>Referrer-Policy</code>` header</dfn> algorithm</li>
      <li>The <dfn data-x="concept-determine-referrer-policy" data-x-href="https://w3c.github.io/webappsec-referrer-policy/#determine-policy-for-token">determine the referrer policy</dfn> algorithm</li>
@@ -7244,80 +7235,17 @@ a.setAttribute('href', 'http://example.com/'); // change the content attribute d
   <h4>Referrer policy attributes</h4>
 
   <p>A <dfn data-export="">referrer policy attribute</dfn> is an <span>enumerated attribute</span>.
-  The following table lists the keywords and states for the attribute &mdash; the keywords in the
-  left column map to the states in the cell in the second column on the same row as the keyword.
-  These states are all <span data-x="referrer policy">referrer policies</span>, and their impact on
-  the processing model of various <span data-x="concept-fetch">fetches</span> is defined in more
-  detail in the WHATWG Fetch standard and in <cite>Referrer Policy</cite>. <ref spec=FETCH> <ref
-  spec=REFERRERPOLICY></p>
+  Each <span>referrer policy</span>, including the empty string, is a keyword for this attribute,
+  mapping to a state of the same name.</p>
 
-  <table>
-   <thead>
-    <tr>
-     <th> Keyword
-     <th> State
-     <th> Brief description
-   <tbody>
-    <tr>
-     <td><dfn><code data-x="attr-referrerpolicy-no-referrer-keyword">no-referrer</code></dfn>
-     <td><span data-x="referrerpolicy-no-referrer">"<code>no-referrer</code>"</span>
-     <td><span data-x="concept-request">Requests</span> for the element will have no <span
-     data-x="concept-request-referrer">referrer</span> sent at all.
-    <tr>
-     <td><dfn><code data-x="attr-referrerpolicy-no-referrer-when-downgrade-keyword">no-referrer-when-downgrade</code></dfn>
-     <td><span data-x="referrerpolicy-no-referrer-when-downgrade">"<code>no-referrer-when-downgrade</code>"</span>
-     <td><span data-x="concept-request">Requests</span> for the element will send a full URL as
-     their <span data-x="concept-request-referrer">referrer</span> to destinations that are
-     <span data-x="a priori authenticated URL"><i>a priori</i> authenticated URLs</span>; otherwise,
-     no <span data-x="concept-request-referrer">referrer</span> will be sent.
-    <tr>
-     <td><dfn><code data-x="attr-referrerpolicy-same-origin-keyword">same-origin</code></dfn>
-     <td><span data-x="referrerpolicy-same-origin">"<code>same-origin</code>"</span>
-     <td><span data-x="concept-request">Requests</span> for the element will send a full URL as
-     their <span data-x="concept-request-referrer">referrer</span> to the same <span>origin</span>,
-     but no <span data-x="concept-request-referrer">referrer</span> will be sent for cross-origin
-     requests.
-    <tr>
-     <td><dfn><code data-x="attr-referrerpolicy-origin-keyword">origin</code></dfn>
-     <td><span data-x="referrerpolicy-origin">"<code>origin</code>"</span>
-     <td><span data-x="concept-request">Requests</span> for the element will only send an
-     <span>origin</span> as their <span data-x="concept-request-referrer">referrer</span>.
-    <tr>
-     <td><dfn><code data-x="attr-referrerpolicy-strict-origin-keyword">strict-origin</code></dfn>
-     <td><span data-x="referrerpolicy-strict-origin">"<code>strict-origin</code>"</span>
-     <td><span data-x="concept-request">Requests</span> for the element will only send an
-     <span>origin</span> as their <span data-x="concept-request-referrer">referrer</span>
-     to destinations that are <span data-x="a priori authenticated URL"><i>a priori</i>
-     authenticated URLs</span>; otherwise, no
-     <span data-x="concept-request-referrer">referrer</span> will be sent.
-    <tr>
-     <td><dfn><code data-x="attr-referrerpolicy-origin-when-cross-origin-keyword">origin-when-cross-origin</code></dfn>
-     <td><span data-x="referrerpolicy-origin-when-cross-origin">"<code>origin-when-cross-origin</code>"</span>
-     <td><span data-x="concept-request">Requests</span> for the element will send a full URL as
-     their <span data-x="concept-request-referrer">referrer</span> to the same <span>origin</span>,
-     but will only send an <span>origin</span> as their <span
-     data-x="concept-request-referrer">referrer</span> for cross-origin requests.
-    <tr>
-     <td><dfn><code data-x="attr-referrerpolicy-strict-origin-when-cross-origin-keyword">strict-origin-when-cross-origin</code></dfn>
-     <td><span data-x="referrerpolicy-strict-origin-when-cross-origin">"<code>strict-origin-when-cross-origin</code>"</span>
-     <td><span data-x="concept-request">Requests</span> for the element will send a full URL as
-     their <span data-x="concept-request-referrer">referrer</span> to the same <span>origin</span>,
-     only send an <span>origin</span> as
-     their <span data-x="concept-request-referrer">referrer</span> for cross-origin requests to
-     destinations that are <span data-x="a priori authenticated URL"><i>a priori</i> authenticated
-     URLs</span>; otherwise, no <span data-x="concept-request-referrer">referrer</span> will be
-     sent.
-    <tr>
-     <td><dfn><code data-x="attr-referrerpolicy-unsafe-url-keyword">unsafe-url</code></dfn>
-     <td><span data-x="referrerpolicy-unsafe-url">"<code>unsafe-url</code>"</span>
-     <td><span data-x="concept-request">Requests</span> for the element will send a full URL as
-     their <span data-x="concept-request-referrer">referrer</span> in all cases.
-  </table>
-
-  <p>An additional state is given by the empty string (which is also a valid <span>referrer
-  policy</span>). The attribute's <i data-x="invalid value default">invalid value default</i> and <i
+  <p>The attribute's <i data-x="invalid value default">invalid value default</i> and <i
   data-x="missing value default">missing value default</i> are both the empty string state.</p>
 
