User agents fall into several (overlapping) categories with different conformance requirements.

Web browsers and other interactive user agents

Web browsers that support the XHTML syntax must process elements and attributes from the HTML namespace found in XML documents as described in this specification, so that users can interact with them, unless the semantics of those elements have been overridden by other specifications.

A conforming XHTML processor would, upon finding an XHTML script element in an XML document, execute the script contained in that element. However, if the element is found within a transformation expressed in XSLT (assuming the user agent also supports XSLT), then the processor would instead treat the script element as an opaque element that forms part of the transform.

Web browsers that support the HTML syntax must process documents labeled as text/html as described in this specification, so that users can interact with them.

User agents that support scripting must also be conforming implementations of the IDL fragments in this specification, as described in the Web IDL specification. [WEBIDL]

Non-interactive presentation user agents

User agents that process HTML and XHTML documents purely to render non-interactive versions of them must comply to the same conformance criteria as Web browsers, except that they are exempt from requirements regarding user interaction.

Typical examples of non-interactive presentation user agents are printers (static UAs) and overhead displays (dynamic UAs). It is expected that most static non-interactive presentation user agents will also opt to lack scripting support.

A non-interactive but dynamic presentation UA would still execute scripts, allowing forms to be dynamically submitted, and so forth. However, since the concept of "focus" is irrelevant when the user cannot interact with the document, the UA would not need to support any of the focus-related DOM APIs.

User agents with no scripting support

Implementations that do not support scripting (or which have their scripting features disabled entirely) are exempt from supporting the events and DOM interfaces mentioned in this specification. For the parts of this specification that are defined in terms of an events model or in terms of the DOM, such user agents must still act as if events and the DOM were supported.

Scripting can form an integral part of an application. Web browsers that do not support scripting, or that have scripting disabled, might be unable to fully convey the author's intent.

Conformance checkers

Conformance checkers must verify that a document conforms to the applicable conformance criteria described in this specification. Automated conformance checkers are exempt from detecting errors that require interpretation of the author's intent (for example, while a document is non-conforming if the content of a blockquote element is not a quote, conformance checkers running without the input of human judgement do not have to check that blockquote elements only contain quoted material).

Conformance checkers must check that the input document conforms when parsed without a browsing context (meaning that no scripts are run, and that the parser's scripting flag is disabled), and should also check that the input document conforms when parsed with a browsing context in which scripts execute, and that the scripts never cause non-conforming states to occur other than transiently during script execution itself. (This is only a "SHOULD" and not a "MUST" requirement because it has been proven to be impossible. [COMPUTABLE])

The term "HTML5 validator" can be used to refer to a conformance checker that itself conforms to the applicable requirements of this specification.

XML DTDs cannot express all the conformance requirements of this specification. Therefore, a validating XML processor and a DTD cannot constitute a conformance checker. Also, since neither of the two authoring formats defined in this specification are applications of SGML, a validating SGML system cannot constitute a conformance checker either.

To put it another way, there are three types of conformance criteria:

1. Criteria that can be expressed in a DTD.
2. Criteria that cannot be expressed by a DTD, but can still be checked by a machine.
3. Criteria that can only be checked by a human.

A conformance checker must check for the first two. A simple DTD-based validator only checks for the first class of errors and is therefore not a conforming conformance checker according to this specification.

Data mining tools

Applications and tools that process HTML and XHTML documents for reasons other than to either render the documents or check them for conformance should act in accordance to the semantics of the documents that they process.

A tool that generates document outlines but increases the nesting level for each paragraph and does not increase the nesting level for each section would not be conforming.

Authoring tools and markup generators

Authoring tools and markup generators must generate conforming documents. Conformance criteria that apply to authors also apply to authoring tools, where appropriate.

Authoring tools are exempt from the strict requirements of using elements only for their specified purpose, but only to the extent that authoring tools are not yet able to determine author intent.

For example, it is not conforming to use an address element for arbitrary contact information; that element can only be used for marking up contact information for the author of the document or section. However, since an authoring tool is likely unable to determine the difference, an authoring tool is exempt from that requirement.

In terms of conformance checking, an editor is therefore required to output documents that conform to the same extent that a conformance checker will verify.

When an authoring tool is used to edit a non-conforming document, it may preserve the conformance errors in sections of the document that were not edited during the editing session (i.e. an editing tool is allowed to round-trip erroneous content). However, an authoring tool must not claim that the output is conformant if errors have been so preserved.

Authoring tools are expected to come in two broad varieties: tools that work from structure or semantic data, and tools that work on a What-You-See-Is-What-You-Get media-specific editing basis (WYSIWYG).

The former is the preferred mechanism for tools that author HTML, since the structure in the source information can be used to make informed choices regarding which HTML elements and attributes are most appropriate.

However, WYSIWYG tools are legitimate. WYSIWYG tools should use elements they know are appropriate, and should not use elements that they do not know to be appropriate. This might in certain extreme cases mean limiting the use of flow elements to just a few elements, like div, b, i, and span and making liberal use of the style attribute.

All authoring tools, whether WYSIWYG or not, should make a best effort attempt at enabling users to create well-structured, semantically rich, media-independent content.

Some conformance requirements are phrased as requirements on elements, attributes, methods or objects. Such requirements fall into two categories: those describing content model restrictions, and those describing implementation behavior. Those in the former category are requirements on documents and authoring tools. Those in the second category are requirements on user agents.

Conformance requirements phrased as algorithms or specific steps may be implemented in any manner, so long as the end result is equivalent. (In particular, the algorithms defined in this specification are intended to be easy to follow, and not intended to be performant.)

User agents may impose implementation-specific limits on otherwise unconstrained inputs, e.g. to prevent denial of service attacks, to guard against running out of memory, or to work around platform-specific limitations.

Dependencies

This specification relies on several other underlying specifications.

XML

Implementations that support the XHTML syntax must support some version of XML, as well as its corresponding namespaces specification, because that syntax uses an XML serialization with namespaces. [XML] [XMLNAMES]

DOM

The Document Object Model (DOM) is a representation — a model — of a document and its content. The DOM is not just an API; the conformance criteria of HTML implementations are defined, in this specification, in terms of operations on the DOM. [DOM3CORE]

Implementations must support some version of DOM Core and DOM Events, because this specification is defined in terms of the DOM, and some of the features are defined as extensions to the DOM Core interfaces. [DOM3CORE] [DOM3EVENTS]

Web IDL

The IDL fragments in this specification must be interpreted as required for conforming IDL fragments, as described in the Web IDL specification. [WEBIDL]

Unless otherwise specified, if a DOM attribute that is a floating point number type (float) is assigned an Infinity or Not-a-Number value, a NOT_SUPPORTED_ERR exception must be raised.

Unless otherwise specified, if a method with an argument that is a floating point number type (float) is passed an Infinity or Not-a-Number value, a NOT_SUPPORTED_ERR exception must be raised.

JavaScript

Some parts of the language described by this specification only support JavaScript as the underlying scripting language. [ECMA262]

The term "JavaScript" is used to refer to ECMA262, rather than the official term ECMAScript, since the term JavaScript is more widely known. Similarly, the MIME type used to refer to JavaScript in this specification is text/javascript, since that is the most commonly used type, despite it being an officially obsoleted type according to RFC 4329. [RFC4329]

Media Queries

Implementations must support some version of the Media Queries language. [MQ]

This specification does not require support of any particular network transport protocols, style sheet language, scripting language, or any of the DOM and WebAPI specifications beyond those described above. However, the language described by this specification is biased towards CSS as the styling language, JavaScript as the scripting language, and HTTP as the network protocol, and several features assume that those languages and protocols are in use.

This specification might have certain additional requirements on character encodings, image formats, audio formats, and video formats in the respective sections.

Extensibility

Vendor-specific proprietary extensions to this specification are strongly discouraged. Documents must not use such extensions, as doing so reduces interoperability and fragments the user base, allowing only users of specific user agents to access the content in question.

If markup extensions are needed, they should be done using XML, with elements or attributes from custom namespaces. If DOM extensions are needed, the members should be prefixed by vendor-specific strings to prevent clashes with future versions of this specification. Extensions must be defined so that the use of extensions does not contradict nor cause the non-conformance of functionality defined in the specification.

User agents must treat elements and attributes that they do not understand as semantically neutral; leaving them in the DOM (for DOM processors), and styling them according to CSS (for CSS processors), but not inferring any meaning from them.

Converting a string to ASCII uppercase means replacing all characters in the range U+0061 .. U+007A (i.e. LATIN SMALL LETTER A to LATIN SMALL LETTER Z) with the corresponding characters in the range U+0041 .. U+005A (i.e. LATIN CAPITAL LETTER A to LATIN CAPITAL LETTER Z).

Converting a string to ASCII lowercase means replacing all characters in the range U+0041 .. U+005A (i.e. LATIN CAPITAL LETTER A to LATIN CAPITAL LETTER Z) with the corresponding characters in the range U+0061 .. U+007A (i.e. LATIN SMALL LETTER A to LATIN SMALL LETTER Z).

Implementors are strongly urged to carefully examine any third-party libraries they might consider using to implement the parsing of syntaxes described below. For example, date libraries are likely to implement error handling behavior that differs from what is required in this specification, since error-handling behavior is often not defined in specifications that describe date syntaxes similar to those used in this specification, and thus implementations tend to vary greatly in how they handle errors.

Common parser idioms

The space characters, for the purposes of this specification, are U+0020 SPACE, U+0009 CHARACTER TABULATION (tab), U+000A LINE FEED (LF), U+000C FORM FEED (FF), and U+000D CARRIAGE RETURN (CR).

The White_Space characters are those that have the Unicode property "White_Space". [UNICODE]

The alphanumeric ASCII characters are those in the ranges U+0030 DIGIT ZERO .. U+0039 DIGIT NINE, U+0041 LATIN CAPITAL LETTER A .. U+005A LATIN CAPITAL LETTER Z, U+0061 LATIN SMALL LETTER A .. U+007A LATIN SMALL LETTER Z.

Some of the micro-parsers described below follow the pattern of having an input variable that holds the string being parsed, and having a position variable pointing at the next character to parse in input.

