HTML 5

interface Example {
  // this is an IDL definition
};

/* this is a CSS fragment */

User agents fall into several (overlapping) categories with different conformance requirements.

Web browsers and other interactive user agents

Web browsers that support XHTML must process elements and attributes from the HTML namespace found in XML documents as described in this specification, so that users can interact with them, unless the semantics of those elements have been overridden by other specifications.

A conforming XHTML processor would, upon finding an XHTML script element in an XML document, execute the script contained in that element. However, if the element is found within a transformation expressed in XSLT (assuming the user agent also supports XSLT), then the processor would instead treat the script element as an opaque element that forms part of the transform.

Web browsers that support HTML must process documents labeled as text/html as described in this specification, so that users can interact with them.

User agents that support scripting must also be conforming implementations of the IDL fragments in this specification, as described in the WebIDL specification. [WebIDL]

Non-interactive presentation user agents

User agents that process HTML and XHTML documents purely to render non-interactive versions of them must comply to the same conformance criteria as Web browsers, except that they are exempt from requirements regarding user interaction.

Typical examples of non-interactive presentation user agents are printers (static UAs) and overhead displays (dynamic UAs). It is expected that most static non-interactive presentation user agents will also opt to lack scripting support.

A non-interactive but dynamic presentation UA would still execute scripts, allowing forms to be dynamically submitted, and so forth. However, since the concept of "focus" is irrelevant when the user cannot interact with the document, the UA would not need to support any of the focus-related DOM APIs.

User agents with no scripting support

Implementations that do not support scripting (or which have their scripting features disabled entirely) are exempt from supporting the events and DOM interfaces mentioned in this specification. For the parts of this specification that are defined in terms of an events model or in terms of the DOM, such user agents must still act as if events and the DOM were supported.

Scripting can form an integral part of an application. Web browsers that do not support scripting, or that have scripting disabled, might be unable to fully convey the author's intent.

Conformance checkers

Conformance checkers must verify that a document conforms to the applicable conformance criteria described in this specification. Automated conformance checkers are exempt from detecting errors that require interpretation of the author's intent (for example, while a document is non-conforming if the content of a blockquote element is not a quote, conformance checkers running without the input of human judgement do not have to check that blockquote elements only contain quoted material).

Conformance checkers must check that the input document conforms when parsed without a browsing context (meaning that no scripts are run, and that the parser's scripting flag is disabled), and should also check that the input document conforms when parsed with a browsing context in which scripts execute, and that the scripts never cause non-conforming states to occur other than transiently during script execution itself. (This is only a "SHOULD" and not a "MUST" requirement because it has been proven to be impossible. [HALTINGPROBLEM])

The term "HTML5 validator" can be used to refer to a conformance checker that itself conforms to the applicable requirements of this specification.

XML DTDs cannot express all the conformance requirements of this specification. Therefore, a validating XML processor and a DTD cannot constitute a conformance checker. Also, since neither of the two authoring formats defined in this specification are applications of SGML, a validating SGML system cannot constitute a conformance checker either.

To put it another way, there are three types of conformance criteria:

1. Criteria that can be expressed in a DTD.
2. Criteria that cannot be expressed by a DTD, but can still be checked by a machine.
3. Criteria that can only be checked by a human.

A conformance checker must check for the first two. A simple DTD-based validator only checks for the first class of errors and is therefore not a conforming conformance checker according to this specification.

Data mining tools

Applications and tools that process HTML and XHTML documents for reasons other than to either render the documents or check them for conformance should act in accordance to the semantics of the documents that they process.

A tool that generates document outlines but increases the nesting level for each paragraph and does not increase the nesting level for each section would not be conforming.

Authoring tools and markup generators

Authoring tools and markup generators must generate conforming documents. Conformance criteria that apply to authors also apply to authoring tools, where appropriate.

Authoring tools are exempt from the strict requirements of using elements only for their specified purpose, but only to the extent that authoring tools are not yet able to determine author intent.

For example, it is not conforming to use an address element for arbitrary contact information; that element can only be used for marking up contact information for the author of the document or section. However, since an authoring tool is likely unable to determine the difference, an authoring tool is exempt from that requirement.

In terms of conformance checking, an editor is therefore required to output documents that conform to the same extent that a conformance checker will verify.

When an authoring tool is used to edit a non-conforming document, it may preserve the conformance errors in sections of the document that were not edited during the editing session (i.e. an editing tool is allowed to round-trip erroneous content). However, an authoring tool must not claim that the output is conformant if errors have been so preserved.

Authoring tools are expected to come in two broad varieties: tools that work from structure or semantic data, and tools that work on a What-You-See-Is-What-You-Get media-specific editing basis (WYSIWYG).

The former is the preferred mechanism for tools that author HTML, since the structure in the source information can be used to make informed choices regarding which HTML elements and attributes are most appropriate.

However, WYSIWYG tools are legitimate. WYSIWYG tools should use elements they know are appropriate, and should not use elements that they do not know to be appropriate. This might in certain extreme cases mean limiting the use of flow elements to just a few elements, like div, b, i, and span and making liberal use of the style attribute.

All authoring tools, whether WYSIWYG or not, should make a best effort attempt at enabling users to create well-structured, semantically rich, media-independent content.

Some conformance requirements are phrased as requirements on elements, attributes, methods or objects. Such requirements fall into two categories: those describing content model restrictions, and those describing implementation behavior. Those in the former category are requirements on documents and authoring tools. Those in the second category are requirements on user agents.

Conformance requirements phrased as algorithms or specific steps may be implemented in any manner, so long as the end result is equivalent. (In particular, the algorithms defined in this specification are intended to be easy to follow, and not intended to be performant.)

User agents may impose implementation-specific limits on otherwise unconstrained inputs, e.g. to prevent denial of service attacks, to guard against running out of memory, or to work around platform-specific limitations.

2.2.1 Dependencies

This specification relies on several other underlying specifications.

XML

Implementations that support XHTML5 must support some version of XML, as well as its corresponding namespaces specification, because XHTML5 uses an XML serialization with namespaces. [XML] [XMLNAMES]

DOM

The Document Object Model (DOM) is a representation — a model — of a document and its content. The DOM is not just an API; the conformance criteria of HTML implementations are defined, in this specification, in terms of operations on the DOM. [DOM3CORE]

Implementations must support some version of DOM Core and DOM Events, because this specification is defined in terms of the DOM, and some of the features are defined as extensions to the DOM Core interfaces. [DOM3CORE] [DOM3EVENTS]

WebIDL

The IDL fragments in this specification must be interpreted as required for conforming IDL fragments, as described in the Web IDL specification. [WebIDL]

JavaScript

Some parts of the language described by this specification only support JavaScript as the underlying scripting language. [ECMA262]

The term "JavaScript" is used to refer to ECMA262, rather than the official term ECMAScript, since the term JavaScript is more widely known. Similarly, the MIME type used to refer to JavaScript in this specification is text/javascript, since that is the most commonly used type, despite it being an officially obsoleted type according to RFC 4329. [RFC4329]

Media Queries

Implementations must support some version of the Media Queries language. [MQ]

This specification does not require support of any particular network transport protocols, style sheet language, scripting language, or any of the DOM and WebAPI specifications beyond those described above. However, the language described by this specification is biased towards CSS as the styling language, JavaScript as the scripting language, and HTTP as the network protocol, and several features assume that those languages and protocols are in use.

This specification might have certain additional requirements on character encodings, image formats, audio formats, and video formats in the respective sections.

2.2.2 Features defined in other specifications

this section will be removed at some point

Some elements are defined in terms of their DOM textContent attribute. This is an attribute defined on the Node interface in DOM3 Core. [DOM3CORE]

The rules for handling alternative style sheets are defined in the CSS object model specification. [CSSOM]

See http://dev.w3.org/cvsweb/~checkout~/csswg/cssom/Overview.html?content-type=text/html;%20charset=utf-8

2.2.3 Common conformance requirements for APIs exposed to JavaScript

This section will eventually be removed in favor of WebIDL.

A lot of arrays/lists/collections in this spec assume zero-based indexes but use the term "indexth" liberally. We should define those to be zero-based and be clearer about this.

Unless otherwise specified, if a DOM attribute that is a floating point number type (float) is assigned an Infinity or Not-a-Number value, a NOT_SUPPORTED_ERR exception must be raised.

Unless otherwise specified, if a method with an argument that is a floating point number type (float) is passed an Infinity or Not-a-Number value, a NOT_SUPPORTED_ERR exception must be raised.

Unless otherwise specified, if a method is passed fewer arguments than is defined for that method in its IDL definition, a NOT_SUPPORTED_ERR exception must be raised.

Unless otherwise specified, if a method is passed more arguments than is defined for that method in its IDL definition, the excess arguments must be ignored.

Converting a string to uppercase means replacing all characters in the range U+0061 .. U+007A (i.e. LATIN SMALL LETTER A to LATIN SMALL LETTER Z) with the corresponding characters in the range U+0041 .. U+005A (i.e. LATIN CAPITAL LETTER A to LATIN CAPITAL LETTER Z).

Converting a string to lowercase means replacing all characters in the range U+0041 .. U+005A (i.e. LATIN CAPITAL LETTER A to LATIN CAPITAL LETTER Z) with the corresponding characters in the range U+0061 .. U+007A (i.e. LATIN SMALL LETTER A to LATIN SMALL LETTER Z).

2.4.1 Common parser idioms

The space characters, for the purposes of this specification, are U+0020 SPACE, U+0009 CHARACTER TABULATION (tab), U+000A LINE FEED (LF), U+000C FORM FEED (FF), and U+000D CARRIAGE RETURN (CR).

The White_Space characters are those that have the Unicode property "White_Space". [UNICODE]

The alphanumeric ASCII characters are those in the ranges U+0030 DIGIT ZERO .. U+0039 DIGIT NINE, U+0041 LATIN CAPITAL LETTER A .. U+005A LATIN CAPITAL LETTER Z, U+0061 LATIN SMALL LETTER A .. U+007A LATIN SMALL LETTER Z.

Some of the micro-parsers described below follow the pattern of having an input variable that holds the string being parsed, and having a position variable pointing at the next character to parse in input.

For parsers based on this pattern, a step that requires the user agent to collect a sequence of characters means that the following algorithm must be run, with characters being the set of characters that can be collected:

1. Let input and position be the same variables as those of the same name in the algorithm that invoked these steps.

2. Let result be the empty string.

3. While position doesn't point past the end of input and the character at position is one of the characters, append that character to the end of result and advance position to the next character in input.

4. Return result.

The step skip whitespace means that the user agent must collect a sequence of characters that are space characters. The step skip White_Space characters means that the user agent must collect a sequence of characters that are White_Space characters. In both cases, the collected characters are not used. [UNICODE]

When a user agent is to strip line breaks from a string, the user agent must remove any U+000A LINE FEED (LF) and U+000D CARRIAGE RETURN (CR) characters from that string.

The code-point length of a string is the number of Unicode code points in that string.

The rules for parsing non-negative integers are as given in the following algorithm. When invoked, the steps must be followed in the order given, aborting at the first step that returns a value. This algorithm will either return zero, a positive integer, or an error. Leading spaces are ignored. Trailing spaces and any trailing garbage characters are ignored.

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Let value have the value 0.

4. Skip whitespace.

5. If position is past the end of input, return an error.

6. If the next character is a U+002B PLUS SIGN character (+), advance position to the next character.

7. If position is past the end of input, return an error.

8. If the next character is not one of U+0030 DIGIT ZERO (0) .. U+0039 DIGIT NINE (9), then return an error.

9. If the next character is one of U+0030 DIGIT ZERO (0) .. U+0039 DIGIT NINE (9):

   1. Multiply value by ten.
   2. Add the value of the current character (0..9) to value.
   3. Advance position to the next character.
   4. If position is not past the end of input, return to the top of step 7 in the overall algorithm (that's the step within which these substeps find themselves).

10. Return value.

The rules for parsing integers are similar to the rules for non-negative integers, and are as given in the following algorithm. When invoked, the steps must be followed in the order given, aborting at the first step that returns a value. This algorithm will either return an integer or an error. Leading spaces are ignored. Trailing spaces and trailing garbage characters are ignored.