+  <p>The impact of these states on the processing model of various <span
+  data-x="concept-fetch">fetches</span> is defined in more detail throughout this specification, in
+  the WHATWG Fetch standard, and in <cite>Referrer Policy</cite>. <ref spec=FETCH> <ref
+  spec=REFERRERPOLICY></p>
+
   <div class="note">
    <p>Several signals can contribute to which processing model is used for a given <span
    data-x="concept-fetch">fetch</span>; a <span>referrer policy attribute</span> is only one of
@@ -13372,19 +13300,8 @@ interface <dfn>HTMLMetaElement</dfn> : <span>HTMLElement</span> {
    <dt><dfn><code data-x="meta-referrer">referrer</code></dfn></dt>
 
    <dd>
-    <p>The value must match the <code data-x="referrer-policy-token">policy-token</code> production,
-    defining a default <span>referrer policy</span> for the <code>Document</code>. <ref
-    spec="REFERRERPOLICY"></p>
-
-    <p>In particular, <span w-nodev>although they impact the processing model,</span> the legacy
-    values <code data-x="">never</code>, <code data-x="">default</code>, and <code
-    data-x="">always</code> must not be used by authors; instead, use <code
-    data-x="">no-referrer</code>, <code data-x="">no-referrer-when-downgrade</code>, and <code
-    data-x="">unsafe-url</code>, respectively.</p>
-
-    <p class="note">The valid values for the <code data-x="attr-meta-content">content</code>
-    attribute in this state match the keywords for <span data-x="referrer policy attribute">referrer
-    policy attributes</span>.</p>
+    <p>The value must be a <span>referrer policy</span>, which defines the default <span>referrer
+    policy</span> for the <code>Document</code>. <ref spec="REFERRERPOLICY"></p>
 