For parsers based on this pattern, a step that requires the user agent to collect a sequence of characters means that the following algorithm must be run, with characters being the set of characters that can be collected:

1. Let input and position be the same variables as those of the same name in the algorithm that invoked these steps.

2. Let result be the empty string.

3. While position doesn't point past the end of input and the character at position is one of the characters, append that character to the end of result and advance position to the next character in input.

4. Return result.

The step skip whitespace means that the user agent must collect a sequence of characters that are space characters. The step skip White_Space characters means that the user agent must collect a sequence of characters that are White_Space characters. In both cases, the collected characters are not used. [UNICODE]

When a user agent is to strip line breaks from a string, the user agent must remove any U+000A LINE FEED (LF) and U+000D CARRIAGE RETURN (CR) characters from that string.

The code-point length of a string is the number of Unicode code points in that string.

The rules for parsing non-negative integers are as given in the following algorithm. When invoked, the steps must be followed in the order given, aborting at the first step that returns a value. This algorithm will either return zero, a positive integer, or an error. Leading spaces are ignored. Trailing spaces and any trailing garbage characters are ignored.

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Let value have the value 0.

4. Skip whitespace.

5. If position is past the end of input, return an error.

6. If the next character is a U+002B PLUS SIGN character (+), advance position to the next character.

7. If position is past the end of input, return an error.

8. If the next character is not one of U+0030 DIGIT ZERO (0) .. U+0039 DIGIT NINE (9), then return an error.

9. Loop: If the next character is one of U+0030 DIGIT ZERO (0) .. U+0039 DIGIT NINE (9):

   1. Multiply value by ten.
   2. Add the value of the current character (0..9) to value.
   3. Advance position to the next character.
   4. If position is not past the end of input, return to the top of the step labeled loop in the overall algorithm (that's the step within which these substeps find themselves).

10. Return value.

The rules for parsing integers are similar to the rules for non-negative integers, and are as given in the following algorithm. When invoked, the steps must be followed in the order given, aborting at the first step that returns a value. This algorithm will either return an integer or an error. Leading spaces are ignored. Trailing spaces and trailing garbage characters are ignored.

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Let value have the value 0.

4. Let sign have the value "positive".

5. Skip whitespace.

6. If position is past the end of input, return an error.

7. If the character indicated by position (the first character) is a U+002D HYPHEN-MINUS ("-") character:

   1. Let sign be "negative".
   2. Advance position to the next character.
   3. If position is past the end of input, return an error.

8. If the next character is not one of U+0030 DIGIT ZERO (0) .. U+0039 DIGIT NINE (9), then return an error.

9. If the next character is one of U+0030 DIGIT ZERO (0) .. U+0039 DIGIT NINE (9):

   1. Multiply value by ten.
   2. Add the value of the current character (0..9) to value.
   3. Advance position to the next character.
   4. If position is not past the end of input, return to the top of step 9 in the overall algorithm (that's the step within which these substeps find themselves).

10. If sign is "positive", return value, otherwise return 0-value.

The best representation of the floating point number n is the string obtained from applying the JavaScript operator ToString to n.

The rules for parsing floating point number values are as given in the following algorithm. As with the previous algorithms, when this one is invoked, the steps must be followed in the order given, aborting at the first step that returns something. This algorithm will either return a number or an error. Leading spaces are ignored. Trailing spaces and garbage characters are ignored.

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Let value have the value 1.

4. Let divisor have the value 1.

5. Let exponent have the value 1.

6. Skip whitespace.

7. If position is past the end of input, return an error.

8. If the character indicated by position is a U+002D HYPHEN-MINUS ("-") character:

   1. Change value and divisor to −1.
   2. Advance position to the next character.
   3. If position is past the end of input, return an error.

9. If the character indicated by position is not one of U+0030 DIGIT ZERO (0) .. U+0039 DIGIT NINE (9), then return an error.

10. Collect a sequence of characters in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9), and interpret the resulting sequence as a base-ten integer. Multiply value by that integer.

11. If position is past the end of input, return value.

12. If the character indicated by position is a U+002E FULL STOP ("."), run these substeps:

    1. Advance position to the next character.

    2. If position is past the end of input, or if the character indicated by position is not one of U+0030 DIGIT ZERO (0) .. U+0039 DIGIT NINE (9), then return value.

    3. Fraction loop: Multiply divisor by ten.

    4. Add the value of the current character interpreted as a base-ten digit (0..9) divided by divisor, to value.

    5. Advance position to the next character.

    6. If position is past the end of input, then return value.

    7. If the character indicated by position is one of U+0030 DIGIT ZERO (0) .. U+0039 DIGIT NINE (9), return to the step labeled fraction loop in these substeps.

13. If the character indicated by position is a U+0065 LATIN SMALL LETTER E character or a U+0045 LATIN CAPITAL LETTER E character, run these substeps:

    1. Advance position to the next character.

    2. If position is past the end of input, then return value.

    3. If the character indicated by position is a U+002D HYPHEN-MINUS ("-") character:

       1. Change exponent to −1.
       2. Advance position to the next character.

       3. If position is past the end of input, then return value.

       Otherwise, if the character indicated by position is a U+002B PLUS SIGN ("+") character:

       1. Advance position to the next character.

       2. If position is past the end of input, then return value.

    4. If the character indicated by position is not one of U+0030 DIGIT ZERO (0) .. U+0039 DIGIT NINE (9), then return value.

    5. Collect a sequence of characters in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9), and interpret the resulting sequence as a base-ten integer. Multiply exponent by that integer.

    6. Multiply value by ten raised to the exponentth power.

14. Return value.

The steps for finding one or two numbers of a ratio in a string are as follows:

1. If the string is empty, then return nothing and abort these steps.
2. Find a number in the string according to the algorithm below, starting at the start of the string.
3. If the sub-algorithm in step 2 returned nothing or returned an error condition, return nothing and abort these steps.
4. Set number1 to the number returned by the sub-algorithm in step 2.
5. Starting with the character immediately after the last one examined by the sub-algorithm in step 2, skip all White_Space characters in the string (this might match zero characters).
6. If there are still further characters in the string, and the next character in the string is a valid denominator punctuation character, set denominator to that character.
7. If the string contains any other characters in the range U+0030 DIGIT ZERO to U+0039 DIGIT NINE, but denominator was given a value in the step 6, return nothing and abort these steps.
8. Otherwise, if denominator was given a value in step 6, return number1 and denominator and abort these steps.
9. Find a number in the string again, starting immediately after the last character that was examined by the sub-algorithm in step 2.
10. If the sub-algorithm in step 9 returned nothing or an error condition, return number1 and abort these steps.
11. Set number2 to the number returned by the sub-algorithm in step 9.
12. Starting with the character immediately after the last one examined by the sub-algorithm in step 9, skip all White_Space characters in the string (this might match zero characters).
13. If there are still further characters in the string, and the next character in the string is a valid denominator punctuation character, return nothing and abort these steps.
14. If the string contains any other characters in the range U+0030 DIGIT ZERO to U+0039 DIGIT NINE, return nothing and abort these steps.
15. Otherwise, return number1 and number2.

The algorithm to find a number is as follows. It is given a string and a starting position, and returns either nothing, a number, or an error condition.

1. Starting at the given starting position, ignore all characters in the given string until the first character that is either a U+002E FULL STOP or one of the ten characters in the range U+0030 DIGIT ZERO to U+0039 DIGIT NINE.
2. If there are no such characters, return nothing and abort these steps.
3. Starting with the character matched in step 1, collect all the consecutive characters that are either a U+002E FULL STOP or one of the ten characters in the range U+0030 DIGIT ZERO to U+0039 DIGIT NINE, and assign this string of one or more characters to string.
4. If string consists of just a single U+002E FULL STOP character or if it contains more than one U+002E FULL STOP character then return an error condition and abort these steps.
5. Parse string according to the rules for parsing floating point number values, to obtain number. This step cannot fail (string is guaranteed to be a valid floating point number).
6. Return number.

Percentages and lengths

The rules for parsing dimension values are as given in the following algorithm. When invoked, the steps must be followed in the order given, aborting at the first step that returns a value. This algorithm will either return a number greater than or equal to 1.0, or an error; if a number is returned, then it is further categorized as either a percentage or a length.

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Skip whitespace.

4. If position is past the end of input, return an error.

5. If the next character is a U+002B PLUS SIGN character (+), advance position to the next character.

6. Collect a sequence of characters that are U+0030 DIGIT ZERO (0) characters, and discard them.

7. If position is past the end of input, return an error.

8. If the next character is not one of U+0031 DIGIT ONE (1) .. U+0039 DIGIT NINE (9), then return an error.

9. Collect a sequence of characters in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9), and interpret the resulting sequence as a base-ten integer. Let value be that number.

10. If position is past the end of input, return value as an integer.

11. If the next character is a U+002E FULL STOP character (.):

    1. Advance position to the next character.

    2. If the next character is not one of U+0030 DIGIT ZERO (0) .. U+0039 DIGIT NINE (9), then return value as an integer.

    3. Collect a sequence of characters in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9). Let length be the number of characters collected. Let fraction be the result of interpreting the collected characters as a base-ten integer, and then dividing that number by 10^length.

    4. Increment value by fraction.

12. If position is past the end of input, return value as a length.

13. If the next character is a U+0025 PERCENT SIGN character (%), return value as a percentage.

14. Return value as a length.

The rules for parsing a list of integers are as follows:

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Let numbers be an initially empty list of integers. This list will be the result of this algorithm.

4. If there is a character in the string input at position position, and it is either a U+0020 SPACE, U+002C COMMA, or U+003B SEMICOLON character, then advance position to the next character in input, or to beyond the end of the string if there are no more characters.

5. If position points to beyond the end of input, return numbers and abort.

6. If the character in the string input at position position is a U+0020 SPACE, U+002C COMMA, or U+003B SEMICOLON character, then return to step 4.

7. Let negated be false.

8. Let value be 0.

9. Let started be false. This variable is set to true when the parser sees a number or a U+002D HYPHEN-MINUS ("-") character.

10. Let got number be false. This variable is set to true when the parser sees a number.

11. Let finished be false. This variable is set to true to switch parser into a mode where it ignores characters until the next separator.