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Let value have the value 0.

4. Let sign have the value "positive".

5. Skip whitespace.

6. If position is past the end of input, return an error.

7. If the character indicated by position (the first character) is a U+002D HYPHEN-MINUS ("-") character:

   1. Let sign be "negative".
   2. Advance position to the next character.
   3. If position is past the end of input, return an error.

8. If the next character is not one of U+0030 DIGIT ZERO (0) .. U+0039 DIGIT NINE (9), then return an error.

9. If the next character is one of U+0030 DIGIT ZERO (0) .. U+0039 DIGIT NINE (9):

   1. Multiply value by ten.
   2. Add the value of the current character (0..9) to value.
   3. Advance position to the next character.
   4. If position is not past the end of input, return to the top of step 9 in the overall algorithm (that's the step within which these substeps find themselves).

10. If sign is "positive", return value, otherwise return 0-value.

The best representation of the floating point number n is the string obtained from applying the JavaScript operator ToString to n.

The rules for parsing floating point number values are as given in the following algorithm. As with the previous algorithms, when this one is invoked, the steps must be followed in the order given, aborting at the first step that returns something. This algorithm will either return a number or an error. Leading spaces are ignored. Trailing spaces and garbage characters are ignored.

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Let value have the value 1.

4. Let divisor have the value 1.

5. Let exponent have the value 1.

6. Skip whitespace.

7. If position is past the end of input, return an error.

8. If the character indicated by position is a U+002D HYPHEN-MINUS ("-") character:

   1. Change value and divisor to −1.
   2. Advance position to the next character.
   3. If position is past the end of input, return an error.

9. If the character indicated by position is not one of U+0030 DIGIT ZERO (0) .. U+0039 DIGIT NINE (9), then return an error.

10. Collect a sequence of characters in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9), and interpret the resulting sequence as a base-ten integer. Multiply value by that integer.

11. If position is past the end of input, return value.

12. If the character indicated by position is a U+002E FULL STOP ("."), run these substeps:

    1. Advance position to the next character.

    2. If position is past the end of input, or if the character indicated by position is not one of U+0030 DIGIT ZERO (0) .. U+0039 DIGIT NINE (9), then return value.

    3. Fraction loop: Multiply divisor by ten.

    4. Add the value of the current character interpreted as a base-ten digit (0..9) divided by divisor, to value.

    5. Advance position to the next character.

    6. If position is past the end of input, then return value.

    7. If the character indicated by position is one of U+0030 DIGIT ZERO (0) .. U+0039 DIGIT NINE (9), return to the step labeled fraction loop in these substeps.

13. If the character indicated by position is a U+0065 LATIN SMALL LETTER E character or a U+0045 LATIN CAPITAL LETTER E character, run these substeps:

    1. Advance position to the next character.

    2. If position is past the end of input, then return value.

    3. If the character indicated by position is a U+002D HYPHEN-MINUS ("-") character:

       1. Change exponent to −1.
       2. Advance position to the next character.

       3. If position is past the end of input, then return value.

       Otherwise, if the character indicated by position is a U+002B PLUS SIGN ("+") character:

       1. Advance position to the next character.

       2. If position is past the end of input, then return value.

    4. If the character indicated by position is not one of U+0030 DIGIT ZERO (0) .. U+0039 DIGIT NINE (9), then return value.

    5. Collect a sequence of characters in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9), and interpret the resulting sequence as a base-ten integer. Multiply exponent by that integer.

    6. Multiply value by ten raised to the exponentth power.

14. Return value.

The steps for finding one or two numbers of a ratio in a string are as follows:

1. If the string is empty, then return nothing and abort these steps.
2. Find a number in the string according to the algorithm below, starting at the start of the string.
3. If the sub-algorithm in step 2 returned nothing or returned an error condition, return nothing and abort these steps.
4. Set number1 to the number returned by the sub-algorithm in step 2.
5. Starting with the character immediately after the last one examined by the sub-algorithm in step 2, skip all White_Space characters in the string (this might match zero characters).
6. If there are still further characters in the string, and the next character in the string is a valid denominator punctuation character, set denominator to that character.
7. If the string contains any other characters in the range U+0030 DIGIT ZERO to U+0039 DIGIT NINE, but denominator was given a value in the step 6, return nothing and abort these steps.
8. Otherwise, if denominator was given a value in step 6, return number1 and denominator and abort these steps.
9. Find a number in the string again, starting immediately after the last character that was examined by the sub-algorithm in step 2.
10. If the sub-algorithm in step 9 returned nothing or an error condition, return number1 and abort these steps.
11. Set number2 to the number returned by the sub-algorithm in step 9.
12. Starting with the character immediately after the last one examined by the sub-algorithm in step 9, skip all White_Space characters in the string (this might match zero characters).
13. If there are still further characters in the string, and the next character in the string is a valid denominator punctuation character, return nothing and abort these steps.
14. If the string contains any other characters in the range U+0030 DIGIT ZERO to U+0039 DIGIT NINE, return nothing and abort these steps.
15. Otherwise, return number1 and number2.

The algorithm to find a number is as follows. It is given a string and a starting position, and returns either nothing, a number, or an error condition.

1. Starting at the given starting position, ignore all characters in the given string until the first character that is either a U+002E FULL STOP or one of the ten characters in the range U+0030 DIGIT ZERO to U+0039 DIGIT NINE.
2. If there are no such characters, return nothing and abort these steps.
3. Starting with the character matched in step 1, collect all the consecutive characters that are either a U+002E FULL STOP or one of the ten characters in the range U+0030 DIGIT ZERO to U+0039 DIGIT NINE, and assign this string of one or more characters to string.
4. If string consists of just a single U+002E FULL STOP character or if it contains more than one U+002E FULL STOP character then return an error condition and abort these steps.
5. Parse string according to the rules for parsing floating point number values, to obtain number. This step cannot fail (string is guaranteed to be a valid floating point number).
6. Return number.

2.4.4.5 Percentages and lengths

The rules for parsing dimension values are as given in the following algorithm. When invoked, the steps must be followed in the order given, aborting at the first step that returns a value. This algorithm will either return a number greater than or equal to 1.0, or an error; if a number is returned, then it is further categorized as either a percentage or a length.

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Skip whitespace.

4. If position is past the end of input, return an error.

5. If the next character is a U+002B PLUS SIGN character (+), advance position to the next character.

6. Collect a sequence of characters that are U+0030 DIGIT ZERO (0) characters, and discard them.

7. If position is past the end of input, return an error.

8. If the next character is not one of U+0031 DIGIT ONE (1) .. U+0039 DIGIT NINE (9), then return an error.

9. Collect a sequence of characters in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9), and interpret the resulting sequence as a base-ten integer. Let value be that number.

10. If position is past the end of input, return value as an integer.

11. If the next character is a U+002E FULL STOP character (.):

    1. Advance position to the next character.

    2. If the next character is not one of U+0030 DIGIT ZERO (0) .. U+0039 DIGIT NINE (9), then return value as an integer.

    3. Collect a sequence of characters in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9). Let length be the number of characters collected. Let fraction be the result of interpreting the collected characters as a base-ten integer, and then dividing that number by 10^length.

    4. Increment value by fraction.

12. If position is past the end of input, return value as a length.

13. If the next character is a U+0025 PERCENT SIGN character (%), return value as a percentage.

14. Return value as a length.

The rules for parsing a list of integers are as follows:

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Let numbers be an initially empty list of integers. This list will be the result of this algorithm.

4. If there is a character in the string input at position position, and it is either a U+0020 SPACE, U+002C COMMA, or U+003B SEMICOLON character, then advance position to the next character in input, or to beyond the end of the string if there are no more characters.

5. If position points to beyond the end of input, return numbers and abort.

6. If the character in the string input at position position is a U+0020 SPACE, U+002C COMMA, or U+003B SEMICOLON character, then return to step 4.

7. Let negated be false.

8. Let value be 0.

9. Let started be false. This variable is set to true when the parser sees a number or a U+002D HYPHEN-MINUS ("-") character.

10. Let got number be false. This variable is set to true when the parser sees a number.

11. Let finished be false. This variable is set to true to switch parser into a mode where it ignores characters until the next separator.

12. Let bogus be false.

13. Parser: If the character in the string input at position position is:

    A U+002D HYPHEN-MINUS character

    Follow these substeps:

    1. If got number is true, let finished be true.
    2. If finished is true, skip to the next step in the overall set of steps.
    3. If started is true, let negated be false.
    4. Otherwise, if started is false and if bogus is false, let negated be true.
    5. Let started be true.

    A character in the range U+0030 DIGIT ZERO .. U+0039 DIGIT NINE

    Follow these substeps:

    1. If finished is true, skip to the next step in the overall set of steps.
    2. Multiply value by ten.
    3. Add the value of the digit, interpreted in base ten, to value.
    4. Let started be true.
    5. Let got number be true.

    A U+0020 SPACE character

    A U+002C COMMA character

    A U+003B SEMICOLON character

    Follow these substeps:

    1. If got number is false, return the numbers list and abort. This happens if an entry in the list has no digits, as in "1,2,x,4".
    2. If negated is true, then negate value.
    3. Append value to the numbers list.
    4. Jump to step 4 in the overall set of steps.

    A character in the range U+0001 .. U+001F, U+0021 .. U+002B, U+002D .. U+002F, U+003A, U+003C .. U+0040, U+005B .. U+0060, U+007b .. U+007F (i.e. any other non-alphabetic ASCII character)

    Follow these substeps:

    1. If got number is true, let finished be true.
    2. If finished is true, skip to the next step in the overall set of steps.
    3. Let negated be false.

    Any other character

    Follow these substeps:

    1. If finished is true, skip to the next step in the overall set of steps.
    2. Let negated be false.
    3. Let bogus be true.
    4. If started is true, then return the numbers list, and abort. (The value in value is not appended to the list first; it is dropped.)

14. Advance position to the next character in input, or to beyond the end of the string if there are no more characters.

15. If position points to a character (and not to beyond the end of input), jump to the big Parser step above.

16. If negated is true, then negate value.

17. If got number is true, then append value to the numbers list.

18. Return the numbers list and abort.

2.4.4.7 Lists of dimensions

The rules for parsing a list of dimensions are as follows. These rules return a list of zero or more pairs consisting of a number and a unit, the unit being one of percentage, relative, and absolute.

1. Let raw input be the string being parsed.

2. If the last character in raw input is a U+002C COMMA character (","), then remove that character from raw input.

3. Split the string raw input on commas. Let raw tokens be the resulting list of tokens.

4. Let result be an empty list of number/unit pairs.

5. For each token in raw tokens, run the following substeps:

   1. Let input be the token.

   2. Let position be a pointer into input, initially pointing at the start of the string.

   3. Let value be the number 0.

   4. Let unit be absolute.

   5. If position is past the end of input, set unit to relative and jump to the last substep.

   6. If the character at position is a character in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9), collect a sequence of characters in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9), interpret the resulting sequence as an integer in base ten, and increment value by that integer.

   7. If the character at position is a U+002E FULL STOP character (.), run these substeps:

      1. Collect a sequence of characters consisting of space characters and characters in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9). Let s be the resulting sequence.

      2. Remove all space characters in s.

      3. If s is not the empty string, run these subsubsteps:

         1. Let length be the number of characters in s (after the spaces were removed).

         2. Let fraction be the result of interpreting s as a base-ten integer, and then dividing that number by 10^length.

         3. Increment value by fraction.

   8. Skip whitespace.

   9. If the character at position is a U+0025 PERCENT SIGN (%) character, then set unit to percentage.

      Otherwise, if the character at position is a U+002A ASTERISK character (*), then set unit to relative.

   10. Add an entry to result consisting of the number given by value and the unit given by unit.

6. Return the list result.

The rules to parse a month string are as follows. This will either return a year and month, or nothing. If at any point the algorithm says that it "fails", this means that it is aborted at that point and returns nothing.

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Parse a month component to obtain year and month. If this returns nothing, then fail.

