[Origin API] Define an Origin interface. (#11534)

source

@@ -26062,6 +26062,19 @@ document.body.appendChild(wbr);</code></pre>
   <p>An element implementing the <code>HTMLHyperlinkElementUtils</code> mixin has an associated <dfn
   data-x="concept-hyperlink-url">url</dfn> (null or a <span>URL</span>). It is initially null.
 
+  <div algorithm>
+  <p>An element implementing the <code>HTMLHyperlinkElementUtils</code> mixin has the following
+  <span>extract an origin</span> steps:</p>
+
+  <ol>
+   <li><p>If <span>this</span>'s <span data-x="concept-hyperlink-url">url</span> is null, then
+   return null.</p></li>
+
+   <li><p>Return <span>this</span>'s <span data-x="concept-hyperlink-url">url</span>'s
+   <span data-x="concept-url-origin">origin</span>.</p></li>
+  </ol>
+  </div>
+
   <div algorithm>
   <p>An element implementing the <code>HTMLHyperlinkElementUtils</code> mixin has an associated <dfn
   data-x="concept-hyperlink-url-set">set the url</dfn> algorithm, which runs these steps:</p>
@@ -92415,6 +92428,111 @@ dictionary <dfn dictionary>DragEventInit</dfn> : <span>MouseEventInit</span> {
 
   </div>
 
+  <h5>The <code data-x="dom-Origin-interface">Origin</code> interface</h5>
+
+  <p>The <code data-x="dom-Origin-interface">Origin</code> interface represents an
+  <span>origin</span>, allowing robust <span>same origin</span> and <span>same site</span>
+  comparisons.</p>
+
+  <pre><code class="idl">[Exposed=*]
+interface <dfn interface data-x="dom-Origin-interface">Origin</dfn> {
+  <span data-x="dom-Origin-constructor">constructor</span>();
+
+  static <span data-x="dom-Origin-interface">Origin</span> <span data-x="dom-Origin-from">from</span>(any value);
+
+  readonly attribute boolean <span data-x="dom-Origin-opaque">opaque</span>;
+
+  boolean <span data-x="dom-Origin-isSameOrigin">isSameOrigin</span>(Origin other);
+  boolean <span data-x="dom-Origin-isSameSite">isSameSite</span>(Origin other);
+};</code></pre>
+
+  <p><code data-x="dom-Origin-interface">Origin</code> objects have an associated
+  <dfn for="Origin" attribute data-x="dom-Origin-origin">origin</dfn>, which holds an
+  <span>origin</span>.</p>
+
+  <p><span data-x="platform object">Platform objects</span> have an
+  <dfn for="platform object" export>extract an origin</dfn> operation, which returns null unless
+  otherwise specified.</p>
+
+  <div algorithm>
+  <p>Objects implementing the <code data-x="dom-Origin-interface">Origin</code> interface's
+  <span>extract an origin</span> steps are to return <span>this</span>'s
+  <span data-x="dom-Origin-origin">origin</span>.</p>
+  </div>
+
+  <div algorithm>
+  <p>The <dfn constructor for="Origin"><code
+  data-x="dom-Origin-constructor">new Origin()</code></dfn> constructor steps are:</p>
+
+  <ol>
+   <li><p>Set <span>this</span>'s <span data-x="dom-Origin-origin">origin</span> to a unique
+   <span data-x="concept-origin-opaque">opaque origin</span>.</p></li>
+  </ol>
+  </div>
+
+  <div algorithm>
+  <p>The static <dfn method for="Origin"><code data-x="dom-Origin-from">from(value)</code></dfn>
+  method accepts an arbitrary object <var>value</var>, and returns either a newly-constructed
+  <code data-x="dom-Origin-interface">Origin</code> object if one can be extracted from
+  <var>value</var>, or throws a <code>TypeError</code> otherwise:</p>
+
+  <ol>
+   <li>
+    <p>If <var>value</var> is a <span>platform object</span>:</p>
+    <ol>
+     <li><p>Let <var>origin</var> be the result of executing <var>value</var>'s <span>extract an
+     origin</span> operation.</p></li>
+
+     <li><p>If <var>origin</var> is not null, then return a new
+     <code data-x="dom-Origin-interface">Origin</code> object whose
+     <span data-x="dom-Origin-origin">origin</span> is set to <var>origin</var>.</p></li>
+    </ol>
+   </li>
+
+   <li>
+    <p>If <var>value</var> is a <span>string</span>:</p>
+    <ol>
+     <li><p>Let <var>parsed url</var> be the result of <span data-x="basic url parser">basic URL
+     parsing</span> <var>value</var>.</p></li>
+
+     <li><p>If <var>parsed url</var> is not failure, then return a new
+     <code data-x="dom-Origin-interface">Origin</code> object whose
+     <span data-x="dom-Origin-origin">origin</span> is set to <var>parsed url</var>'s
+     <span data-x="concept-url-origin">origin</span>.</p></li>
+    </ol>
+   </li>
+
+   <li><p>Throw a <code>TypeError</code>.</p></li>
+  </ol>
+  </div>
+
+  <div algorithm>
+  <p>The <dfn attribute for="Origin"><code data-x="dom-Origin-opaque">opaque</code></dfn> attribute
+  getter steps are to return true if <span>this</span>'s
+  <span data-x="dom-Origin-origin">origin</span> is an <span data-x="concept-origin-opaque">opaque
+  origin</span>, and false otherwise.</p>
+  </div>
+
+  <div algorithm>
+  <p>The <dfn method for="Origin"><code
+  data-x="dom-Origin-isSameOrigin">isSameOrigin(other)</code></dfn> method returns true if
+  <span>this</span>'s <span data-x="dom-Origin-origin">origin</span> is <span>same origin</span>
+  with <var>other</var>'s <span data-x="dom-Origin-origin">origin</span>, and false otherwise.</p>
+  </div>
+
+  <div algorithm>
+  <p>The <dfn method for="Origin"><code
+  data-x="dom-Origin-isSameSite">isSameSite(other)</code></dfn> method returns true if
+  <span>this</span>'s <span data-x="dom-Origin-origin">origin</span> is <span>same site</span> with
+  <var>other</var>'s <span data-x="dom-Origin-origin">origin</span>, and false otherwise.</p>
+
+  <p class="note">Note that same-site checks might return different values for the same origins in
+  different user agents, or even in the same user agent at different times, as the public suffix
+  list is updated and distributed in implementation-defined ways. <span
+  data-x="dom-Origin-isSameSite">isSameSite()</span> reflects the user agent's current understanding
+  of the relationship between two origins, but makes no promises about the future.</p>
+  </div>
+
 