12. Let bogus be false.

13. Parser: If the character in the string input at position position is:

    A U+002D HYPHEN-MINUS character

    Follow these substeps:

    1. If got number is true, let finished be true.
    2. If finished is true, skip to the next step in the overall set of steps.
    3. If started is true, let negated be false.
    4. Otherwise, if started is false and if bogus is false, let negated be true.
    5. Let started be true.

    A character in the range U+0030 DIGIT ZERO .. U+0039 DIGIT NINE

    Follow these substeps:

    1. If finished is true, skip to the next step in the overall set of steps.
    2. Multiply value by ten.
    3. Add the value of the digit, interpreted in base ten, to value.
    4. Let started be true.
    5. Let got number be true.

    A U+0020 SPACE character

    A U+002C COMMA character

    A U+003B SEMICOLON character

    Follow these substeps:

    1. If got number is false, return the numbers list and abort. This happens if an entry in the list has no digits, as in "1,2,x,4".
    2. If negated is true, then negate value.
    3. Append value to the numbers list.
    4. Jump to step 4 in the overall set of steps.

    A character in the range U+0001 .. U+001F, U+0021 .. U+002B, U+002D .. U+002F, U+003A, U+003C .. U+0040, U+005B .. U+0060, U+007b .. U+007F (i.e. any other non-alphabetic ASCII character)

    Follow these substeps:

    1. If got number is true, let finished be true.
    2. If finished is true, skip to the next step in the overall set of steps.
    3. Let negated be false.

    Any other character

    Follow these substeps:

    1. If finished is true, skip to the next step in the overall set of steps.
    2. Let negated be false.
    3. Let bogus be true.
    4. If started is true, then return the numbers list, and abort. (The value in value is not appended to the list first; it is dropped.)

14. Advance position to the next character in input, or to beyond the end of the string if there are no more characters.

15. If position points to a character (and not to beyond the end of input), jump to the big Parser step above.

16. If negated is true, then negate value.

17. If got number is true, then append value to the numbers list.

18. Return the numbers list and abort.

Lists of dimensions

The rules for parsing a list of dimensions are as follows. These rules return a list of zero or more pairs consisting of a number and a unit, the unit being one of percentage, relative, and absolute.

1. Let raw input be the string being parsed.

2. If the last character in raw input is a U+002C COMMA character (","), then remove that character from raw input.

3. Split the string raw input on commas. Let raw tokens be the resulting list of tokens.

4. Let result be an empty list of number/unit pairs.

5. For each token in raw tokens, run the following substeps:

   1. Let input be the token.

   2. Let position be a pointer into input, initially pointing at the start of the string.

   3. Let value be the number 0.

   4. Let unit be absolute.

   5. If position is past the end of input, set unit to relative and jump to the last substep.

   6. If the character at position is a character in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9), collect a sequence of characters in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9), interpret the resulting sequence as an integer in base ten, and increment value by that integer.

   7. If the character at position is a U+002E FULL STOP character (.), run these substeps:

      1. Collect a sequence of characters consisting of space characters and characters in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9). Let s be the resulting sequence.

      2. Remove all space characters in s.

      3. If s is not the empty string, run these subsubsteps:

         1. Let length be the number of characters in s (after the spaces were removed).

         2. Let fraction be the result of interpreting s as a base-ten integer, and then dividing that number by 10^length.

         3. Increment value by fraction.

   8. Skip whitespace.

   9. If the character at position is a U+0025 PERCENT SIGN (%) character, then set unit to percentage.

      Otherwise, if the character at position is a U+002A ASTERISK character (*), then set unit to relative.

   10. Add an entry to result consisting of the number given by value and the unit given by unit.

6. Return the list result.

The rules to parse a month string are as follows. This will either return a year and month, or nothing. If at any point the algorithm says that it "fails", this means that it is aborted at that point and returns nothing.

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Parse a month component to obtain year and month. If this returns nothing, then fail.

4. If position is not beyond the end of input, then fail.

5. Return year and month.

The rules to parse a month component, given an input string and a position, are as follows. This will either return a year and a month, or nothing. If at any point the algorithm says that it "fails", this means that it is aborted at that point and returns nothing.

1. Collect a sequence of characters in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9). If the collected sequence is not at least four characters long, then fail. Otherwise, interpret the resulting sequence as a base-ten integer. Let that number be the year.

2. If year is not a number greater than zero, then fail.

3. If position is beyond the end of input or if the character at position is not a U+002D HYPHEN-MINUS character, then fail. Otherwise, move position forwards one character.

4. Collect a sequence of characters in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9). If the collected sequence is not exactly two characters long, then fail. Otherwise, interpret the resulting sequence as a base-ten integer. Let that number be the month.

5. If month is not a number in the range 1 ≤ month ≤ 12, then fail.

6. Return year and month.

The rules to parse a date string are as follows. This will either return a date, or nothing. If at any point the algorithm says that it "fails", this means that it is aborted at that point and returns nothing.

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Parse a date component to obtain year, month, and day. If this returns nothing, then fail.

4. If position is not beyond the end of input, then fail.

5. Let date be the date with year year, month month, and day day.

6. Return date.

The rules to parse a date component, given an input string and a position, are as follows. This will either return a year, a month, and a day, or nothing. If at any point the algorithm says that it "fails", this means that it is aborted at that point and returns nothing.

1. Parse a month component to obtain year and month. If this returns nothing, then fail.

2. Let maxday be the number of days in month month of year year.

3. If position is beyond the end of input or if the character at position is not a U+002D HYPHEN-MINUS character, then fail. Otherwise, move position forwards one character.

4. Collect a sequence of characters in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9). If the collected sequence is not exactly two characters long, then fail. Otherwise, interpret the resulting sequence as a base-ten integer. Let that number be the day.

5. If day is not a number in the range 1 ≤ month ≤ maxday, then fail.

6. Return year, month, and day.

The rules to parse a time string are as follows. This will either return a time, or nothing. If at any point the algorithm says that it "fails", this means that it is aborted at that point and returns nothing.

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Parse a time component to obtain hour, minute, and second. If this returns nothing, then fail.

4. If position is not beyond the end of input, then fail.

5. Let time be the time with hour hour, minute minute, and second second.

6. Return time.

The rules to parse a time component, given an input string and a position, are as follows. This will either return an hour, a minute, and a second, or nothing. If at any point the algorithm says that it "fails", this means that it is aborted at that point and returns nothing.

1. Collect a sequence of characters in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9). If the collected sequence is not exactly two characters long, then fail. Otherwise, interpret the resulting sequence as a base-ten integer. Let that number be the hour.

2. If hour is not a number in the range 0 ≤ hour ≤ 23, then fail.

3. If position is beyond the end of input or if the character at position is not a U+003A COLON character, then fail. Otherwise, move position forwards one character.

4. Collect a sequence of characters in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9). If the collected sequence is not exactly two characters long, then fail. Otherwise, interpret the resulting sequence as a base-ten integer. Let that number be the minute.

5. If minute is not a number in the range 0 ≤ minute ≤ 59, then fail.

6. Let second be a string with the value "0".

7. If position is not beyond the end of input and the character at position is a U+003A COLON, then run these substeps:

   1. Advance position to the next character in input.

   2. If position is beyond the end of input, or at the last character in input, or if the next two characters in input starting at position are not two characters both in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9), then fail.

   3. Collect a sequence of characters that are either characters in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9) or U+002E FULL STOP characters. If the collected sequence has more than one U+002E FULL STOP characters, or if the last character in the sequence is a U+002E FULL STOP character, then fail. Otherwise, let the collected string be second instead of its previous value.

8. Interpret second as a base-ten number (possibly with a fractional part). Let second be that number instead of the string version.

9. If second is not a number in the range 0 ≤ second < 60, then fail.

10. Return hour, minute, and second.

The rules to parse a local date and time string are as follows. This will either return a date and time, or nothing. If at any point the algorithm says that it "fails", this means that it is aborted at that point and returns nothing.

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Parse a date component to obtain year, month, and day. If this returns nothing, then fail.

4. If position is beyond the end of input or if the character at position is not a U+0054 LATIN CAPITAL LETTER T character then fail. Otherwise, move position forwards one character.

5. Parse a time component to obtain hour, minute, and second. If this returns nothing, then fail.

6. If position is not beyond the end of input, then fail.

7. Let date be the date with year year, month month, and day day.

8. Let time be the time with hour hour, minute minute, and second second.

9. Return date and time.

The rules to parse a global date and time string are as follows. This will either return a time in UTC, with associated time-zone information for round tripping or display purposes, or nothing. If at any point the algorithm says that it "fails", this means that it is aborted at that point and returns nothing.

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Parse a date component to obtain year, month, and day. If this returns nothing, then fail.

4. If position is beyond the end of input or if the character at position is not a U+0054 LATIN CAPITAL LETTER T character then fail. Otherwise, move position forwards one character.

5. Parse a time component to obtain hour, minute, and second. If this returns nothing, then fail.

6. If position is beyond the end of input, then fail.

7. Parse a time-zone component to obtain timezone_hours and timezone_minutes. If this returns nothing, then fail.

8. If position is not beyond the end of input, then fail.

9. Let time be the moment in time at year year, month month, day day, hours hour, minute minute, second second, subtracting timezone_hours hours and timezone_minutes minutes. That moment in time is a moment in the UTC time zone.

10. Let timezone be timezone_hours hours and timezone_minutes minutes from UTC.

11. Return time and timezone.

The rules to parse a time-zone component, given an input string and a position, are as follows. This will either return time-zone hours and time-zone minutes, or nothing. If at any point the algorithm says that it "fails", this means that it is aborted at that point and returns nothing.

1. If the character at position is a U+005A LATIN CAPITAL LETTER Z, then:

   1. Let timezone_hours be 0.

   2. Let timezone_minutes be 0.

   3. Advance position to the next character in input.

   Otherwise, if the character at position is either a U+002B PLUS SIGN ("+") or a U+002D HYPHEN-MINUS ("-"), then:

   1. If the character at position is a U+002B PLUS SIGN ("+"), let sign be "positive". Otherwise, it's a U+002D HYPHEN-MINUS ("-"); let sign be "negative".