4. If position is not beyond the end of input, then fail.

5. Return year and month.

The rules to parse a month component, given an input string and a position, are as follows. This will either return a year and a month, or nothing. If at any point the algorithm says that it "fails", this means that it is aborted at that point and returns nothing.

1. Collect a sequence of characters in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9). If the collected sequence is not at least four characters long, then fail. Otherwise, interpret the resulting sequence as a base-ten integer. Let that number be the year.

2. If year is not a number greater than zero, then fail.

3. If position is beyond the end of input or if the character at position is not a U+002D HYPHEN-MINUS character, then fail. Otherwise, move position forwards one character.

4. Collect a sequence of characters in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9). If the collected sequence is not exactly two characters long, then fail. Otherwise, interpret the resulting sequence as a base-ten integer. Let that number be the month.

5. If month is not a number in the range 1 ≤ month ≤ 12, then fail.

6. Return year and month.

The rules to parse a date string are as follows. This will either return a date, or nothing. If at any point the algorithm says that it "fails", this means that it is aborted at that point and returns nothing.

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Parse a date component to obtain year, month, and day. If this returns nothing, then fail.

4. If position is not beyond the end of input, then fail.

5. Let date be the date with year year, month month, and day day.

6. Return date.

The rules to parse a date component, given an input string and a position, are as follows. This will either return a year, a month, and a day, or nothing. If at any point the algorithm says that it "fails", this means that it is aborted at that point and returns nothing.

1. Parse a month component to obtain year and month. If this returns nothing, then fail.

2. Let maxday be the number of days in month month of year year.

3. If position is beyond the end of input or if the character at position is not a U+002D HYPHEN-MINUS character, then fail. Otherwise, move position forwards one character.

4. Collect a sequence of characters in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9). If the collected sequence is not exactly two characters long, then fail. Otherwise, interpret the resulting sequence as a base-ten integer. Let that number be the day.

5. If day is not a number in the range 1 ≤ month ≤ maxday, then fail.

6. Return year, month, and day.

The rules to parse a time string are as follows. This will either return a time, or nothing. If at any point the algorithm says that it "fails", this means that it is aborted at that point and returns nothing.

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Parse a time component to obtain hour, minute, and second. If this returns nothing, then fail.

4. If position is not beyond the end of input, then fail.

5. Let time be the time with hour hour, minute minute, and second second.

6. Return time.

The rules to parse a time component, given an input string and a position, are as follows. This will either return an hour, a minute, and a second, or nothing. If at any point the algorithm says that it "fails", this means that it is aborted at that point and returns nothing.

1. Collect a sequence of characters in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9). If the collected sequence is not exactly two characters long, then fail. Otherwise, interpret the resulting sequence as a base-ten integer. Let that number be the hour.

2. If hour is not a number in the range 0 ≤ hour ≤ 23, then fail.

3. If position is beyond the end of input or if the character at position is not a U+003A COLON character, then fail. Otherwise, move position forwards one character.

4. Collect a sequence of characters in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9). If the collected sequence is not exactly two characters long, then fail. Otherwise, interpret the resulting sequence as a base-ten integer. Let that number be the minute.

5. If minute is not a number in the range 0 ≤ minute ≤ 59, then fail.

6. Let second be a string with the value "0".

7. If position is not beyond the end of input and the character at position is a U+003A COLON, then run these substeps:

   1. Advance position to the next character in input.

   2. If position is beyond the end of input, or at the last character in input, or if the next two characters in input starting at position are not two characters both in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9), then fail.

   3. Collect a sequence of characters that are either characters in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9) or U+002E FULL STOP characters. If the collected sequence has more than one U+002E FULL STOP characters, or if the last character in the sequence is a U+002E FULL STOP character, then fail. Otherwise, let the collected string be second instead of its previous value.

8. Interpret second as a base-ten number (possibly with a fractional part). Let second be that number instead of the string version.

9. If second is not a number in the range 0 ≤ second < 60, then fail.

10. Return hour, minute, and second.

The rules to parse a local date and time string are as follows. This will either return a date and time, or nothing. If at any point the algorithm says that it "fails", this means that it is aborted at that point and returns nothing.

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Parse a date component to obtain year, month, and day. If this returns nothing, then fail.

4. If position is beyond the end of input or if the character at position is not a U+0054 LATIN CAPITAL LETTER T character then fail. Otherwise, move position forwards one character.

5. Parse a time component to obtain hour, minute, and second. If this returns nothing, then fail.

6. If position is not beyond the end of input, then fail.

7. Let date be the date with year year, month month, and day day.

8. Let time be the time with hour hour, minute minute, and second second.

9. Return date and time.

The rules to parse a global date and time string are as follows. This will either return a time in UTC, with associated time-zone information for round tripping or display purposes, or nothing. If at any point the algorithm says that it "fails", this means that it is aborted at that point and returns nothing.

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Parse a date component to obtain year, month, and day. If this returns nothing, then fail.

4. If position is beyond the end of input or if the character at position is not a U+0054 LATIN CAPITAL LETTER T character then fail. Otherwise, move position forwards one character.

5. Parse a time component to obtain hour, minute, and second. If this returns nothing, then fail.

6. If position is beyond the end of input, then fail.

7. Parse a time-zone component to obtain timezone_hours and timezone_minutes. If this returns nothing, then fail.

8. If position is not beyond the end of input, then fail.

9. Let time be the moment in time at year year, month month, day day, hours hour, minute minute, second second, subtracting timezone_hours hours and timezone_minutes minutes. That moment in time is a moment in the UTC time zone.

10. Let timezone be timezone_hours hours and timezone_minutes minutes from UTC.

11. Return time and timezone.

The rules to parse a time-zone component, given an input string and a position, are as follows. This will either return time-zone hours and time-zone minutes, or nothing. If at any point the algorithm says that it "fails", this means that it is aborted at that point and returns nothing.

1. If the character at position is a U+005A LATIN CAPITAL LETTER Z, then:

   1. Let timezone_hours be 0.

   2. Let timezone_minutes be 0.

   3. Advance position to the next character in input.

   Otherwise, if the character at position is either a U+002B PLUS SIGN ("+") or a U+002D HYPHEN-MINUS ("-"), then:

   1. If the character at position is a U+002B PLUS SIGN ("+"), let sign be "positive". Otherwise, it's a U+002D HYPHEN-MINUS ("-"); let sign be "negative".

   2. Advance position to the next character in input.

   3. Collect a sequence of characters in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9). If the collected sequence is not exactly two characters long, then fail. Otherwise, interpret the resulting sequence as a base-ten integer. Let that number be the timezone_hours.

   4. If timezone_hours is not a number in the range 0 ≤ timezone_hours ≤ 23, then fail.
   5. If sign is "negative", then negate timezone_hours.

   6. If position is beyond the end of input or if the character at position is not a U+003A COLON character, then fail. Otherwise, move position forwards one character.

   7. Collect a sequence of characters in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9). If the collected sequence is not exactly two characters long, then fail. Otherwise, interpret the resulting sequence as a base-ten integer. Let that number be the timezone_minutes.

   8. If timezone_minutes is not a number in the range 0 ≤ timezone_minutes ≤ 59, then fail.
   9. If sign is "negative", then negate timezone_minutes.

2. Return timezone_hours and timezone_minutes.

The rules to parse a week string are as follows. This will either return a week-year number and week number, or nothing. If at any point the algorithm says that it "fails", this means that it is aborted at that point and returns nothing.

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Collect a sequence of characters in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9). If the collected sequence is not at least four characters long, then fail. Otherwise, interpret the resulting sequence as a base-ten integer. Let that number be the year.

4. If year is not a number greater than zero, then fail.

5. If position is beyond the end of input or if the character at position is not a U+002D HYPHEN-MINUS character, then fail. Otherwise, move position forwards one character.

6. If position is beyond the end of input or if the character at position is not a U+0057 LATIN CAPITAL LETTER W character, then fail. Otherwise, move position forwards one character.

7. Collect a sequence of characters in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9). If the collected sequence is not exactly two characters long, then fail. Otherwise, interpret the resulting sequence as a base-ten integer. Let that number be the week.

8. Let maxweek be the week number of the last day of year year.

9. If week is not a number in the range 1 ≤ week ≤ maxweek, then fail.

10. If position is not beyond the end of input, then fail.

11. Return the week-year number year and the week number week.

The rules to parse a date or time string are as follows. The algorithm is invoked with a flag indicating if the in attribute variant or the in content variant is to be used. The algorithm will either return a date, a time, a global date and time, or nothing. If at any point the algorithm says that it "fails", this means that it is aborted at that point and returns nothing.

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. For the in content variant: skip White_Space characters.

4. Set start position to the same position as position.

5. Set the date present and time present flags to true.

6. Parse a date component to obtain year, month, and day. If this fails, then set the date present flag to false.

7. If date present is true, and position is not beyond the end of input, and the character at position is a U+0054 LATIN CAPITAL LETTER T character, then advance position to the next character in input.

   Otherwise, if date present is true, and either position is beyond the end of input or the character at position is not a U+0054 LATIN CAPITAL LETTER T character, then set time present to false.

   Otherwise, if date present is false, set position back to the same position as start position.

8. If the time present flag is true, then parse a time component to obtain hour, minute, and second. If this returns nothing, then set the time present flag to false.

9. If both the date present and time present flags are false, then fail.

10. If the time present flag is true, but position is beyond the end of input, then fail.

11. If the date present and time present flags are both true, parse a time-zone component to obtain timezone_hours and timezone_minutes. If this returns nothing, then fail.

12. For the in content variant: skip White_Space characters.

13. If position is not beyond the end of input, then fail.

14. If the date present flag is true and the time present flag is false, then let date be the date with year year, month month, and day day, and return date.

    Otherwise, if the time present flag is true and the date present flag is false, then let time be the time with hour hour, minute minute, and second second, and return time.

    Otherwise, let time be the moment in time at year year, month month, day day, hours hour, minute minute, second second, subtracting timezone_hours hours and timezone_minutes minutes, that moment in time being a moment in the UTC time zone; let timezone be timezone_hours hours and timezone_minutes minutes from UTC; and return time and timezone.

The rules for parsing simple color values are as given in the following algorithm. When invoked, the steps must be followed in the order given, aborting at the first step that returns a value. This algorithm will either return a simple color or an error.

1. Let input be the string being parsed.

2. If input is not exactly seven characters long, then return an error.

3. If the first character in input is not a U+0023 NUMBER SIGN (#) character, then return an error.

4. If the last six characters of input are not all in the range U+0030 DIGIT ZERO (0) .. U+0039 DIGIT NINE (9), U+0041 LATIN CAPITAL LETTER A .. U+0046 LATIN CAPITAL LETTER F, U+0061 LATIN SMALL LETTER A .. U+0066 LATIN SMALL LETTER F, then return an error.

5. Let result be a simple color.

6. Interpret the second and third characters as a hexadecimal number and let the result be the red component of result.

7. Interpret the fourth and fifth characters as a hexadecimal number and let the result be the green component of result.

8. Interpret the sixth and seventh characters as a hexadecimal number and let the result be the blue component of result.

9. Return result.

The rules for serializing simple color values given a simple color are as given in the following algorithm:

1. Let result be a string consisting of a single U+0023 NUMBER SIGN (#) character.

2. Convert the red, green, and blue components in turn to two-digit hexadecimal numbers using the digits U+0030 DIGIT ZERO (0) .. U+0039 DIGIT NINE (9) and U+0061 LATIN SMALL LETTER A .. U+0066 LATIN SMALL LETTER F, zero-padding if necessary, and append these numbers to result, in the order red, green, blue.

3. Return result, which will be a valid lowercase simple color.

---

Some obsolete legacy attributes parse colors in a more complicated manner, using the rules for parsing a legacy color value, which are given in the following algorithm. When invoked, the steps must be followed in the order given, aborting at the first step that returns a value. This algorithm will either return a simple color or an error.