   <h4><span id="origin-isolation"></span>Origin-keyed agent clusters</h4>
 
@@ -96906,6 +97024,21 @@ interface <dfn interface>Location</dfn> { // but see also <a href="#the-location
   <code>Document</code></span> is non-null, and <code>about:blank</code> otherwise.</p>
   </div>
 
+  <div algorithm>
+  <p>An element implementing the <code>Location</code> interface has the following <span>extract an
+  origin</span> steps:</p>
+
+  <ol>
+   <li><p>If <span>this</span>'s <span>relevant <code>Document</code></span> is non-null and its
+   <span data-x="concept-document-origin">origin</span> is not <span>same origin-domain</span> with
+   the <span>entry settings object</span>'s
+   <span data-x="concept-settings-object-origin">origin</span>, then return null.</p></li>
+
+   <li><p>Return <span>this</span>'s <span data-x="concept-location-url">url</span>'s
+   <span data-x="concept-url-origin">origin</span>.</p></li>
+  </ol>
+  </div>
+
   <div algorithm>
   <p>A <code>Location</code> object has an associated <dfn
   data-x="concept-location-ancestor-origins-list">ancestor origins list</dfn>. When a
@@ -123029,6 +123162,24 @@ document.body.appendChild(frame)</code></pre>
   capability</span>.</p>
   </div>
 
+  <div algorithm>
+  <p>An element implementing the <code>WindowOrWorkerGlobalScope</code> mixin has the following
+  <span>extract an origin</span> steps:</p>
+
+  <ol>
+   <li><p>If <span>this</span>'s <span>relevant settings object</span>'s <span
+   data-x="concept-settings-object-origin">origin</span> is not <span>same origin-domain</span>
+   with the <span>entry settings object</span>'s <span
+   data-x="concept-settings-object-origin">origin</span>, then return null.</p></li>
+
+   <li><p>Return <span>this</span>'s return <span>this</span>'s <span>relevant settings
+   object</span>'s <span data-x="concept-settings-object-origin">origin</span>.</p></li>
+  </ol>
+
+  <p class="note">Since these objects are potentially accessible cross-origin (e.g., through
+  <code>WindowProxy</code>), we need a security check here before granting access to the origin.</p>
+  </div>
+
   </div>
 
 
@@ -127539,6 +127690,12 @@ typedef (<span>WindowProxy</span> or <span>MessagePort</span> or <span>ServiceWo
   <span data-x="concept-url-fragment">fragment</span>).</p>
   </div>
 
+  <div algorithm>
+  <p>Objects implementing the <code>MessageEvent</code> interface's <span>extract an origin</span>
+  steps are to return <span>this</span>'s <span>relevant settings object</span>'s
+  <span data-x="concept-settings-object-origin">origin</span>.</p>
+  </div>
+
   <div algorithm>
   <p>The <dfn attribute for="MessageEvent"><code
   data-x="dom-MessageEvent-lastEventId">lastEventId</code></dfn> attribute must return the value it
@@ -131655,6 +131812,14 @@ interface <dfn interface>WorkerLocation</dfn> {
 
   <div w-nodev>
 
+  <div algorithm>
+  <p>Objects implementing the <code>WorkerLocation</code> interface's <span>extract an origin</span>
+  steps are to return <span>this</span>'s <span
+  data-x="concept-WorkerLocation-WorkerGlobalScope"><code>WorkerGlobalScope</code> object</span>'s
+  <span data-x="concept-WorkerGlobalScope-url">url</span>'s <span
+  data-x="concept-url-origin">origin</span>.</p>
+  </div>
+
   <p>A <code>WorkerLocation</code> object has an associated <dfn
   data-x="concept-WorkerLocation-WorkerGlobalScope"><code>WorkerGlobalScope</code> object</dfn> (a
   <code>WorkerGlobalScope</code> object).