   2. Advance position to the next character in input.

   3. Collect a sequence of characters in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9). If the collected sequence is not exactly two characters long, then fail. Otherwise, interpret the resulting sequence as a base-ten integer. Let that number be the timezone_hours.

   4. If timezone_hours is not a number in the range 0 ≤ timezone_hours ≤ 23, then fail.
   5. If sign is "negative", then negate timezone_hours.

   6. If position is beyond the end of input or if the character at position is not a U+003A COLON character, then fail. Otherwise, move position forwards one character.

   7. Collect a sequence of characters in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9). If the collected sequence is not exactly two characters long, then fail. Otherwise, interpret the resulting sequence as a base-ten integer. Let that number be the timezone_minutes.

   8. If timezone_minutes is not a number in the range 0 ≤ timezone_minutes ≤ 59, then fail.
   9. If sign is "negative", then negate timezone_minutes.

2. Return timezone_hours and timezone_minutes.

The rules to parse a week string are as follows. This will either return a week-year number and week number, or nothing. If at any point the algorithm says that it "fails", this means that it is aborted at that point and returns nothing.

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Collect a sequence of characters in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9). If the collected sequence is not at least four characters long, then fail. Otherwise, interpret the resulting sequence as a base-ten integer. Let that number be the year.

4. If year is not a number greater than zero, then fail.

5. If position is beyond the end of input or if the character at position is not a U+002D HYPHEN-MINUS character, then fail. Otherwise, move position forwards one character.

6. If position is beyond the end of input or if the character at position is not a U+0057 LATIN CAPITAL LETTER W character, then fail. Otherwise, move position forwards one character.

7. Collect a sequence of characters in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9). If the collected sequence is not exactly two characters long, then fail. Otherwise, interpret the resulting sequence as a base-ten integer. Let that number be the week.

8. Let maxweek be the week number of the last day of year year.

9. If week is not a number in the range 1 ≤ week ≤ maxweek, then fail.

10. If position is not beyond the end of input, then fail.

11. Return the week-year number year and the week number week.

The rules to parse a date or time string are as follows. The algorithm is invoked with a flag indicating if the in attribute variant or the in content variant is to be used. The algorithm will either return a date, a time, a global date and time, or nothing. If at any point the algorithm says that it "fails", this means that it is aborted at that point and returns nothing.

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. For the in content variant: skip White_Space characters.

4. Set start position to the same position as position.

5. Set the date present and time present flags to true.

6. Parse a date component to obtain year, month, and day. If this fails, then set the date present flag to false.

7. If date present is true, and position is not beyond the end of input, and the character at position is a U+0054 LATIN CAPITAL LETTER T character, then advance position to the next character in input.

   Otherwise, if date present is true, and either position is beyond the end of input or the character at position is not a U+0054 LATIN CAPITAL LETTER T character, then set time present to false.

   Otherwise, if date present is false, set position back to the same position as start position.

8. If the time present flag is true, then parse a time component to obtain hour, minute, and second. If this returns nothing, then set the time present flag to false.

9. If both the date present and time present flags are false, then fail.

10. If the time present flag is true, but position is beyond the end of input, then fail.

11. If the date present and time present flags are both true, parse a time-zone component to obtain timezone_hours and timezone_minutes. If this returns nothing, then fail.

12. For the in content variant: skip White_Space characters.

13. If position is not beyond the end of input, then fail.

14. If the date present flag is true and the time present flag is false, then let date be the date with year year, month month, and day day, and return date.

    Otherwise, if the time present flag is true and the date present flag is false, then let time be the time with hour hour, minute minute, and second second, and return time.

    Otherwise, let time be the moment in time at year year, month month, day day, hours hour, minute minute, second second, subtracting timezone_hours hours and timezone_minutes minutes, that moment in time being a moment in the UTC time zone; let timezone be timezone_hours hours and timezone_minutes minutes from UTC; and return time and timezone.

The rules for parsing simple color values are as given in the following algorithm. When invoked, the steps must be followed in the order given, aborting at the first step that returns a value. This algorithm will either return a simple color or an error.

1. Let input be the string being parsed.

2. If input is not exactly seven characters long, then return an error.

3. If the first character in input is not a U+0023 NUMBER SIGN (#) character, then return an error.

4. If the last six characters of input are not all in the range U+0030 DIGIT ZERO (0) .. U+0039 DIGIT NINE (9), U+0041 LATIN CAPITAL LETTER A .. U+0046 LATIN CAPITAL LETTER F, U+0061 LATIN SMALL LETTER A .. U+0066 LATIN SMALL LETTER F, then return an error.

5. Let result be a simple color.

6. Interpret the second and third characters as a hexadecimal number and let the result be the red component of result.

7. Interpret the fourth and fifth characters as a hexadecimal number and let the result be the green component of result.

8. Interpret the sixth and seventh characters as a hexadecimal number and let the result be the blue component of result.

9. Return result.

The rules for serializing simple color values given a simple color are as given in the following algorithm:

1. Let result be a string consisting of a single U+0023 NUMBER SIGN (#) character.

2. Convert the red, green, and blue components in turn to two-digit hexadecimal numbers using the digits U+0030 DIGIT ZERO (0) .. U+0039 DIGIT NINE (9) and U+0061 LATIN SMALL LETTER A .. U+0066 LATIN SMALL LETTER F, zero-padding if necessary, and append these numbers to result, in the order red, green, blue.

3. Return result, which will be a valid lowercase simple color.

Some obsolete legacy attributes parse colors in a more complicated manner, using the rules for parsing a legacy color value, which are given in the following algorithm. When invoked, the steps must be followed in the order given, aborting at the first step that returns a value. This algorithm will either return a simple color or an error.

1. Let input be the string being parsed.

2. If input is the empty string, then return an error.

3. If input is an ASCII case-insensitive match for the string "transparent", then return an error.

4. If input is an ASCII case-insensitive match for one of the keywords listed in the SVG color keywords or CSS2 System Colors sections of the CSS3 Color specification, then return the simple color corresponding to that keyword. [CSSCOLOR]

5. If input is four characters long, and the first character in input is a U+0023 NUMBER SIGN (#) character, and the last three characters of input are all in the range U+0030 DIGIT ZERO (0) .. U+0039 DIGIT NINE (9), U+0041 LATIN CAPITAL LETTER A .. U+0046 LATIN CAPITAL LETTER F, and U+0061 LATIN SMALL LETTER A .. U+0066 LATIN SMALL LETTER F, then run these substeps:

   1. Let result be a simple color.

   2. Interpret the second character of input as a hexadecimal digit; let the red component of result be the resulting number multiplied by 17.

   3. Interpret the third character of input as a hexadecimal digit; let the green component of result be the resulting number multiplied by 17.

   4. Interpret the fourth character of input as a hexadecimal digit; let the blue component of result be the resulting number multiplied by 17.

   5. Return result.

6. Replace any characters in input that have a Unicode code point greater than U+FFFF (i.e. any characters that are not in the basic multilingual plane) with the two-character string "00".

7. If input is longer than 128 characters, truncate input, leaving only the first 128 characters.

8. If the first character in input is a U+0023 NUMBER SIGN character (#), remove it.

9. Replace any character in input that is not in the range U+0030 DIGIT ZERO (0) .. U+0039 DIGIT NINE (9), U+0041 LATIN CAPITAL LETTER A .. U+0046 LATIN CAPITAL LETTER F, and U+0061 LATIN SMALL LETTER A .. U+0066 LATIN SMALL LETTER F with the character U+0030 DIGIT ZERO (0).

10. While input's length is zero or not a multiple of three, append a U+0030 DIGIT ZERO (0) character to input.

11. Split input into three strings of equal length, to obtain three components. Let length be the length of those components (one third the length of input).

12. If length is greater than 8, then remove the leading length-8 characters in each component, and let length be 8.

13. While length is greater than two and the first character in each component is a U+0030 DIGIT ZERO (0) character, remove that character and reduce length by one.

14. If length is still greater than two, truncate each component, leaving only the first two characters in each.

15. Let result be a simple color.

16. Interpret the first component as a hexadecimal number; let the red component of result be the resulting number.

17. Interpret the second component as a hexadecimal number; let the green component of result be the resulting number.

18. Interpret the third component as a hexadecimal number; let the blue component of result be the resulting number.

19. Return result.

When a user agent has to split a string on spaces, it must use the following algorithm:

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Let tokens be a list of tokens, initially empty.

4. Skip whitespace

5. While position is not past the end of input:

   1. Collect a sequence of characters that are not space characters.

   2. Add the string collected in the previous step to tokens.

   3. Skip whitespace

6. Return tokens.

When a user agent has to remove a token from a string, it must use the following algorithm:

1. Let input be the string being modified.

2. Let token be the token being removed. It will not contain any space characters.

3. Let output be the output string, initially empty.

4. Let position be a pointer into input, initially pointing at the start of the string.

5. If position is beyond the end of input, set the string being modified to output, and abort these steps.

6. If the character at position is a space character:

   1. Append the character at position to the end of output.

   2. Increment position so it points at the next character in input.

   3. Return to step 5 in the overall set of steps.

7. Otherwise, the character at position is the first character of a token. Collect a sequence of characters that are not space characters, and let that be s.

8. If s is exactly equal to token, then:

   1. Skip whitespace (in input).

   2. Remove any space characters currently at the end of output.

   3. If position is not past the end of input, and output is not the empty string, append a single U+0020 SPACE character at the end of output.

9. Otherwise, append s to the end of output.

10. Return to step 6 in the overall set of steps.

This causes any occurrences of the token to be removed from the string, and any spaces that were surrounding the token to be collapsed to a single space, except at the start and end of the string, where such spaces are removed.

When a user agent has to split a string on commas, it must use the following algorithm:

1. Let input be the string being parsed.

2. Let position be a pointer into input, initially pointing at the start of the string.

3. Let tokens be a list of tokens, initially empty.

4. Token: If position is past the end of input, jump to the last step.

5. Collect a sequence of characters that are not U+002C COMMA characters (,). Let s be the resulting sequence (which might be the empty string).