1. Let input be the string being parsed.

2. If input is the empty string, then return an error.

3. If input is an ASCII case-insensitive match for the string "transparent", then return an error.

4. If input is an ASCII case-insensitive match for one of the keywords listed in the SVG color keywords or CSS2 System Colors sections of the CSS3 Color specification, then return the simple color corresponding to that keyword. [CSS3COLOR]

5. If input is four characters long, and the first character in input is a U+0023 NUMBER SIGN (#) character, and the last three characters of input are all in the range U+0030 DIGIT ZERO (0) .. U+0039 DIGIT NINE (9), U+0041 LATIN CAPITAL LETTER A .. U+0046 LATIN CAPITAL LETTER F, and U+0061 LATIN SMALL LETTER A .. U+0066 LATIN SMALL LETTER F, then run these substeps:

   1. Let result be a simple color.

   2. Interpret the second character of input as a hexadecimal digit; let the red component of result be the resulting number multiplied by 17.

   3. Interpret the third character of input as a hexadecimal digit; let the green component of result be the resulting number multiplied by 17.

   4. Interpret the fourth character of input as a hexadecimal digit; let the blue component of result be the resulting number multiplied by 17.

   5. Return result.

6. Replace any characters in input that have a Unicode code point greater than U+FFFF (i.e. any characters that are not in the basic multilingual plane) with the two-character string "00".

7. If input is longer than 128 characters, truncate input, leaving only the first 128 characters.

8. If the first character in input is a U+0023 NUMBER SIGN character (#), remove it.

9. Replace any character in input that is not in the range U+0030 DIGIT ZERO (0) .. U+0039 DIGIT NINE (9), U+0041 LATIN CAPITAL LETTER A .. U+0046 LATIN CAPITAL LETTER F, and U+0061 LATIN SMALL LETTER A .. U+0066 LATIN SMALL LETTER F with the character U+0030 DIGIT ZERO (0).

10. While input's length is zero or not a multiple of three, append a U+0030 DIGIT ZERO (0) character to input.

11. Split input into three strings of equal length, to obtain three components. Let length be the length of those components (one third the length of input).

12. If length is greater than 8, then remove the leading length-8 characters in each component, and let length be 8.

13. While length is greater than two and the first character in each component is a U+0030 DIGIT ZERO (0) character, remove that character and reduce length by one.

14. If length is still greater than two, truncate each component, leaving only the first two characters in each.

15. Let result be a simple color.

16. Interpret the first component as a hexadecimal number; let the red component of result be the resulting number.

17. Interpret the second component as a hexadecimal number; let the green component of result be the resulting number.

18. Interpret the third component as a hexadecimal number; let the blue component of result be the resulting number.

19. Return result.

When a user agent has to split a string on spaces, it must use the following algorithm:

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Let tokens be a list of tokens, initially empty.

4. Skip whitespace

5. While position is not past the end of input:

   1. Collect a sequence of characters that are not space characters.

   2. Add the string collected in the previous step to tokens.

   3. Skip whitespace

6. Return tokens.

When a user agent has to remove a token from a string, it must use the following algorithm:

1. Let input be the string being modified.

2. Let token be the token being removed. It will not contain any space characters.

3. Let output be the output string, initially empty.

4. Let position be a pointer into input, initially pointing at the start of the string.

5. If position is beyond the end of input, set the string being modified to output, and abort these steps.

6. If the character at position is a space character:

   1. Append the character at position to the end of output.

   2. Increment position so it points at the next character in input.

   3. Return to step 5 in the overall set of steps.

7. Otherwise, the character at position is the first character of a token. Collect a sequence of characters that are not space characters, and let that be s.

8. If s is exactly equal to token, then:

   1. Skip whitespace (in input).

   2. Remove any space characters currently at the end of output.

   3. If position is not past the end of input, and output is not the empty string, append a single U+0020 SPACE character at the end of output.

9. Otherwise, append s to the end of output.

10. Return to step 6 in the overall set of steps.

This causes any occurrences of the token to be removed from the string, and any spaces that were surrounding the token to be collapsed to a single space, except at the start and end of the string, where such spaces are removed.

When a user agent has to split a string on commas, it must use the following algorithm:

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Let tokens be a list of tokens, initially empty.

4. Token: If position is past the end of input, jump to the last step.

5. Collect a sequence of characters that are not U+002C COMMA characters (,). Let s be the resulting sequence (which might be the empty string).

6. Remove any leading or trailing sequence of space characters from s.

7. Add s to tokens.

8. If position is not past the end of input, then the character at position is a U+002C COMMA character (,); advance position past that character.

9. Jump back to the step labeled token.

10. Return tokens.

To check if a string is a valid reversed DNS identifier, conformance checkers must run the following algorithm:

1. Apply the IDNA ToASCII algorithm to the string, with both the AllowUnassigned and UseSTD3ASCIIRules flags set, but between steps 2 and 3 of the general ToASCII/ToUnicode algorithm (i.e. after splitting the domain name into individual labels), reverse the order of the labels.

   If ToASCII fails to convert one of the components of the string, e.g. because it is too long or because it contains invalid characters, then the string is not valid; abort these steps. [RFC3490]

2. Check that the end of the resulting string matches a suffix in the Public Suffix List, and that there is at least one domain label before the matching substring. If it does not, or if there is not, then the string is not valid; abort these steps. [PSL]

3. Check that the domain name up to the label before the prefix that was matched in the previous string is a registered domain name.

The rules for parsing a hash-name reference to an element of type type are as follows:

1. If the string being parsed does not contain a U+0023 NUMBER SIGN character, or if the first such character in the string is the last character in the string, then return null and abort these steps.

2. Let s be the string from the character immediately after the first U+0023 NUMBER SIGN character in the string being parsed up to the end of that string.

3. Return the first element of type type that has an id attribute whose value is a case-sensitive match for s or a name attribute whose value is a compatibility caseless match for s.

A URL has an associated URL character encoding, determined as follows:

If the URL came from a script (e.g. as an argument to a method)

The URL character encoding is the script's URL character encoding.

If the URL came from a DOM node (e.g. from an element)

The node has a Document, and the URL character encoding is the document's character encoding.

If the URL had a character encoding defined when the URL was created or defined

The URL character encoding is as defined.

The term "URL" in this specification is used in a manner distinct from the precise technical meaning it is given in RFC 3986. Readers familiar with that RFC will find it easier to read this specification if they pretend the term "URL" as used herein is really called something else altogether. This is a willful violation of RFC 3986. RFC3986

2.5.2 Parsing URLs

To parse a URL url into its component parts, the user agent must use the following steps:

1. Strip leading and trailing space characters from url.

2. Parse url in the manner defined by RFC 3986, with the following exceptions:

   • Add all characters with code points less than or equal to U+0020 or greater than or equal to U+007F to the <unreserved> production.
   • Add the characters U+0022, U+003C, U+003E, U+005B .. U+005E, U+0060, and U+007B .. U+007D to the <unreserved> production.
   • Add a single U+0025 PERCENT SIGN character as a second alternative way of matching the <pct-encoded> production, except when the <pct-encoded> is used in the <reg-name> production.
   • Add the U+0023 NUMBER SIGN character to the characters allowed in the <fragment> production.

3. If url doesn't match the <URI-reference> production, even after the above changes are made to the ABNF definitions, then parsing the URL fails with an error. [RFC3986]

   Otherwise, parsing url was successful; the components of the URL are substrings of url defined as follows:

   <scheme>

   The substring matched by the <scheme> production, if any.

   <host>

   The substring matched by the <host> production, if any.

   <port>

   The substring matched by the <port> production, if any.

   <hostport>

   If there is a <scheme> component and a <port> component and the port given by the <port> component is different than the default port defined for the protocol given by the <scheme> component, then <hostport> is the substring that starts with the substring matched by the <host> production and ends with the substring matched by the <port> production, and includes the colon in between the two. Otherwise, it is the same as the <host> component.

   <path>

   The substring matched by one of the following productions, if one of them was matched:

   • <path-abempty>
   • <path-absolute>
   • <path-noscheme>
   • <path-rootless>
   • <path-empty>

   <query>

   The substring matched by the <query> production, if any.

   <fragment>

   The substring matched by the <fragment> production, if any.

   <host-specific>

   The substring that follows the substring matched by the <authority> production, or the whole string if the <authority> production wasn't matched.

These parsing rules are a willful violation of RFC 3986 and RFC 3987 to handle legacy content. RFC3986 RFC3987

2.5.3 Resolving URLs

To resolve a URL to an absolute URL relative to either another absolute URL or an element, the user agent must use the following steps. Resolving a URL can result in an error, in which case the URL is not resolvable.

1. Let url be the URL being resolved.

2. Let encoding be the URL character encoding.

3. If encoding is UTF-16, then change it to UTF-8.

4. If the algorithm was invoked with an absolute URL to use as the base URL, let base be that absolute URL.

   Otherwise, let base be the base URI of the element, as defined by the XML Base specification, with the base URI of the document entity being defined as the document base URL of the Document that owns the element. [XMLBASE]

   For the purposes of the XML Base specification, user agents must act as if all Document objects represented XML documents.

   It is possible for xml:base attributes to be present even in HTML fragments, as such attributes can be added dynamically using script. (Such scripts would not be conforming, however, as xml:base attributes are not allowed in HTML documents.)

   The document base URL of a Document is the absolute URL obtained by running these substeps:

   1. Let fallback base url be the document's address.

   2. If fallback base url is about:blank, and the Document's browsing context has a creator browsing context, then let fallback base url be the document base URL of the creator Document instead.

   3. If there is no base element that is both a child of the head element and has an href attribute, then the document base URL is fallback base url.

   4. Otherwise, let url be the value of the href attribute of the first such element.

   5. Resolve url relative to fallback base url (thus, the base href attribute isn't affected by xml:base attributes).

   6. The document base URL is the result of the previous step if it was successful; otherwise it is fallback base url.

5. Parse url into its component parts.

6. If parsing url resulted in a <host> component, then replace the matching substring of url with the string that results from expanding any sequences of percent-encoded octets in that component that are valid UTF-8 sequences into Unicode characters as defined by UTF-8.

   If any percent-encoded octets in that component are not valid UTF-8 sequences, then return an error and abort these steps.

   Apply the IDNA ToASCII algorithm to the matching substring, with both the AllowUnassigned and UseSTD3ASCIIRules flags set. Replace the matching substring with the result of the ToASCII algorithm.

   If ToASCII fails to convert one of the components of the string, e.g. because it is too long or because it contains invalid characters, then return an error and abort these steps. [RFC3490]

7. If parsing url resulted in a <path> component, then replace the matching substring of url with the string that results from applying the following steps to each character other than U+0025 PERCENT SIGN (%) that doesn't match the original <path> production defined in RFC 3986:

   1. Encode the character into a sequence of octets as defined by UTF-8.
   2. Replace the character with the percent-encoded form of those octets. [RFC3986]

   For instance if url was "//example.com/a^b☺c%FFd%z/?e", then the <path> component's substring would be "/a^b☺c%FFd%z/" and the two characters that would have to be escaped would be "^" and "☺". The result after this step was applied would therefore be that url now had the value "//example.com/a%5Eb%E2%98%BAc%FFd%z/?e".

8. If parsing url resulted in a <query> component, then replace the matching substring of url with the string that results from applying the following steps to each character other than U+0025 PERCENT SIGN (%) that doesn't match the original <query> production defined in RFC 3986:

   1. If the character in question cannot be expressed in the encoding encoding, then replace it with a single 0x3F octet (an ASCII question mark) and skip the remaining substeps for this character.
   2. Encode the character into a sequence of octets as defined by the encoding encoding.
   3. Replace the character with the percent-encoded form of those octets. [RFC3986]

9. Apply the algorithm described in RFC 3986 section 5.2 Relative Resolution, using url as the potentially relative URI reference (R), and base as the base URI (Base). [RFC3986]

10. Apply any relevant conformance criteria of RFC 3986 and RFC 3987, returning an error and aborting these steps if appropriate. [RFC3986] [RFC3987]

    For instance, if an absolute URI that would be returned by the above algorithm violates the restrictions specific to its scheme, e.g. a data: URI using the "//" server-based naming authority syntax, then user agents are to treat this as an error instead.