     <div w-nodev>
 
@@ -13401,9 +13318,9 @@ interface <dfn>HTMLMetaElement</dfn> : <span>HTMLElement</span> {
       meet the following criteria, in <span>tree order</span>:</p>
 
       <ul class="brief">
-       <li>The element is <span>in a document tree</span>.</li>
+       <li>The element is <span>in a document tree</span></li>
        <li>The element has a <code data-x="attr-meta-name">name</code> attribute, whose value is
-       <code data-x="meta-referrer">referrer</code>.</li>
+       <code data-x="meta-referrer">referrer</code></li>
        <li>The element has a <code data-x="attr-meta-content">content</code> attribute</li>
        <li>The element is a child of <span>the <code>head</code> element</span> of the document</li>
       </ul>
@@ -13422,9 +13339,18 @@ interface <dfn>HTMLMetaElement</dfn> : <span>HTMLElement</span> {
         <p>If <var>value</var> is not the empty string, then:</p>
 
         <ol>
-         <li><p>Let <var>policy</var> be the result of <span
-         data-x="concept-determine-referrer-policy">determining the policy</span> for
-         <var>value</var>.</p></li>
+         <li>
+          <p>Let <var>policy</var> be the result of <span
+          data-x="concept-determine-referrer-policy">determining the policy</span> for
+          <var>value</var>.</p>
+
+          <p class="note">This step allows the legacy values <code data-x="">never</code>, <code
+          data-x="">default</code>, and <code data-x="">always</code> to take the place of the
+          standard referrer policies <code data-x="">no-referrer</code>, <code
+          data-x="">no-referrer-when-downgrade</code>, and <code data-x="">unsafe-url</code>,
+          respectively. Per the above conformance requirement, these legacy values must never be
+          used by authors, even though this step causes them to impact the processing model.</p>
+         </li>
 
          <li><p>If <var>policy</var> is not the empty string, then set <var>element</var>'s
          <span>node document</span>'s <span data-x="concept-document-referrer-policy">referrer
@@ -13472,9 +13398,9 @@ interface <dfn>HTMLMetaElement</dfn> : <span>HTMLElement</span> {
        meet the following criteria, in <span>tree order</span>:</p>
 
        <ul class="brief">
-        <li>The element is <span>in a document tree</span>.</li>
+        <li>The element is <span>in a document tree</span></li>
         <li>The element has a <code data-x="attr-meta-name">name</code> attribute, whose value is
-        <code data-x="meta-theme-color">theme-color</code>.</li>
+        <code data-x="meta-theme-color">theme-color</code></li>
         <li>The element has a <code data-x="attr-meta-content">content</code> attribute</li>
        </ul>
       </li>
@@ -117051,14 +116977,7 @@ interface <dfn>External</dfn> {
           <code data-x="attr-img-referrerpolicy">img</code>;
           <code data-x="attr-link-referrerpolicy">link</code>
      <td> Determines the <span>referrer policy</span> for <span data-x="concept-fetch">fetches</span> initiated by the element
-     <td> "<code data-x="attr-referrerpolicy-no-referrer-keyword">no-referrer</code>";
-          "<code data-x="attr-referrerpolicy-no-referrer-when-downgrade-keyword">no-referrer-when-downgrade</code>";
-          "<code data-x="attr-referrerpolicy-same-origin-keyword">same-origin</code>";
-          "<code data-x="attr-referrerpolicy-origin-keyword">origin</code>";
-          "<code data-x="attr-referrerpolicy-strict-origin-keyword">strict-origin</code>";
-          "<code data-x="attr-referrerpolicy-origin-when-cross-origin-keyword">origin-when-cross-origin</code>";
-          "<code data-x="attr-referrerpolicy-strict-origin-when-cross-origin-keyword">strict-origin-when-cross-origin</code>";
-          "<code data-x="attr-referrerpolicy-unsafe-url-keyword">unsafe-url</code>"
+     <td> <span>Referrer policy</span>
     <tr>
      <th> <code data-x="">rel</code>
      <td> <code data-x="attr-hyperlink-rel">a</code>;