6. Remove any leading or trailing sequence of space characters from s.

7. Add s to tokens.

8. If position is not past the end of input, then the character at position is a U+002C COMMA character (,); advance position past that character.

9. Jump back to the step labeled token.

10. Return tokens.

To check if a string is a valid reversed DNS identifier, conformance checkers must run the following algorithm:

1. Apply the IDNA ToASCII algorithm to the string, with both the AllowUnassigned and UseSTD3ASCIIRules flags set, but between steps 2 and 3 of the general ToASCII/ToUnicode algorithm (i.e. after splitting the domain name into individual labels), reverse the order of the labels.

   If ToASCII fails to convert one of the components of the string, e.g. because it is too long or because it contains invalid characters, then the string is not valid; abort these steps. [RFC3490]

2. Check that the end of the resulting string matches a suffix in the Public Suffix List, and that there is at least one domain label before the matching substring. If it does not, or if there is not, then the string is not valid; abort these steps. [PSL]

3. Check that the domain name up to the label before the prefix that was matched in the previous string is a registered domain name.

The rules for parsing a hash-name reference to an element of type type are as follows:

1. If the string being parsed does not contain a U+0023 NUMBER SIGN character, or if the first such character in the string is the last character in the string, then return null and abort these steps.

2. Let s be the string from the character immediately after the first U+0023 NUMBER SIGN character in the string being parsed up to the end of that string.

3. Return the first element of type type that has an id attribute whose value is a case-sensitive match for s or a name attribute whose value is a compatibility caseless match for s.

To parse a URL url into its component parts, the user agent must use the parse a Web address algorithm defined by the Web addresses specification. [WEBADDRESSES]

Parsing a URL results in the following components, again as defined by the Web addresses specification:

• <scheme>
• <host>
• <port>
• <hostport>
• <path>
• <query>
• <fragment>
• <host-specific>

To resolve a URL to an absolute URL relative to either another absolute URL or an element, the user agent must use the resolve a Web address algorithm defined by the Web addresses specification. [WEBADDRESSES]

The document base URL of a Document object is the document base Web address as defined by the Web addresses specification. [WEBADDRESSES]

Dynamic changes to base URLs

When an xml:base attribute changes, the attribute's element, and all descendant elements, are affected by a base URL change.

When a document's document base URL changes, all elements in that document are affected by a base URL change.

When an element is moved from one document to another, if the two documents have different base URLs, then that element and all its descendants are affected by a base URL change.

When an element is affected by a base URL change, it must act as described in the following list:

If the element is a hyperlink element

If the absolute URL identified by the hyperlink is being shown to the user, or if any data derived from that URL is affecting the display, then the href attribute should be re-resolved relative to the element and the UI updated appropriately.

For example, the CSS :link/:visited pseudo-classes might have been affected.

If the hyperlink has a ping attribute and its absolute URL(s) are being shown to the user, then the ping attribute's tokens should be re-resolved relative to the element and the UI updated appropriately.

If the element is a q, blockquote, section, article, ins, or del element with a cite attribute

If the absolute URL identified by the cite attribute is being shown to the user, or if any data derived from that URL is affecting the display, then the URL should be re-resolved relative to the element and the UI updated appropriately.

Otherwise

The element is not directly affected.

Changing the base URL doesn't affect the image displayed by img elements, although subsequent accesses of the src DOM attribute from script will return a new absolute URL that might no longer correspond to the image being shown.

The attributes defined to be URL decomposition attributes must act as described for the attributes with the same corresponding names in this section.

In addition, an interface with a complement of URL decomposition attributes will define an input, which is a URL that the attributes act on, and a common setter action, which is a set of steps invoked when any of the attributes' setters are invoked.

The seven URL decomposition attributes have similar requirements.

On getting, if the input is an absolute URL that fulfills the condition given in the "getter condition" column corresponding to the attribute in the table below, the user agent must return the part of the input URL given in the "component" column, with any prefixes specified in the "prefix" column appropriately added to the start of the string and any suffixes specified in the "suffix" column appropriately added to the end of the string. Otherwise, the attribute must return the empty string.

On setting, the new value must first be mutated as described by the "setter preprocessor" column, then mutated by %-escaping any characters in the new value that are not valid in the relevant component as given by the "component" column. Then, if the input is an absolute URL and the resulting new value fulfills the condition given in the "setter condition" column, the user agent must make a new string output by replacing the component of the URL given by the "component" column in the input URL with the new value; otherwise, the user agent must let output be equal to the input. Finally, the user agent must invoke the common setter action with the value of output.

When replacing a component in the URL, if the component is part of an optional group in the URL syntax consisting of a character followed by the component, the component (including its prefix character) must be included even if the new value is the empty string.

The previous paragraph applies in particular to the ":" before a <port> component, the "?" before a <query> component, and the "#" before a <fragment> component.

For the purposes of the above definitions, URLs must be parsed using the URL parsing rules defined in this specification.

Fetching resources

When a user agent is to fetch a resource, the following steps must be run:

1. If the resource is identified by the URL about:blank, then return the empty string and abort these steps.

2. Perform the remaining steps asynchronously.

3. If the resource is identified by an absolute URL, and the resource is to be obtained using a idempotent action (such as an HTTP GET or equivalent), and it is already being downloaded for other reasons (e.g. another invocation of this algorithm), and the user agent is configured such that it is to reuse the data from the existing download instead of initiating a new one, then use the results of the existing download instead of starting a new one.

   Otherwise, at a time convenient to the user and the user agent, download (or otherwise obtain) the resource, applying the semantics of the relevant specifications (e.g. performing an HTTP GET or POST operation, or reading the file from disk, following redirects, dereferencing javascript: URLs, etc).

   For purposes of generating the address of the resource from which Request-URIs are obtained as required by HTTP for the Referer (sic) header, the user agent must use the document's current address of the appropriate Document as given by this list. [HTTP]

   When navigating

   The active document of the source browsing context.

   When fetching resources for an element

   The element's Document.

   When fetching resources in response to a call to an API

   The active document of the browsing context of the first script.

4. If there are cookies to be set, then the user agent must run the following substeps:

   1. Wait until ownership of the storage mutex can be taken by this instance of the fetching algorithm.

   2. Take ownership of the storage mutex.

   3. Update the cookies. [COOKIES]

   4. Release the storage mutex so that it is once again free.

5. When the resource is available, or if there is an error of some description, queue a task that uses the resource as appropriate. If the resource can be processed incrementally, as, for instance, with a progressively interlaced JPEG or an HTML file, additional tasks may be queued to process the data as it is downloaded. The task source for these tasks is the networking task source.

The application cache processing model introduces some changes to the networking model to handle the returning of cached resources.

The navigation processing model handles redirects itself, overriding the redirection handling that would be done by the fetching algorithm.

Whether the type sniffing rules apply to the fetched resource depends on the algorithm that invokes the rules — they are not always applicable.

Protocol concepts

User agents can implement a variety of transfer protocols, but this specification mostly defines behavior in terms of HTTP. [HTTP]

The HTTP GET method is equivalent to the default retrieval action of the protocol. For example, RETR in FTP. Such actions are idempotent and safe, in HTTP terms.

The HTTP response codes are equivalent to statuses in other protocols that have the same basic meanings. For example, a "file not found" error is equivalent to a 404 code, a server error is equivalent to a 5xx code, and so on.

The HTTP headers are equivalent to fields in other protocols that have the same basic meaning. For example, the HTTP authentication headers are equivalent to the authentication aspects of the FTP protocol.

Encrypted HTTP and related security concerns

Anything in this specification that refers to HTTP also applies to HTTP-over-TLS, as represented by URLs representing the https scheme.

User agents should report certificate errors to the user and must either refuse to download resources sent with erroneous certificates or must act as if such resources were in fact served with no encryption.

Not doing so can result in users not noticing man-in-the-middle attacks.

Determining the type of a resource

The Content-Type metadata of a resource must be obtained and interpreted in a manner consistent with the requirements of the Content-Type Processing Model specification. [MIMESNIFF]

The algorithm for extracting an encoding from a Content-Type, given a string s, is given in the Content-Type Processing Model specification. It either returns an encoding or nothing. [MIMESNIFF]

The sniffed type of a resource must be found in a manner consistent with the requirements given in the Content-Type Processing Model specification for finding that sniffed type. [MIMESNIFF]

The rules for sniffing images specifically are also defined in the Content-Type Processing Model specification. [MIMESNIFF]

It is imperative that the rules in the Content-Type Processing Model specification be followed exactly. When a user agent uses different heuristics for content type detection than the server expects, security problems can occur. For more details, see the Content-Type Processing Model specification. [MIMESNIFF]

Character encodings

User agents must at a minimum support the UTF-8 and Windows-1252 encodings, but may support more.

It is not unusual for Web browsers to support dozens if not upwards of a hundred distinct character encodings.

User agents must support the preferred MIME name of every character encoding they support that has a preferred MIME name, and should support all the IANA-registered aliases. [IANACHARSET]

When comparing a string specifying a character encoding with the name or alias of a character encoding to determine if they are equal, user agents must use the Charset Alias Matching rules defined in Unicode Technical Standard #22. [UTS22]

For instance, "GB_2312-80" and "g.b.2312(80)" are considered equivalent names.

When a user agent would otherwise use an encoding specified by a label given in the first column of the following table to either convert content to Unicode characters or convert Unicode characters to bytes, it must instead use the encoding given in the cell in the second column of the same row. When a byte or sequence of bytes is treated differently due to this encoding aliasing, it is said to have been misinterpreted for compatibility.

The requirement to treat certain encodings as other encodings according to the table above is a willful violation of the W3C Character Model specification, motivated by a desire for compatibility with legacy content. [CHARMOD]

User agents must not support the CESU-8, UTF-7, BOCU-1 and SCSU encodings. [CESU8] [UTF7] [BOCU1] [SCSU]

Support for encodings based on EBCDIC is not recommended. This encoding is rarely used for publicly-facing Web content.

Support for UTF-32 is not recommended. This encoding is rarely used, and frequently implemented incorrectly.