11. Let result be the target URI (T) returned by the Relative Resolution algorithm.

12. If result uses a scheme with a server-based naming authority, replace all U+005C REVERSE SOLIDUS (\) characters in result with U+002F SOLIDUS (/) characters.

13. Return result.

A URL is an absolute URL if resolving it results in the same URL without an error.

2.5.4 Dynamic changes to base URLs

When an xml:base attribute changes, the attribute's element, and all descendant elements, are affected by a base URL change.

When a document's document base URL changes, all elements in that document are affected by a base URL change.

When an element is moved from one document to another, if the two documents have different base URLs, then that element and all its descendants are affected by a base URL change.

When an element is affected by a base URL change, it must act as described in the following list:

If the element is a hyperlink element

If the absolute URL identified by the hyperlink is being shown to the user, or if any data derived from that URL is affecting the display, then the href attribute should be re-resolved relative to the element and the UI updated appropriately.

For example, the CSS :link/:visited pseudo-classes might have been affected.

If the hyperlink has a ping attribute and its absolute URL(s) are being shown to the user, then the ping attribute's tokens should be re-resolved relative to the element and the UI updated appropriately.

If the element is a q, blockquote, section, article, ins, or del element with a cite attribute

If the absolute URL identified by the cite attribute is being shown to the user, or if any data derived from that URL is affecting the display, then the URL should be re-resolved relative to the element and the UI updated appropriately.

Otherwise

The element is not directly affected.

Changing the base URL doesn't affect the image displayed by img elements, although subsequent accesses of the src DOM attribute from script will return a new absolute URL that might no longer correspond to the image being shown.

           attribute DOMString protocol;
           attribute DOMString host;
           attribute DOMString hostname;
           attribute DOMString port;
           attribute DOMString pathname;
           attribute DOMString search;
           attribute DOMString hash;

---

The attributes defined to be URL decomposition attributes must act as described for the attributes with the same corresponding names in this section.

In addition, an interface with a complement of URL decomposition attributes will define an input, which is a URL that the attributes act on, and a common setter action, which is a set of steps invoked when any of the attributes' setters are invoked.

The seven URL decomposition attributes have similar requirements.

On getting, if the input is an absolute URL that fulfills the condition given in the "getter condition" column corresponding to the attribute in the table below, the user agent must return the part of the input URL given in the "component" column, with any prefixes specified in the "prefix" column appropriately added to the start of the string and any suffixes specified in the "suffix" column appropriately added to the end of the string. Otherwise, the attribute must return the empty string.

On setting, the new value must first be mutated as described by the "setter preprocessor" column, then mutated by %-escaping any characters in the new value that are not valid in the relevant component as given by the "component" column. Then, if the input is an absolute URL and the resulting new value fulfills the condition given in the "setter condition" column, the user agent must make a new string output by replacing the component of the URL given by the "component" column in the input URL with the new value; otherwise, the user agent must let output be equal to the input. Finally, the user agent must invoke the common setter action with the value of output.

When replacing a component in the URL, if the component is part of an optional group in the URL syntax consisting of a character followed by the component, the component (including its prefix character) must be included even if the new value is the empty string.

The previous paragraph applies in particular to the ":" before a <port> component, the "?" before a <query> component, and the "#" before a <fragment> component.

For the purposes of the above definitions, URLs must be parsed using the URL parsing rules defined in this specification.

Attribute	Component	Getter Condition	Prefix	Suffix	Setter Preprocessor	Setter Condition
protocol	<scheme>	—	—	U+003A COLON (":")	Remove all trailing U+003A COLON (":") characters	The new value is not the empty string
host	<hostport>	input is hierarchical and uses a server-based naming authority	—	—	—	The new value is not the empty string and input is hierarchical and uses a server-based naming authority
hostname	<host>	input is hierarchical and uses a server-based naming authority	—	—	Remove all leading U+002F SOLIDUS ("/") characters	The new value is not the empty string and input is hierarchical and uses a server-based naming authority
port	<port>	input is hierarchical, uses a server-based naming authority, and contained a <port> component (possibly an empty one)	—	—	Remove any characters in the new value that are not in the range U+0030 DIGIT ZERO .. U+0039 DIGIT NINE. If the resulting string is empty, set it to a single U+0030 DIGIT ZERO character ('0').	input is hierarchical and uses a server-based naming authority
pathname	<path>	input is hierarchical	—	—	If it has no leading U+002F SOLIDUS ("/") character, prepend a U+002F SOLIDUS ("/") character to the new value	—
search	<query>	input is hierarchical, and contained a <query> component (possibly an empty one)	U+003F QUESTION MARK ("?")	—	Remove one leading U+003F QUESTION MARK ("?") character, if any	—
hash	<fragment>	input contained a <fragment> component (possibly an empty one)	U+0023 NUMBER SIGN ("#")	—	Remove one leading U+0023 NUMBER SIGN ("#") character, if any	—

2.6 Fetching resources

When a user agent is to fetch a resource, the following steps must be run:

1. If the resource is identified by the URL about:blank, then return the empty string and abort these steps.

2. Perform the remaining steps asynchronously.

3. If the resource is identified by an absolute URL, and the resource is to be obtained using a idempotent action (such as an HTTP GET or equivalent), and it is already being downloaded for other reasons (e.g. another invocation of this algorithm), and the user agent is configured such that it is to reuse the data from the existing download instead of initiating a new one, then use the results of the existing download instead of starting a new one.

   Otherwise, at a time convenient to the user and the user agent, download (or otherwise obtain) the resource, applying the semantics of the relevant specifications (e.g. performing an HTTP GET or POST operation, or reading the file from disk, following redirects, dereferencing javascript: URLs, etc).

4. If there are cookies to be set, then the user agent must run the following substeps:

   1. Wait until ownership of the storage mutex can be taken by this instance of the fetching algorithm.

   2. Take ownership of the storage mutex.

   3. Update the cookies. [COOKIES]

   4. Release the storage mutex so that it is once again free.

5. When the resource is available, or if there is an error of some description, queue a task that uses the resource as appropriate. If the resource can be processed incrementally, as, for instance, with a progressively interlaced JPEG or an HTML file, additional tasks may be queued to process the data as it is downloaded. The task source for these tasks is the networking task source.

The application cache processing model introduces some changes to the networking model to handle the returning of cached resources.

The navigation processing model handles redirects itself, overriding the redirection handling that would be done by the fetching algorithm.

Whether the type sniffing rules apply to the fetched resource depends on the algorithm that invokes the rules — they are not always applicable.

2.6.1 Protocol concepts

User agents can implement a variety of transfer protocols, but this specification mostly defines behavior in terms of HTTP. [HTTP]

The HTTP GET method is equivalent to the default retrieval action of the protocol. For example, RETR in FTP. Such actions are idempotent and safe, in HTTP terms.

The HTTP response codes are equivalent to statuses in other protocols that have the same basic meanings. For example, a "file not found" error is equivalent to a 404 code, a server error is equivalent to a 5xx code, and so on.

The HTTP headers are equivalent to fields in other protocols that have the same basic meaning. For example, the HTTP authentication headers are equivalent to the authentication aspects of the FTP protocol.

If there are any specific questions with what should be considered equivalent to what, let me know, and I'll make it more explicit for those cases.

2.6.2 Encrypted HTTP and related security concerns

Anything in this specification that refers to HTTP also applies to HTTP-over-TLS, as represented by URLs representing the https scheme.

User agents should report certificate errors to the user and must either refuse to download resources sent with erroneous certificates or must act as if such resources were in fact served with no encryption.

Not doing so can result in users not noticing man-in-the-middle attacks.

2.7 Determining the type of a resource

It is imperative that the rules in this section be followed exactly. When a user agent uses different heuristics for content type detection than the server expects, security problems can occur. For example, if a server believes that the client will treat a contributed file as an image (and thus treat it as benign), but a Web browser believes the content to be HTML (and thus execute any scripts contained therein), the end user can be exposed to malicious content, making the user vulnerable to cookie theft attacks and other cross-site scripting attacks.

2.7.1 Content-Type metadata

What explicit Content-Type metadata is associated with the resource (the resource's type information) depends on the protocol that was used to fetch the resource.

For HTTP resources, only the first Content-Type HTTP header, if any, contributes any type information; the explicit type of the resource is then the value of that header, interpreted as described by the HTTP specifications. If the Content-Type HTTP header is present but the value of the first such header cannot be interpreted as described by the HTTP specifications (e.g. because its value doesn't contain a U+002F SOLIDUS ('/') character), then the resource has no type information (even if there are multiple Content-Type HTTP headers and one of the other ones is syntactically correct). [HTTP]

For resources fetched from the file system, user agents should use platform-specific conventions, e.g. operating system extension/type mappings.

Extensions must not be used for determining resource types for resources fetched over HTTP.

For resources fetched over most other protocols, e.g. FTP, there is no type information.

The algorithm for extracting an encoding from a Content-Type, given a string s, is as follows. It either returns an encoding or nothing.

1. Find the first seven characters in s that are an ASCII case-insensitive match for the word "charset". If no such match is found, return nothing.

2. Skip any U+0009, U+000A, U+000C, U+000D, or U+0020 characters that immediately follow the word 'charset' (there might not be any).

3. If the next character is not a U+003D EQUALS SIGN ('='), return nothing.

4. Skip any U+0009, U+000A, U+000C, U+000D, or U+0020 characters that immediately follow the equals sign (there might not be any).

5. Process the next character as follows:

   If it is a U+0022 QUOTATION MARK ('"') and there is a later U+0022 QUOTATION MARK ('"') in s

   If it is a U+0027 APOSTROPHE ("'") and there is a later U+0027 APOSTROPHE ("'") in s

   Return the string between this character and the next earliest occurrence of this character.

   If it is an unmatched U+0022 QUOTATION MARK ('"')

   If it is an unmatched U+0027 APOSTROPHE ("'")

   If there is no next character

   Return nothing.

   Otherwise

   Return the string from this character to the first U+0009, U+000A, U+000C, U+000D, U+0020, or U+003B character or the end of s, whichever comes first.

The above algorithm is a willful violation of the HTTP specification. [HTTP]

2.7.2 Content-Type sniffing: Web pages

The sniffed type of a resource must be found as follows:

1. If the user agent is configured to strictly obey Content-Type headers for this resource, then jump to the last step in this set of steps.

2. If the resource was fetched over an HTTP protocol and there is an HTTP Content-Type header and the value of the first such header has bytes that exactly match one of the following lines:

   Bytes in Hexadecimal	Textual representation
   74 65 78 74 2f 70 6c 61 69 6e	text/plain
   74 65 78 74 2f 70 6c 61 69 6e 3b 20 63 68 61 72 73 65 74 3d 49 53 4f 2d 38 38 35 39 2d 31	text/plain; charset=ISO-8859-1
   74 65 78 74 2f 70 6c 61 69 6e 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31	text/plain; charset=iso-8859-1
   74 65 78 74 2f 70 6c 61 69 6e 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38	text/plain; charset=UTF-8

   ...then jump to the text or binary section below.

3. Let official type be the type given by the Content-Type metadata for the resource, ignoring parameters. If there is no such type, jump to the unknown type step below. Comparisons with this type, as defined by MIME specifications, are done in an ASCII case-insensitive manner. [RFC2046]

4. If official type is "unknown/unknown" or "application/unknown", jump to the unknown type step below.

5. If official type ends in "+xml", or if it is either "text/xml" or "application/xml", then the sniffed type of the resource is official type; return that and abort these steps.

6. If official type is an image type supported by the user agent (e.g. "image/png", "image/gif", "image/jpeg", etc), then jump to the images section below, passing it the official type.

7. If official type is "text/html", then jump to the feed or HTML section below.

8. The sniffed type of the resource is official type.

2.7.3 Content-Type sniffing: text or binary

1. The user agent may wait for 512 or more bytes of the resource to be available.

2. Let n be the smaller of either 512 or the number of bytes already available.

3. If n is 4 or more, and the first bytes of the resource match one of the following byte sets:

   Bytes in Hexadecimal	Description
   FE FF	UTF-16BE BOM
   FF FE	UTF-16LE BOM
   EF BB BF	UTF-8 BOM

   ...then the sniffed type of the resource is "text/plain". Abort these steps.