This specification does not make any attempt to support EBCDIC-based encodings and UTF-32 in its algorithms; support and use of these encodings can thus lead to unexpected behavior in implementations of this specification.

In general, on getting, if the content attribute is not present, the DOM attribute must act as if the content attribute's value is the empty string; and on setting, if the content attribute is not present, it must first be added.

If a reflecting DOM attribute is a DOMString attribute whose content attribute is defined to contain a URL, then on getting, the DOM attribute must resolve the value of the content attribute relative to the element and return the resulting absolute URL if that was successful, or the empty string otherwise; and on setting, must set the content attribute to the specified literal value. If the content attribute is absent, the DOM attribute must return the default value, if the content attribute has one, or else the empty string.

If a reflecting DOM attribute is a DOMString attribute whose content attribute is defined to contain one or more URLs, then on getting, the DOM attribute must split the content attribute on spaces and return the concatenation of resolving each token URL to an absolute URL relative to the element, with a single U+0020 SPACE character between each URL, ignoring any tokens that did not resolve successfully. If the content attribute is absent, the DOM attribute must return the default value, if the content attribute has one, or else the empty string. On setting, the DOM attribute must set the content attribute to the specified literal value.

If a reflecting DOM attribute is a DOMString whose content attribute is an enumerated attribute, and the DOM attribute is limited to only known values, then, on getting, the DOM attribute must return the conforming value associated with the state the attribute is in (in its canonical case), or the empty string if the attribute is in a state that has no associated keyword value; and on setting, if the new value is an ASCII case-insensitive match for one of the keywords given for that attribute, then the content attribute must be set to the conforming value associated with the state that the attribute would be in if set to the given new value, otherwise, if the new value is the empty string, then the content attribute must be removed, otherwise, the setter must raise a SYNTAX_ERR exception.

If a reflecting DOM attribute is a DOMString but doesn't fall into any of the above categories, then the getting and setting must be done in a transparent, case-preserving manner.

If a reflecting DOM attribute is a boolean attribute, then on getting the DOM attribute must return true if the attribute is set, and false if it is absent. On setting, the content attribute must be removed if the DOM attribute is set to false, and must be set to have the same value as its name if the DOM attribute is set to true. (This corresponds to the rules for boolean content attributes.)

If a reflecting DOM attribute is a signed integer type (long) then, on getting, the content attribute must be parsed according to the rules for parsing signed integers, and if that is successful, and the value is in the range of the DOM attribute's type, the resulting value must be returned. If, on the other hand, it fails or returns an out of range value, or if the attribute is absent, then the default value must be returned instead, or 0 if there is no default value. On setting, the given value must be converted to the shortest possible string representing the number as a valid integer in base ten and then that string must be used as the new content attribute value.

If a reflecting DOM attribute is an unsigned integer type (unsigned long) then, on getting, the content attribute must be parsed according to the rules for parsing non-negative integers, and if that is successful, and the value is in the range of the DOM attribute's type, the resulting value must be returned. If, on the other hand, it fails or returns an out of range value, or if the attribute is absent, the default value must be returned instead, or 0 if there is no default value. On setting, the given value must be converted to the shortest possible string representing the number as a valid non-negative integer in base ten and then that string must be used as the new content attribute value.

If a reflecting DOM attribute is an unsigned integer type (unsigned long) that is limited to only positive non-zero numbers, then the behavior is similar to the previous case, but zero is not allowed. On getting, the content attribute must first be parsed according to the rules for parsing non-negative integers, and if that is successful, and the value is in the range of the DOM attribute's type, the resulting value must be returned. If, on the other hand, it fails or returns an out of range value, or if the attribute is absent, the default value must be returned instead, or 1 if there is no default value. On setting, if the value is zero, the user agent must fire an INDEX_SIZE_ERR exception. Otherwise, the given value must be converted to the shortest possible string representing the number as a valid non-negative integer in base ten and then that string must be used as the new content attribute value.

If a reflecting DOM attribute is a floating point number type (float) and it doesn't fall into one of the earlier categories, then, on getting, the content attribute must be parsed according to the rules for parsing floating point number values, and if that is successful, and the value is in the range of the DOM attribute's type, the resulting value must be returned. If, on the other hand, it fails or returns an out of range value, or if the attribute is absent, the default value must be returned instead, or 0.0 if there is no default value. On setting, the given value must be converted to the best representation of the floating point number and then that string must be used as the new content attribute value.

The values ±Infinity and NaN throw an exception on setting, as defined by Web IDL. [WEBIDL]

If a reflecting DOM attribute is of the type DOMTokenList or DOMSettableTokenList, then on getting it must return a DOMTokenList or DOMSettableTokenList object (as appropriate) whose underlying string is the element's corresponding content attribute. When the object mutates its underlying string, the content attribute must itself be immediately mutated. When the attribute is absent, then the string represented by the object is the empty string; when the object mutates this empty string, the user agent must first add the corresponding content attribute, and then mutate that attribute instead. The same DOMTokenList object must be returned every time for each attribute.

If a reflecting DOM attribute has the type HTMLElement, or an interface that descends from HTMLElement, then, on getting, it must run the following algorithm (stopping at the first point where a value is returned):

1. If the corresponding content attribute is absent, then the DOM attribute must return null.
2. Let candidate be the element that the document.getElementById() method would find if it was passed as its argument the current value of the corresponding content attribute.
3. If candidate is null, or if it is not type-compatible with the DOM attribute, then the DOM attribute must return null.
4. Otherwise, it must return candidate.

On setting, if the given element has an id attribute, then the content attribute must be set to the value of that id attribute. Otherwise, the DOM attribute must be set to the empty string.

The rows list is not in tree order.

An attribute that returns a collection must return the same object every time it is retrieved.

The object's indices of the supported indexed properties are the numbers in the range zero to one less than the number of nodes represented by the collection. If there are no such elements, then there are no supported indexed properties.

The length attribute must return the number of nodes represented by the collection.

The item(index) method must return the indexth node in the collection. If there is no indexth node in the collection, then the method must return null.

The names of the supported named properties consist of the values of the name attributes of each a, applet, area, embed, form, frame, frameset, iframe, img, and object element represented by the collection with a name attribute, plus the list of IDs that the elements represented by the collection have.

The namedItem(key) method must return the first node in the collection that matches the following requirements:

• It is an a, applet, area, embed, form, frame, frameset, iframe, img, or object element with a name attribute equal to key, or,
• It is an element with an ID key.

If no such elements are found, then the method must return null.

The tags(tagName) method must return an HTMLCollection rooted at the same node as the HTMLCollection object on which the method was invoked, whose filter matches only HTML elements whose local name is the tagName argument. In HTML documents, the argument must first be converted to ASCII lowercase.

The object's indices of the supported indexed properties are the numbers in the range zero to one less than the number of nodes represented by the collection. If there are no such elements, then there are no supported indexed properties.

The length attribute must return the number of nodes represented by the collection.

The item(index) method must return the indexth node in the collection. If there is no indexth node in the collection, then the method must return null.

The names of the supported named properties consist of the values of all the id and name attributes of all the elements represented by the collection.

The namedItem(name) method must act according to the following algorithm:

1. If, at the time the method is called, there is exactly one node in the collection that has either an id attribute or a name attribute equal to name, then return that node and stop the algorithm.
2. Otherwise, if there are no nodes in the collection that have either an id attribute or a name attribute equal to name, then return null and stop the algorithm.
3. Otherwise, create a RadioNodeList object representing a live view of the HTMLFormControlsCollection object, further filtered so that the only nodes in the RadioNodeList object are those that have either an id attribute or a name attribute equal to name. The nodes in the RadioNodeList object must be sorted in tree order.
4. Return that RadioNodeList object.

A members of the RadioNodeList interface inherited from the NodeList interface must behave as they would on a NodeList object.

The value DOM attribute on the RadioNodeList object, on getting, must return the value returned by running the following steps:

1. Let element be the first element in tree order represented by the RadioNodeList object that is an input element whose type attribute is in the Radio Button state and whose checkedness is true. Otherwise, let it be null.

2. If element is null, or if it is an element with no value attribute, return the empty string.

3. Otherwise, return the value of element's value attribute.

On setting, the value DOM attribute must run the following steps:

1. Let element be the first element in tree order represented by the RadioNodeList object that is an input element whose type attribute is in the Radio Button state and whose value content attribute is present and equal to the new value, if any. Otherwise, let it be null.

2. If element is not null, then set its checkedness to true.

The object's indices of the supported indexed properties are the numbers in the range zero to one less than the number of nodes represented by the collection. If there are no such elements, then there are no supported indexed properties.

On getting, the length attribute must return the number of nodes represented by the collection.

On setting, the behavior depends on whether the new value is equal to, greater than, or less than the number of nodes represented by the collection at that time. If the number is the same, then setting the attribute must do nothing. If the new value is greater, then n new option elements with no attributes and no child nodes must be appended to the select element on which the HTMLOptionsCollection is rooted, where n is the difference between the two numbers (new value minus old value). If the new value is lower, then the last n nodes in the collection must be removed from their parent nodes, where n is the difference between the two numbers (old value minus new value).

Setting length never removes or adds any optgroup elements, and never adds new children to existing optgroup elements (though it can remove children from them).

The item(index) method must return the indexth node in the collection. If there is no indexth node in the collection, then the method must return null.

The names of the supported named properties consist of the values of all the id and name attributes of all the elements represented by the collection.

The namedItem(name) method must act according to the following algorithm:

1. If, at the time the method is called, there is exactly one node in the collection that has either an id attribute or a name attribute equal to name, then return that node and stop the algorithm.
2. Otherwise, if there are no nodes in the collection that have either an id attribute or a name attribute equal to name, then return null and stop the algorithm.
3. Otherwise, create a NodeList object representing a live view of the HTMLOptionsCollection object, further filtered so that the only nodes in the NodeList object are those that have either an id attribute or a name attribute equal to name. The nodes in the NodeList object must be sorted in tree order.
4. Return that NodeList object.

The add(element, before) method must act according to the following algorithm:

1. If element is not an option or optgroup element, then return and abort these steps.

2. If element is an ancestor of the select element on which the HTMLOptionsCollection is rooted, then throw a HIERARCHY_REQUEST_ERR exception.

3. If before is an element, but that element isn't a descendant of the select element on which the HTMLOptionsCollection is rooted, then throw a NOT_FOUND_ERR exception.

4. If element and before are the same element, then return and abort these steps.

5. If before is a node, then let reference be that node. Otherwise, if before is an integer, and there is a beforeth node in the collection, let reference be that node. Otherwise, let reference be null.

6. If reference is not null, let parent be the parent node of reference. Otherwise, let parent be the select element on which the HTMLOptionsCollection is rooted.

7. Act as if the DOM Core insertBefore() method was invoked on the parent node, with element as the first argument and reference as the second argument.

The remove(index) method must act according to the following algorithm:

1. If the number of nodes represented by the collection is zero, abort these steps.

2. If index is not a number greater than or equal to 0 and less than the number of nodes represented by the collection, let element be the first element in the collection. Otherwise, let element be the indexth element in the collection.

3. Remove element from its parent node.

The object's indices of the supported indexed properties are the numbers in the range zero to one less than the number of nodes represented by the collection. If there are no such elements, then there are no supported indexed properties.

The length attribute must return the number of nodes represented by the collection.

The item(index) method must return the indexth node in the collection. If there is no indexth node in the collection, then the method must return null.

The names of the supported named properties consist of the property names of all the elements represented by the collection.

The names attribute must return a live DOMStringList object giving the property names of all the elements represented by the collection, listed in tree order, but with duplicates removed, leaving only the first occurrence of each name. The same object must be returned each time.

The namedItem(name) method must return a PropertyNodeList object representing a live view of the HTMLPropertyCollection object, further filtered so that the only nodes in the RadioNodeList object are those that have a property name equal to name. The nodes in the PropertyNodeList object must be sorted in tree order, and the same object must be returned each time a particular name is queried.

A members of the PropertyNodeList interface inherited from the NodeList interface must behave as they would on a NodeList object.

The content DOM attribute on the PropertyNodeList object, on getting, must return a newly constructed DOMStringArray whose values are the values obtained from the content DOM property of each of the elements represented by the object, in tree order.

The length attribute must return the number of unique tokens that result from splitting the underlying string on spaces. This is the length.

The object's indices of the supported indexed properties are the numbers in the range zero to length-1, unless the length is zero, in which case there are no supported indexed properties.

The item(index) method must split the underlying string on spaces, preserving the order of the tokens as found in the underlying string, remove instances of exact duplicates other than the first instance in each case, and then return the indexth item in this list. If index is equal to or greater than the number of tokens, then the method must return null.

For example, if the string is "a b a c" then there are three tokens: the token with index 0 is "a", the token with index 1 is "b", and the token with index 2 is "c".

The contains(token) method must run the following algorithm:

1. If the token argument contains any space characters, then raise an INVALID_CHARACTER_ERR exception and stop the algorithm.
2. Otherwise, split the underlying string on spaces to get the list of tokens in the object's underlying string.
3. If the token indicated by token is one of the tokens in the object's underlying string then return true and stop this algorithm.
4. Otherwise, return false.

The add(token) method must run the following algorithm:

1. If the token argument contains any space characters, then raise an INVALID_CHARACTER_ERR exception and stop the algorithm.
2. Otherwise, split the underlying string on spaces to get the list of tokens in the object's underlying string.
3. If the given token is already one of the tokens in the DOMTokenList object's underlying string then stop the algorithm.
4. Otherwise, if the DOMTokenList object's underlying string is not the empty string and the last character of that string is not a space character, then append a U+0020 SPACE character to the end of that string.
5. Append the value of token to the end of the DOMTokenList object's underlying string.

The remove(token) method must run the following algorithm:

1. If the token argument contains any space characters, then raise an INVALID_CHARACTER_ERR exception and stop the algorithm.
2. Otherwise, remove the given token from the underlying string.

The toggle(token) method must run the following algorithm:

1. If the token argument contains any space characters, then raise an INVALID_CHARACTER_ERR exception and stop the algorithm.
2. Otherwise, split the underlying string on spaces to get the list of tokens in the object's underlying string.
3. If the given token is already one of the tokens in the DOMTokenList object's underlying string then remove the given token from the underlying string, and stop the algorithm, returning false.
4. Otherwise, if the DOMTokenList object's underlying string is not the empty string and the last character of that string is not a space character, then append a U+0020 SPACE character to the end of that string.
5. Append the value of token to the end of the DOMTokenList object's underlying string.
6. Return true.

Objects implementing the DOMTokenList interface must stringify to the object's underlying string representation.

An object implementing the DOMSettableTokenList interface must act as defined for the DOMTokenList interface, except for the value attribute defined here.

The value attribute must return the underlying string on getting, and must replace the underlying string with the new value on setting.

Safe passing of structured data

When a user agent is required to obtain a structured clone of an object, it must run the following algorithm, which either returns a separate object, or throws an exception.

1. Let input be the object being cloned.

2. Let memory be a list of objects, initially empty. (This is used to catch cycles.)

3. Let output be the object resulting from calling the internal structured cloning algorithm with input and memory.

4. Return output.

The internal structured cloning algorithm is always called with two arguments, input and memory, and its behavior depends on the type of input, as follows:

If input is the undefined value

Return the undefined value.

If input is the null value

Return the null value.

If input is the false value

Return the false value.

If input is the true value

Return the true value.

If input is a Number object

Return a newly constructed Number object with the same value as input.

If input is a String object

Return a newly constructed String object with the same value as input.

If input is a Date object

Return a newly constructed Date object with the same value as input.

If input is a RegExp object

Return a newly constructed RegExp object with the same pattern and flags as input.

The value of the lastIndex property is not copied.

If input is a ImageData object

Return a newly constructed ImageData object with the same width and height as input, and with a newly constructed CanvasPixelArray for its data attribute, with the same length and pixel values as the input's.

If input is a host object (e.g. a DOM node)

Return the null value.

If input is an Array object

If input is an Object object

1. If input is in memory, then throw a NOT_SUPPORTED_ERR exception and abort the overall structured clone algorithm.

2. Otherwise, let new memory be a list consisting of the items in memory with the addition of input.

3. Create a new object, output, of the same type as input: either an Array or an Object.

4. For each enumerable property in input, add a corresponding property to output having the same name, and having a value created from invoking the internal structured cloning algorithm recursively with the value of the property as the "input" argument and new memory as the "memory" argument. The order of the properties in the input and output objects must be the same.

   This does not walk the prototype chain.

5. Return output.

If input is another native object type (e.g. Error)

Return the null value.

When a DOMStringMap object is instantiated, it is associated with three algorithms, one for getting the list of name-value pairs, one for setting names to certain values, and one for deleting names.

[NameCreator, NameDeleter, NameGetter, NameSetter]
interface DOMStringMap {};

The names of the supported named properties on a DOMStringMap object at any instant are the names of each pair returned from the algorithm for getting the list of name-value pairs at that instant.

When a DOMStringMap object is indexed to retrieve a named property name, the value returned must be the value component of the name-value pair whose name component is name in the list returned by the algorithm for getting the list of name-value pairs.

When a DOMStringMap object is indexed to create or modify a named property name with value value, the algorithm for setting names to certain values must be run, passing name as the name and the result of converting value to a DOMString as the value.

When a DOMStringMap object is indexed to delete a named property named name, the algorithm for deleting names must be run, passing name as the name.

The DOMStringMap interface definition here is only intended for JavaScript environments. Other language bindings will need to define how DOMStringMap is to be implemented for those languages.

Garbage collection

There is an implied strong reference from any DOM attribute that returns a pre-existing object to that object.

The URL attribute must return the document's address.

The referrer attribute must return either the current address of the active document of the source browsing context at the time the navigation was started (that is, the page which navigated the browsing context to the current document), or the empty string if there is no such originating page, or if the UA has been configured not to report referrers in this case, or if the navigation was initiated for a hyperlink with a noreferrer keyword.

In the case of HTTP, the referrer DOM attribute will match the Referer (sic) header that was sent when fetching the current page.

Typically user agents are configured to not report referrers in the case where the referrer uses an encrypted protocol and the current page does not (e.g. when navigating from an https: page to an http: page).

The cookie attribute represents the cookies of the resource.

On getting, if the document is not associated with a browsing context then the user agent must raise an INVALID_STATE_ERR exception. Otherwise, if the sandboxed origin browsing context flag was set on the browsing context of the Document when the Document was created, the user agent must raise a SECURITY_ERR exception. Otherwise, if the document's address does not use a server-based naming authority, it must return the empty string. Otherwise, it must first obtain the storage mutex and then return the same string as the value of the Cookie HTTP header it would include if fetching the resource indicated by the document's address over HTTP, as per RFC 2109 section 4.3.4 or later specifications, excluding HTTP-only cookies. [RFC2109] [RFC2965]

On setting, if the document is not associated with a browsing context then the user agent must raise an INVALID_STATE_ERR exception. Otherwise, if the sandboxed origin browsing context flag was set on the browsing context of the Document when the Document was created, the user agent must raise a SECURITY_ERR exception. Otherwise, if the document's address does not use a server-based naming authority, it must do nothing. Otherwise, the user agent must obtain the storage mutex and then act as it would when processing cookies if it had just attempted to fetch the document's address over HTTP, and had received a response with a Set-Cookie header whose value was the specified value, as per RFC 2109 sections 4.3.1, 4.3.2, and 4.3.3 or later specifications, but without overwriting the values of HTTP-only cookies. [RFC2109] [RFC2965]

This specification does not define what makes an HTTP-only cookie, and at the time of publication the editor is not aware of any reference for HTTP-only cookies. They are a feature supported by some Web browsers wherein an "httponly" parameter added to the cookie string causes the cookie to be hidden from script.

Since the cookie attribute is accessible across frames, the path restrictions on cookies are only a tool to help manage which cookies are sent to which parts of the site, and are not in any way a security feature.