4. If none of the first n bytes of the resource are binary data bytes then the sniffed type of the resource is "text/plain". Abort these steps.

5. If the first bytes of the resource match one of the byte sequences in the "pattern" column of the table in the unknown type section below, ignoring any rows whose cell in the "security" column says "scriptable" (or "n/a"), then the sniffed type of the resource is the type given in the corresponding cell in the "sniffed type" column on that row; abort these steps.

   It is critical that this step not ever return a scriptable type (e.g. text/html), as otherwise that would allow a privilege escalation attack.

6. Otherwise, the sniffed type of the resource is "application/octet-stream".

Bytes covered by the following ranges are binary data bytes:

• 0x00 - 0x08
• 0x0B
• 0x0E - 0x1A
• 0x1C - 0x1F

2.7.4 Content-Type sniffing: unknown type

1. The user agent may wait for 512 or more bytes of the resource to be available.

2. Let stream length be the smaller of either 512 or the number of bytes already available.

3. For each row in the table below:

   If the row has no "WS" bytes:

   1. Let pattern length be the length of the pattern (number of bytes described by the cell in the second column of the row).
   2. If stream length is smaller than pattern length then skip this row.
   3. Apply the "and" operator to the first pattern length bytes of the resource and the given mask (the bytes in the cell of first column of that row), and let the result be the data.
   4. If the bytes of the data matches the given pattern bytes exactly, then the sniffed type of the resource is the type given in the cell of the third column in that row; abort these steps.

   If the row has a "WS" byte:

   1. Let index_pattern be an index into the mask and pattern byte strings of the row.

   2. Let index_stream be an index into the byte stream being examined.

   3. Loop: If index_stream points beyond the end of the byte stream, then this row doesn't match, skip this row.

   4. Examine the index_streamth byte of the byte stream as follows:

      If the index_patternth byte of the pattern is a normal hexadecimal byte and not a "WS" byte:

      If the "and" operator, applied to the index_streamth byte of the stream and the index_patternth byte of the mask, yield a value different that the index_patternth byte of the pattern, then skip this row.

      Otherwise, increment index_pattern to the next byte in the mask and pattern and index_stream to the next byte in the byte stream.

      Otherwise, if the index_patternth byte of the pattern is a "WS" byte:

      "WS" means "whitespace", and allows insignificant whitespace to be skipped when sniffing for a type signature.

      If the index_streamth byte of the stream is one of 0x09 (ASCII TAB), 0x0A (ASCII LF), 0x0C (ASCII FF), 0x0D (ASCII CR), or 0x20 (ASCII space), then increment only the index_stream to the next byte in the byte stream.

      Otherwise, increment only the index_pattern to the next byte in the mask and pattern.

   5. If index_pattern does not point beyond the end of the mask and pattern byte strings, then jump back to the loop step in this algorithm.

   6. Otherwise, the sniffed type of the resource is the type given in the cell of the third column in that row; abort these steps.

4. If none of the first n bytes of the resource are binary data bytes then the sniffed type of the resource is "text/plain". Abort these steps.

5. Otherwise, the sniffed type of the resource is "application/octet-stream".

The table used by the above algorithm is:

Bytes in Hexadecimal		Sniffed type	Security	Comment
Mask	Pattern
FF FF DF DF DF DF DF DF DF FF DF DF DF DF	3C 21 44 4F 43 54 59 50 45 20 48 54 4D 4C	text/html	Scriptable	The string "<!DOCTYPE HTML" in US-ASCII or compatible encodings, case-insensitively.
FF FF DF DF DF DF	WS 3C 48 54 4D 4C	text/html	Scriptable	The string "<HTML" in US-ASCII or compatible encodings, case-insensitively, possibly with leading spaces.
FF FF DF DF DF DF	WS 3C 48 45 41 44	text/html	Scriptable	The string "<HEAD" in US-ASCII or compatible encodings, case-insensitively, possibly with leading spaces.
FF FF DF DF DF DF DF DF	WS 3C 53 43 52 49 50 54	text/html	Scriptable	The string "<SCRIPT" in US-ASCII or compatible encodings, case-insensitively, possibly with leading spaces.
FF FF FF FF FF	25 50 44 46 2D	application/pdf	Scriptable	The string "%PDF-", the PDF signature.
FF FF FF FF FF FF FF FF FF FF FF	25 21 50 53 2D 41 64 6F 62 65 2D	application/postscript	Safe	The string "%!PS-Adobe-", the PostScript signature.
FF FF 00 00	FE FF 00 00	text/plain	n/a	UTF-16BE BOM
FF FF 00 00	FF FF 00 00	text/plain	n/a	UTF-16LE BOM
FF FF FF 00	EF BB BF 00	text/plain	n/a	UTF-8 BOM
FF FF FF FF FF FF	47 49 46 38 37 61	image/gif	Safe	The string "GIF87a", a GIF signature.
FF FF FF FF FF FF	47 49 46 38 39 61	image/gif	Safe	The string "GIF89a", a GIF signature.
FF FF FF FF FF FF FF FF	89 50 4E 47 0D 0A 1A 0A	image/png	Safe	The PNG signature.
FF FF FF	FF D8 FF	image/jpeg	Safe	A JPEG SOI marker followed by the first byte of another marker.
FF FF	42 4D	image/bmp	Safe	The string "BM", a BMP signature.
FF FF FF FF	00 00 01 00	image/vnd.microsoft.icon	Safe	A 0 word following by a 1 word, a Windows Icon file format signature.

I'd like to add types like MPEG, AVI, Flash, Java, etc, to the above table.

User agents may support further types if desired, by implicitly adding to the above table. However, user agents should not use any other patterns for types already mentioned in the table above, as this could then be used for privilege escalation (where, e.g., a server uses the above table to determine that content is not HTML and thus safe from XSS attacks, but then a user agent detects it as HTML anyway and allows script to execute).

The column marked "security" is used by the algorithm in the "text or binary" section, to avoid sniffing text/plain content as a type that can be used for a privilege escalation attack.

2.7.5 Content-Type sniffing: image

If the resource's official type is "image/svg+xml", then the sniffed type of the resource is its official type (an XML type).

Otherwise, if the first bytes of the resource match one of the byte sequences in the first column of the following table, then the sniffed type of the resource is the type given in the corresponding cell in the second column on the same row:

Bytes in Hexadecimal	Sniffed type	Comment
47 49 46 38 37 61	image/gif	The string "GIF87a", a GIF signature.
47 49 46 38 39 61	image/gif	The string "GIF89a", a GIF signature.
89 50 4E 47 0D 0A 1A 0A	image/png	The PNG signature.
FF D8 FF	image/jpeg	A JPEG SOI marker followed by the first byte of another marker.
42 4D	image/bmp	The string "BM", a BMP signature.
00 00 01 00	image/vnd.microsoft.icon	A 0 word following by a 1 word, a Windows Icon file format signature.

Otherwise, the sniffed type of the resource is the same as its official type.

2.7.6 Content-Type sniffing: feed or HTML

1. The user agent may wait for 512 or more bytes of the resource to be available.

2. Let s be the stream of bytes, and let s[i] represent the byte in s with position i, treating s as zero-indexed (so the first byte is at i=0).

3. If at any point this algorithm requires the user agent to determine the value of a byte in s which is not yet available, or which is past the first 512 bytes of the resource, or which is beyond the end of the resource, the user agent must stop this algorithm, and assume that the sniffed type of the resource is "text/html".

   User agents are allowed, by the first step of this algorithm, to wait until the first 512 bytes of the resource are available.

4. Initialize pos to 0.

5. If s[0] is 0xEF, s[1] is 0xBB, and s[2] is 0xBF, then set pos to 3. (This skips over a leading UTF-8 BOM, if any.)

6. Loop start: Examine s[pos].

   If it is 0x09 (ASCII tab), 0x20 (ASCII space), 0x0A (ASCII LF), or 0x0D (ASCII CR)

   Increase pos by 1 and repeat this step.

   If it is 0x3C (ASCII "<")

   Increase pos by 1 and go to the next step.

   If it is anything else

   The sniffed type of the resource is "text/html". Abort these steps.

7. If the bytes with positions pos to pos+2 in s are exactly equal to 0x21, 0x2D, 0x2D respectively (ASCII for "!--"), then:

   1. Increase pos by 3.
   2. If the bytes with positions pos to pos+2 in s are exactly equal to 0x2D, 0x2D, 0x3E respectively (ASCII for "-->"), then increase pos by 3 and jump back to the previous step (the step labeled loop start) in the overall algorithm in this section.
   3. Otherwise, increase pos by 1.
   4. Return to step 2 in these substeps.

8. If s[pos] is 0x21 (ASCII "!"):

   1. Increase pos by 1.
   2. If s[pos] equal 0x3E, then increase pos by 1 and jump back to the step labeled loop start in the overall algorithm in this section.
   3. Otherwise, return to step 1 in these substeps.

9. If s[pos] is 0x3F (ASCII "?"):

   1. Increase pos by 1.
   2. If s[pos] and s[pos+1] equal 0x3F and 0x3E respectively, then increase pos by 1 and jump back to the step labeled loop start in the overall algorithm in this section.
   3. Otherwise, return to step 1 in these substeps.

10. Otherwise, if the bytes in s starting at pos match any of the sequences of bytes in the first column of the following table, then the user agent must follow the steps given in the corresponding cell in the second column of the same row.

    Bytes in Hexadecimal	Requirement	Comment
    72 73 73	The sniffed type of the resource is "application/rss+xml"; abort these steps	The three ASCII characters "rss"
    66 65 65 64	The sniffed type of the resource is "application/atom+xml"; abort these steps	The four ASCII characters "feed"
    72 64 66 3A 52 44 46	Continue to the next step in this algorithm	The ASCII characters "rdf:RDF"

    If none of the byte sequences above match the bytes in s starting at pos, then the sniffed type of the resource is "text/html". Abort these steps.

11. If, before the next ">", you find two xmlns* attributes with http://www.w3.org/1999/02/22-rdf-syntax-ns# and http://purl.org/rss/1.0/ as the namespaces, then the sniffed type of the resource is "application/rss+xml", abort these steps. (maybe we only need to check for http://purl.org/rss/1.0/ actually)

12. Otherwise, the sniffed type of the resource is "text/html".

For efficiency reasons, implementations may wish to implement this algorithm and the algorithm for detecting the character encoding of HTML documents in parallel.

2.8 Character encodings

User agents must at a minimum support the UTF-8 and Windows-1252 encodings, but may support more.

It is not unusual for Web browsers to support dozens if not upwards of a hundred distinct character encodings.

User agents must support the preferred MIME name of every character encoding they support that has a preferred MIME name, and should support all the IANA-registered aliases. [IANACHARSET]

When comparing a string specifying a character encoding with the name or alias of a character encoding to determine if they are equal, user agents must use the Charset Alias Matching rules defined in Unicode Technical Standard #22. [UTS22]

For instance, "GB_2312-80" and "g.b.2312(80)" are considered equivalent names.

---

When a user agent would otherwise use an encoding given in the first column of the following table to either convert content to Unicode characters or convert Unicode characters to bytes, it must instead use the encoding given in the cell in the second column of the same row. When a byte or sequence of bytes is treated differently due to this encoding aliasing, it is said to have been misinterpreted for compatibility.

Character encoding overrides

Input encoding	Replacement encoding	References
EUC-KR	Windows-949	[EUCKR] [WIN949]
GB2312	GBK	[GB2312] [GBK]
GB_2312-80	GBK	[RFC1345] [GBK]
ISO-8859-1	Windows-1252	[RFC1345] [WIN1252]
ISO-8859-9	Windows-1254	[RFC1345] [WIN1254]
ISO-8859-11	Windows-874	[ISO885911] [WIN874]
KS_C_5601-1987	Windows-949	[RFC1345] [WIN949]
TIS-620	Windows-874	[TIS620] [WIN874]
US-ASCII	Windows-1252	[RFC1345] [WIN1252]
x-x-big5	Big5	[BIG5]

The requirement to treat certain encodings as other encodings according to the table above is a willful violation of the W3C Character Model specification. [CHARMOD]

---

User agents must not support the CESU-8, UTF-7, BOCU-1 and SCSU encodings. [CESU8] [UTF7] [BOCU1] [SCSU]

Support for encodings based on EBCDIC is not recommended. This encoding is rarely used for publicly-facing Web content.

Support for UTF-32 is not recommended. This encoding is rarely used, and frequently implemented incorrectly.

This specification does not make any attempt to support EBCDIC-based encodings and UTF-32 in its algorithms; support and use of these encodings can thus lead to unexpected behavior in implementations of this specification.

If a reflecting DOM attribute is a DOMString attribute whose content attribute is defined to contain a URL, then on getting, the DOM attribute must resolve the value of the content attribute relative to the element and return the resulting absolute URL if that was successful, or the empty string otherwise; and on setting, must set the content attribute to the specified literal value. If the content attribute is absent, the DOM attribute must return the default value, if the content attribute has one, or else the empty string.

If a reflecting DOM attribute is a DOMString attribute whose content attribute is defined to contain one or more URLs, then on getting, the DOM attribute must split the content attribute on spaces and return the concatenation of resolving each token URL to an absolute URL relative to the element, with a single U+0020 SPACE character between each URL, ignoring any tokens that did not resolve successfully. If the content attribute is absent, the DOM attribute must return the default value, if the content attribute has one, or else the empty string. On setting, the DOM attribute must set the content attribute to the specified literal value.

If a reflecting DOM attribute is a DOMString whose content attribute is an enumerated attribute, and the DOM attribute is limited to only known values, then, on getting, the DOM attribute must return the conforming value associated with the state the attribute is in (in its canonical case), or the empty string if the attribute is in a state that has no associated keyword value; and on setting, if the new value is an ASCII case-insensitive match for one of the keywords given for that attribute, then the content attribute must be set to the conforming value associated with the state that the attribute would be in if set to the given new value, otherwise, if the new value is the empty string, then the content attribute must be removed, otherwise, the setter must raise a SYNTAX_ERR exception.

If a reflecting DOM attribute is a DOMString but doesn't fall into any of the above categories, then the getting and setting must be done in a transparent, case-preserving manner.

If a reflecting DOM attribute is a boolean attribute, then on getting the DOM attribute must return true if the attribute is set, and false if it is absent. On setting, the content attribute must be removed if the DOM attribute is set to false, and must be set to have the same value as its name if the DOM attribute is set to true. (This corresponds to the rules for boolean content attributes.)

If a reflecting DOM attribute is a signed integer type (long) then, on getting, the content attribute must be parsed according to the rules for parsing signed integers, and if that is successful, and the value is in the range of the DOM attribute's type, the resulting value must be returned. If, on the other hand, it fails or returns an out of range value, or if the attribute is absent, then the default value must be returned instead, or 0 if there is no default value. On setting, the given value must be converted to the shortest possible string representing the number as a valid integer in base ten and then that string must be used as the new content attribute value.

If a reflecting DOM attribute is an unsigned integer type (unsigned long) then, on getting, the content attribute must be parsed according to the rules for parsing non-negative integers, and if that is successful, and the value is in the range of the DOM attribute's type, the resulting value must be returned. If, on the other hand, it fails or returns an out of range value, or if the attribute is absent, the default value must be returned instead, or 0 if there is no default value. On setting, the given value must be converted to the shortest possible string representing the number as a valid non-negative integer in base ten and then that string must be used as the new content attribute value.

If a reflecting DOM attribute is an unsigned integer type (unsigned long) that is limited to only positive non-zero numbers, then the behavior is similar to the previous case, but zero is not allowed. On getting, the content attribute must first be parsed according to the rules for parsing non-negative integers, and if that is successful, and the value is in the range of the DOM attribute's type, the resulting value must be returned. If, on the other hand, it fails or returns an out of range value, or if the attribute is absent, the default value must be returned instead, or 1 if there is no default value. On setting, if the value is zero, the user agent must fire an INDEX_SIZE_ERR exception. Otherwise, the given value must be converted to the shortest possible string representing the number as a valid non-negative integer in base ten and then that string must be used as the new content attribute value.

If a reflecting DOM attribute is a floating point number type (float) and it doesn't fall into one of the earlier categories, then, on getting, the content attribute must be parsed according to the rules for parsing floating point number values, and if that is successful, and the value is in the range of the DOM attribute's type, the resulting value must be returned. If, on the other hand, it fails or returns an out of range value, or if the attribute is absent, the default value must be returned instead, or 0.0 if there is no default value. On setting, the given value must be converted to the best representation of the floating point number and then that string must be used as the new content attribute value.

The values ±Infinity and NaN throw an exception on setting, as defined by WebIDL. [WEBIDL]

If a reflecting DOM attribute is of the type DOMTokenList or DOMSettableTokenList, then on getting it must return a DOMTokenList or DOMSettableTokenList object (as appropriate) whose underlying string is the element's corresponding content attribute. When the object mutates its underlying string, the content attribute must itself be immediately mutated. When the attribute is absent, then the string represented by the object is the empty string; when the object mutates this empty string, the user agent must first add the corresponding content attribute, and then mutate that attribute instead. The same DOMTokenList object must be returned every time for each attribute.

If a reflecting DOM attribute has the type HTMLElement, or an interface that descends from HTMLElement, then, on getting, it must run the following algorithm (stopping at the first point where a value is returned):

1. If the corresponding content attribute is absent, then the DOM attribute must return null.
2. Let candidate be the element that the document.getElementById() method would find if it was passed as its argument the current value of the corresponding content attribute.
3. If candidate is null, or if it is not type-compatible with the DOM attribute, then the DOM attribute must return null.
4. Otherwise, it must return candidate.

On setting, if the given element has an id attribute, then the content attribute must be set to the value of that id attribute. Otherwise, the DOM attribute must be set to the empty string.

The rows list is not in tree order.

An attribute that returns a collection must return the same object every time it is retrieved.

[Callable=namedItem]
interface HTMLCollection {
  readonly attribute unsigned long length;
  [IndexGetter] Element item(in unsigned long index);
  [NameGetter] Element namedItem(in DOMString name);
};

---

The object's indices of the supported indexed properties are the numbers in the range zero to one less than the number of nodes represented by the collection. If there are no such elements, then there are no supported indexed properties.

The length attribute must return the number of nodes represented by the collection.

The item(index) method must return the indexth node in the collection. If there is no indexth node in the collection, then the method must return null.

The names of the supported named properties consist of the values of the name attributes of each a, applet, area, embed, form, frame, frameset, iframe, img, and object element represented by the collection with a name attribute, plus the list of IDs that the elements represented by the collection have.

The namedItem(key) method must return the first node in the collection that matches the following requirements:

• It is an a, applet, area, embed, form, frame, frameset, iframe, img, or object element with a name attribute equal to key, or,
• It is an element with an ID key.

If no such elements are found, then the method must return null.

[Callable=namedItem]
interface HTMLFormControlsCollection {
  readonly attribute unsigned long length;
  [IndexGetter] HTMLElement item(in unsigned long index);
  [NameGetter] Object namedItem(in DOMString name);
};

interface RadioNodeList : NodeList {
          attribute DOMString value;
};

---

The object's indices of the supported indexed properties are the numbers in the range zero to one less than the number of nodes represented by the collection. If there are no such elements, then there are no supported indexed properties.

The length attribute must return the number of nodes represented by the collection.

The item(index) method must return the indexth node in the collection. If there is no indexth node in the collection, then the method must return null.

The names of the supported named properties consist of the values of all the id and name attributes of all the elements represented by the collection.

The namedItem(name) method must act according to the following algorithm:

1. If, at the time the method is called, there is exactly one node in the collection that has either an id attribute or a name attribute equal to name, then return that node and stop the algorithm.
2. Otherwise, if there are no nodes in the collection that have either an id attribute or a name attribute equal to name, then return null and stop the algorithm.
3. Otherwise, create a RadioNodeList object representing a live view of the HTMLFormControlsCollection object, further filtered so that the only nodes in the RadioNodeList object are those that have either an id attribute or a name attribute equal to name. The nodes in the RadioNodeList object must be sorted in tree order.
4. Return that RadioNodeList object.

---

A members of the RadioNodeList interface inherited from the NodeList interface must behave as they would on a NodeList object.

The value DOM attribute on the RadioNodeList object, on getting, must return the value returned by running the following steps:

1. Let element be the first element in tree order represented by the RadioNodeList object that is an input element whose type attribute is in the Radio Button state and whose checkedness is true. Otherwise, let it be null.

2. If element is null, or if it is an element with no value attribute, return the empty string.

3. Otherwise, return the value of element's value attribute.

On setting, the value DOM attribute must run the following steps:

1. Let element be the first element in tree order represented by the RadioNodeList object that is an input element whose type attribute is in the Radio Button state and whose value content attribute is present and equal to the new value, if any. Otherwise, let it be null.

2. If element is not null, then set its checkedness to true.

[Callable=namedItem]
interface HTMLOptionsCollection {
           attribute unsigned long length;
  [IndexGetter] HTMLOptionElement item(in unsigned long index);
  [NameGetter] Object namedItem(in DOMString name);
  void add(in HTMLElement element, [Optional] in HTMLElement before);
  void add(in HTMLElement element, in long before);
  void remove(in long index);
};

The object's indices of the supported indexed properties are the numbers in the range zero to one less than the number of nodes represented by the collection. If there are no such elements, then there are no supported indexed properties.

On getting, the length attribute must return the number of nodes represented by the collection.

On setting, the behavior depends on whether the new value is equal to, greater than, or less than the number of nodes represented by the collection at that time. If the number is the same, then setting the attribute must do nothing. If the new value is greater, then n new option elements with no attributes and no child nodes must be appended to the select element on which the HTMLOptionsCollection is rooted, where n is the difference between the two numbers (new value minus old value). If the new value is lower, then the last n nodes in the collection must be removed from their parent nodes, where n is the difference between the two numbers (old value minus new value).

Setting length never removes or adds any optgroup elements, and never adds new children to existing optgroup elements (though it can remove children from them).

The item(index) method must return the indexth node in the collection. If there is no indexth node in the collection, then the method must return null.

The names of the supported named properties consist of the values of all the id and name attributes of all the elements represented by the collection.

The namedItem(name) method must act according to the following algorithm:

1. If, at the time the method is called, there is exactly one node in the collection that has either an id attribute or a name attribute equal to name, then return that node and stop the algorithm.
2. Otherwise, if there are no nodes in the collection that have either an id attribute or a name attribute equal to name, then return null and stop the algorithm.
3. Otherwise, create a NodeList object representing a live view of the HTMLOptionsCollection object, further filtered so that the only nodes in the NodeList object are those that have either an id attribute or a name attribute equal to name. The nodes in the NodeList object must be sorted in tree order.
4. Return that NodeList object.

The add(element, before) method must act according to the following algorithm:

1. If element is not an option or optgroup element, then return and abort these steps.

2. If element is an ancestor of the select element element on which the HTMLOptionsCollection is rooted, then throw a HIERARCHY_REQUEST_ERR exception.

3. If before is an element, but that element isn't a descendant of the select element element on which the HTMLOptionsCollection is rooted, then throw a NOT_FOUND_ERR exception.

4. If element and before are the same element, then return and abort these steps.

5. If before is a node, then let reference be that node. Otherwise, if before is an integer, and there is a beforeth node in the collection, let reference be that node. Otherwise, let reference be null.

6. If reference is not null, let parent be the parent node of reference. Otherwise, let parent be the select element element on which the HTMLOptionsCollection is rooted.

7. Act as if the DOM Core insertBefore() method was invoked on the parent node, with element as the first argument and reference as the second argument.

The remove(index) method must act according to the following algorithm:

1. If the number of nodes represented by the collection is zero, abort these steps.

2. If index is not a number greater than or equal to 0 and less than the number of nodes represented by the collection, let element be the first element in the collection. Otherwise, let element be the indexth element in the collection.

3. Remove element from its parent node.

[Callable=namedItem]
interface HTMLPropertyCollection {
  readonly attribute unsigned long length;
  [IndexGetter] HTMLElement item(in unsigned long index);

  readonly attribute DOMStringList names;
  [NameGetter] PropertyNodeList namedItem(in DOMString name);
};

typedef sequence<any> PropertyValueArray;

interface PropertyNodeList : NodeList {
          attribute PropertyValueArray content;
};

---

The object's indices of the supported indexed properties are the numbers in the range zero to one less than the number of nodes represented by the collection. If there are no such elements, then there are no supported indexed properties.

The length attribute must return the number of nodes represented by the collection.

The item(index) method must return the indexth node in the collection. If there is no indexth node in the collection, then the method must return null.

The names of the supported named properties consist of the property names of all the elements represented by the collection.

The names attribute must return a live DOMStringList object giving the property names of all the elements represented by the collection, listed in tree order, but with duplicates removed, leaving only the first occurrence of each name. The same object must be returned each time.

The namedItem(name) method must return a PropertyNodeList object representing a live view of the HTMLPropertyCollection object, further filtered so that the only nodes in the RadioNodeList object are those that have a property name equal to name. The nodes in the PropertyNodeList object must be sorted in tree order, and the same object must be returned each time a particular name is queried.

---

A members of the PropertyNodeList interface inherited from the NodeList interface must behave as they would on a NodeList object.

The content DOM attribute on the PropertyNodeList object, on getting, must return a newly constructed DOMStringArray whose values are the values obtained from the content DOM property of each of the elements represented by the object, in tree order.

[Stringifies] interface DOMTokenList {
  readonly attribute unsigned long length;
  [IndexGetter] DOMString item(in unsigned long index);
  boolean has(in DOMString token);
  void add(in DOMString token);
  void remove(in DOMString token);
  boolean toggle(in DOMString token);
};

The length attribute must return the number of unique tokens that result from splitting the underlying string on spaces. This is the length.

The object's indices of the supported indexed properties are the numbers in the range zero to length-1, unless the length is zero, in which case there are no supported indexed properties.

The item(index) method must split the underlying string on spaces, sort the resulting list of tokens by Unicode code point, remove exact duplicates, and then return the indexth item in this list. If index is equal to or greater than the number of tokens, then the method must return null.

The has(token) method must run the following algorithm:

1. If the token argument contains any space characters, then raise an INVALID_CHARACTER_ERR exception and stop the algorithm.
2. Otherwise, split the underlying string on spaces to get the list of tokens in the object's underlying string.
3. If the token indicated by token is one of the tokens in the object's underlying string then return true and stop this algorithm.
4. Otherwise, return false.

The add(token) method must run the following algorithm:

1. If the token argument contains any space characters, then raise an INVALID_CHARACTER_ERR exception and stop the algorithm.
2. Otherwise, split the underlying string on spaces to get the list of tokens in the object's underlying string.
3. If the given token is already one of the tokens in the DOMTokenList object's underlying string then stop the algorithm.
4. Otherwise, if the DOMTokenList object's underlying string is not the empty string and the last character of that string is not a space character, then append a U+0020 SPACE character to the end of that string.
5. Append the value of token to the end of the DOMTokenList object's underlying string.

The remove(token) method must run the following algorithm:

1. If the token argument contains any space characters, then raise an INVALID_CHARACTER_ERR exception and stop the algorithm.
2. Otherwise, remove the given token from the underlying string.

The toggle(token) method must run the following algorithm:

1. If the token argument contains any space characters, then raise an INVALID_CHARACTER_ERR exception and stop the algorithm.
2. Otherwise, split the underlying string on spaces to get the list of tokens in the object's underlying string.
3. If the given token is already one of the tokens in the DOMTokenList object's underlying string then remove the given token from the underlying string, and stop the algorithm, returning false.
4. Otherwise, if the DOMTokenList object's underlying string is not the empty string and the last character of that string is not a space character, then append a U+0020 SPACE character to the end of that string.
5. Append the value of token to the end of the DOMTokenList object's underlying string.
6. Return true.

Objects implementing the DOMTokenList interface must stringify to the object's underlying string representation.

[Stringifies] interface DOMSettableTokenList : DOMTokenList {
            attribute DOMString value;
};

An object implementing the DOMSettableTokenList interface must act as defined for the DOMTokenList interface, except for the value attribute defined here.

The value attribute must return the underlying string on getting, and must replace the underlying string with the new value on setting.

2.9.5 Safe passing of structured data

When a user agent is required to obtain a structured clone of an object, it must run the following algorithm, which either returns a separate object, or throws an exception.

1. Let input be the object being cloned.

2. Let memory be a list of objects, initially empty. (This is used to catch cycles.)

3. Let output be the object resulting from calling the internal structured cloning algorithm with input and memory.

4. Return output.

The internal structured cloning algorithm is always called with two arguments, input and memory, and its behavior depends on the type of input, as follows:

If input is the undefined value

Return the undefined value.

If input is the null value

Return the null value.

If input is the false value

Return the false value.

If input is the true value

Return the true value.

If input is a Number object

Return a newly constructed Number object with the same value as input.

If input is a String object

Return a newly constructed String object with the same value as input.

If input is a Date object

Return a newly constructed Date object with the same value as input.

If input is a RegExp object

Return a newly constructed RegExp object with the same pattern and flags as input.

The value of the lastIndex property is not copied.

If input is a ImageData object

Return a newly constructed ImageData object with the same width and height as input, and with a newly constructed CanvasPixelArray for its data attribute, with the same length and pixel values as the input's.

If input is a host object (e.g. a DOM node)

Return the null value.

If input is an Array object

If input is an Object object

1. If input is in memory, then throw a NOT_SUPPORTED_ERR exception and abort the overall structured clone algorithm.

2. Otherwise, let new memory be a list consisting of the items in memory with the addition of input.

3. Create a new object, output, of the same type as input: either an Array or an Object.

4. For each enumerable property in input, add a corresponding property to output having the same name, and having a value created from invoking the internal structured cloning algorithm recursively with the value of the property as the "input" argument and new memory as the "memory" argument. The order of the properties in the input and output objects must be the same.

   This does not walk the prototype chain.

5. Return output.

If input is another native object type (e.g. Error)

Return the null value.

When a DOMStringMap object is instantiated, it is associated with three algorithms, one for getting the list of name-value pairs, one for setting names to certain values, and one for deleting names.

[NameCreator, NameDeleter, NameGetter, NameSetter]
interface DOMStringMap {};

The names of the supported named properties on a DOMStringMap object at any instant are the names of each pair returned from the algorithm for getting the list of name-value pairs at that instant.

When a DOMStringMap object is indexed to retrieve a named property name, the value returned must be the value component of the name-value pair whose name component is name in the list returned by the algorithm for getting the list of name-value pairs.

When a DOMStringMap object is indexed to create or modify a named property name with value value, the algorithm for setting names to certain values must be run, passing name as the name and the result of converting value to a DOMString as the value.

When a DOMStringMap object is indexed to delete a named property named name, the algorithm for deleting names must be run, passing name as the name.

The DOMStringMap interface definition here is only intended for JavaScript environments. Other language bindings will need to define how DOMStringMap is to be implemented for those languages.

<img class="tower" id="tower5" data-x="12" data-y="5"
     data-ai="robotarget" data-hp="46" data-ability="flames"
     src="towers/rocket.png alt="Rocket Tower">

function splashDamage(node, x, y, damage) {
  if (node.classList.has('tower') && // checking the 'class' attribute
      node.dataset.x == x && // reading the 'data-x' attribute
      node.dataset.y == y) { // reading the 'data-y' attribute
    var hp = parseInt(node.dataset.hp); // reading the 'data-hp' attribute
    hp = hp - damage;
    if (hp < 0) {
      hp = 0;
      node.dataset.ai = 'dead'; // setting the 'data-ai' attribute
      delete node.dataset.ability; // removing the 'data-ability' attribute
    }
    node.dataset.hp = hp; // setting the 'data-hp' attribute
  }
}

2.9.9 Garbage collection

There is an implied strong reference from any DOM attribute that returns a pre-existing object to that object.

[NameGetter=OverrideBuiltins, ImplementedOn=Document]
interface HTMLDocument {
  // resource metadata management
  [PutForwards=href] readonly attribute Location location;
  readonly attribute DOMString URL;
           attribute DOMString domain;
  readonly attribute DOMString referrer;
           attribute DOMString cookie;
  readonly attribute DOMString lastModified;
  readonly attribute DOMString compatMode;
           attribute DOMString charset;
  readonly attribute DOMString characterSet;
  readonly attribute DOMString defaultCharset;
  readonly attribute DOMString readyState;

  // DOM tree accessors
           attribute DOMString title;
           attribute DOMString dir;
           attribute HTMLElement body;
  readonly attribute HTMLCollection images;
  readonly attribute HTMLCollection embeds;
  readonly attribute HTMLCollection plugins;
  readonly attribute HTMLCollection links;
  readonly attribute HTMLCollection forms;
  readonly attribute HTMLCollection anchors;
  readonly attribute HTMLCollection scripts;
  readonly attribute HTMLCollection items;
  NodeList getElementsByName(in DOMString elementName);
  NodeList getElementsByClassName(in DOMString classNames);

  // dynamic markup insertion
           attribute DOMString innerHTML;
  HTMLDocument open([Optional] in DOMString type, [Optional] in DOMString replace);
  WindowProxy open(in DOMString url, in DOMString name, in DOMString features, [Optional] in boolean replace);
  void close();
  void write([Variadic] in DOMString text);
  void writeln([Variadic] in DOMString text);

  // user interaction
  Selection getSelection();
  readonly attribute Element activeElement;
  boolean hasFocus();
           attribute DOMString designMode;
  boolean execCommand(in DOMString commandId);
  boolean execCommand(in DOMString commandId, in boolean showUI);
  boolean execCommand(in DOMString commandId, in boolean showUI, in DOMString value);
  boolean queryCommandEnabled(in DOMString commandId);
  boolean queryCommandIndeterm(in DOMString commandId);
  boolean queryCommandState(in DOMString commandId);
  boolean queryCommandSupported(in DOMString commandId);
  DOMString queryCommandValue(in DOMString commandId);
  readonly attribute HTMLCollection commands;

  // event handler DOM attributes
           attribute Function onabort;
           attribute Function onblur;
           attribute Function oncanplay;
           attribute Function oncanplaythrough;
           attribute Function onchange;
           attribute Function onclick;
           attribute Function oncontextmenu;
           attribute Function ondataunavailable;
           attribute Function ondblclick;
           attribute Function ondrag;
           attribute Function ondragend;
           attribute Function ondragenter;
           attribute Function ondragleave;
           attribute Function ondragover;
           attribute Function ondragstart;
           attribute Function ondrop;
           attribute Function ondurationchange;
           attribute Function onemptied;
           attribute Function onended;
           attribute Function onerror;
           attribute Function onfocus;
           attribute Function onformchange;
           attribute Function onforminput;
           attribute Function oninput;
           attribute Function oninvalid;
           attribute Function onkeydown;
           attribute Function onkeypress;
           attribute Function onkeyup;
           attribute Function onload;
           attribute Function onloadeddata;
           attribute Function onloadedmetadata;
           attribute Function onloadstart;
           attribute Function onmousedown;
           attribute Function onmousemove;
           attribute Function onmouseout;
           attribute Function onmouseover;
           attribute Function onmouseup;
           attribute Function onmousewheel;
           attribute Function onpause;
           attribute Function onplay;
           attribute Function onplaying;
           attribute Function onprogress;
           attribute Function onratechange;
           attribute Function onreadystatechange;
           attribute Function onscroll;
           attribute Function onseeked;
           attribute Function onseeking;
           attribute Function onselect;
           attribute Function onshow;
           attribute Function onstalled;
           attribute Function onsubmit;
           attribute Function onsuspend;
           attribute Function ontimeupdate;
           attribute Function onvolumechange;
           attribute Function onwaiting;
};