The lastModified attribute, on getting, must return the date and time of the Document's source file's last modification, in the user's local time zone, in the following format:

1. The month component of the date.
2. A U+002F SOLIDUS character ('/').
3. The day component of the date.
4. A U+002F SOLIDUS character ('/').
5. The year component of the date.
6. A U+0020 SPACE character.
7. The hours component of the time.
8. A U+003A COLON character (':').
9. The minutes component of the time.
10. A U+003A COLON character (':').
11. The seconds component of the time.

All the numeric components above, other than the year, must be given as two digits in the range U+0030 DIGIT ZERO to U+0039 DIGIT NINE representing the number in base ten, zero-padded if necessary. The year must be given as four or more digits in the range U+0030 DIGIT ZERO to U+0039 DIGIT NINE representing the number in base ten, zero-padded if necessary.

The Document's source file's last modification date and time must be derived from relevant features of the networking protocols used, e.g. from the value of the HTTP Last-Modified header of the document, or from metadata in the file system for local files. If the last modification date and time are not known, the attribute must return the current date and time in the above format.

A Document is always set to one of three modes: no quirks mode, the default; quirks mode, used typically for legacy documents; and limited quirks mode, also known as "almost standards" mode. The mode is only ever changed from the default by the HTML parser, based on the presence, absence, or value of the DOCTYPE string.

The compatMode DOM attribute must return the literal string "CSS1Compat" unless the document has been set to quirks mode by the HTML parser, in which case it must instead return the literal string "BackCompat".

Documents have an associated character encoding. When a Document object is created, the document's character encoding must be initialized to UTF-16. Various algorithms during page loading affect this value, as does the charset setter. [IANACHARSET]

The charset DOM attribute must, on getting, return the preferred MIME name of the document's character encoding. On setting, if the new value is an IANA-registered alias for a character encoding supported by the user agent, the document's character encoding must be set to that character encoding. (Otherwise, nothing happens.)

The characterSet DOM attribute must, on getting, return the preferred MIME name of the document's character encoding.

The defaultCharset DOM attribute must, on getting, return the preferred MIME name of a character encoding, possibly the user's default encoding, or an encoding associated with the user's current geographical location, or any arbitrary encoding name.

Each document has a current document readiness. When a Document object is created, it must have its current document readiness set to the string "loading" if the document is associated with an HTML parser or an XML parser, or to the string "complete" otherwise. Various algorithms during page loading affect this value. When the value is set, the user agent must fire a simple event called readystatechange at the Document object.

A Document is said to have an active parser if it is associated with an HTML parser or an XML parser that has not yet been stopped or aborted.

The readyState DOM attribute must, on getting, return the current document readiness.

The title attribute must, on getting, run the following algorithm:

1. If the root element is an svg element in the "http://www.w3.org/2000/svg" namespace, and the user agent supports SVG, then return the value that would have been returned by the DOM attribute of the same name on the SVGDocument interface. [SVG]

2. Otherwise, let value be a concatenation of the data of all the child text nodes of the title element, in tree order, or the empty string if the title element is null.

3. Replace any sequence of two or more consecutive space characters in value with a single U+0020 SPACE character.

4. Remove any leading or trailing space characters in value.

5. Return value.

On setting, the following algorithm must be run. Mutation events must be fired as appropriate.

1. If the root element is an svg element in the "http://www.w3.org/2000/svg" namespace, and the user agent supports SVG, then the setter must defer to the setter for the DOM attribute of the same name on the SVGDocument interface (if it is readonly, then this will raise an exception). Stop the algorithm here. [SVG]

2. If the title element is null and the head element is null, then the attribute must do nothing. Stop the algorithm here.
3. If the title element is null, then a new title element must be created and appended to the head element.
4. The children of the title element (if any) must all be removed.
5. A single Text node whose data is the new value being assigned must be appended to the title element.

The title attribute on the HTMLDocument interface should shadow the attribute of the same name on the SVGDocument interface when the user agent supports both HTML and SVG. [SVG]

The body attribute, on getting, must return the body element of the document (either a body element, a frameset element, or null). On setting, the following algorithm must be run:

1. If the new value is not a body or frameset element, then raise a HIERARCHY_REQUEST_ERR exception and abort these steps.
2. Otherwise, if the new value is the same as the body element, do nothing. Abort these steps.
3. Otherwise, if the body element is not null, then replace that element with the new value in the DOM, as if the root element's replaceChild() method had been called with the new value and the incumbent body element as its two arguments respectively, then abort these steps.
4. Otherwise, the the body element is null. Append the new value to the root element.

The images attribute must return an HTMLCollection rooted at the Document node, whose filter matches only img elements.

The embeds attribute must return an HTMLCollection rooted at the Document node, whose filter matches only embed elements.

The plugins attribute must return the same object as that returned by the embeds attribute.

The links attribute must return an HTMLCollection rooted at the Document node, whose filter matches only a elements with href attributes and area elements with href attributes.

The forms attribute must return an HTMLCollection rooted at the Document node, whose filter matches only form elements.

The scripts attribute must return an HTMLCollection rooted at the Document node, whose filter matches only script elements.

The getElementsByName(name) method takes a string name, and must return a live NodeList containing all the a, applet, button, form, frame, frameset, iframe, img, input, map, meta, object, select, and textarea elements in that document that have a name attribute whose value is equal to the name argument (in a case-sensitive manner), in tree order.

The getElementsByClassName(classNames) method takes a string that contains an unordered set of unique space-separated tokens representing classes. When called, the method must return a live NodeList object containing all the elements in the document, in tree order, that have all the classes specified in that argument, having obtained the classes by splitting a string on spaces. If there are no tokens specified in the argument, then the method must return an empty NodeList. If the document is in quirks mode, then the comparisons for the classes must be done in an ASCII case-insensitive manner, otherwise, the comparisons must be done in a case-sensitive manner.

The getElementsByClassName(classNames) method on the HTMLElement interface must return a live NodeList with the nodes that the HTMLDocument getElementsByClassName() method would return when passed the same argument(s), excluding any elements that are not descendants of the HTMLElement object on which the method was invoked.

The HTMLDocument interface supports named properties. The names of the supported named properties at any moment consist of the values of the name content attributes of all the applet, embed, form, iframe, img, and fallback-free object elements in the Document that have name content attributes, and the values of the id content attributes of all the applet and fallback-free object elements in the Document that have id content attributes, and the values of the id content attributes of all the img elements in the Document that have both name content attributes and id content attributes.

When the HTMLDocument object is indexed for property retrieval using a name name, then the user agent must return the value obtained using the following steps:

1. Let elements be the list of named elements with the name name in the Document.

   There will be at least one such element, by definition.

2. If elements has only one element, and that element is an iframe element, then return the WindowProxy object of the nested browsing context represented by that iframe element, and abort these steps.

3. Otherwise, if elements has only one element, return that element and abort these steps.

4. Otherwise return an HTMLCollection rooted at the Document node, whose filter matches only named elements with the name name.

Named elements with the name name, for the purposes of the above algorithm, are those that are either:

• applet, embed, form, iframe, img, or fallback-free object elements that have a name content attribute whose value is name, or
• applet or fallback-free object elements that have an id content attribute whose value is name, or
• img elements that have an id content attribute whose value is name, and that have a name content attribute present also.

An object element is said to be fallback-free if it has no object or embed descendants.

If the value is not the empty string, user agents must associate the element with the given value (exactly, including any space characters) for the purposes of ID matching within the element's home subtree (e.g. for selectors in CSS or for the getElementById() method in the DOM).

Identifiers are opaque strings. Particular meanings should not be derived from the value of the id attribute.

This specification doesn't preclude an element having multiple IDs, if other mechanisms (e.g. DOM Core methods) can set an element's ID in a way that doesn't conflict with the id attribute.

The id DOM attribute must reflect the id content attribute.

The title DOM attribute must reflect the title content attribute.

To determine the language of a node, user agents must look at the nearest ancestor element (including the element itself if the node is an element) that has a lang attribute in the XML namespace set or is an HTML element and has a lang in no namespace attribute set. That attribute specifies the language of the node.

If both the lang attribute in no namespace and the lang attribute in the XML namespace are set on an element, user agents must use the lang attribute in the XML namespace, and the lang attribute in no namespace must be ignored for the purposes of determining the element's language.

If no explicit language is given for the root element, but there is a document-wide default language set, then that is the language of the node.

If there is no document-wide default language, then language information from a higher-level protocol (such as HTTP), if any, must be used as the final fallback language. In the absence of any language information, the default value is unknown (the empty string).

If the resulting value is not a recognized language code, then it must be treated as an unknown language (as if the value was the empty string).

User agents may use the element's language to determine proper processing or rendering (e.g. in the selection of appropriate fonts or pronunciations, or for dictionary selection).

The lang DOM attribute must reflect the lang content attribute in no namespace.

The processing of this attribute is primarily performed by the presentation layer. For example, the rendering section in this specification defines a mapping from this attribute to the CSS 'direction' and 'unicode-bidi' properties, and CSS defines rendering in terms of those properties.

The dir DOM attribute on an element must reflect the dir content attribute of that element, limited to only known values.

The dir DOM attribute on HTMLDocument objects must reflect the dir content attribute of the html element, if any, limited to only known values. If there is no such element, then the attribute must return the empty string and do nothing on setting.

The classes that an HTML element has assigned to it consists of all the classes returned when the value of the class attribute is split on spaces.

The className and classList DOM attributes must both reflect the class content attribute.

In user agents that support CSS, the attribute's value must be parsed when the attribute is added or has its value changed, with its value treated as the body (the part inside the curly brackets) of a declaration block in a rule whose selector matches just the element on which the attribute is set. All URLs in the value must be resolved relative to the element when the attribute is parsed. For the purposes of the CSS cascade, the attribute must be considered to be a 'style' attribute at the author level.

The style DOM attribute must return a CSSStyleDeclaration whose value represents the declarations specified in the attribute, if present. Mutating the CSSStyleDeclaration object must create a style attribute on the element (if there isn't one already) and then change its value to be a value representing the serialized form of the CSSStyleDeclaration object. [CSSOM]

The dataset DOM attribute provides convenient accessors for all the data-* attributes on an element. On getting, the dataset DOM attribute must return a DOMStringMap object, associated with the following algorithms, which expose these attributes on their element:

The algorithm for getting the list of name-value pairs

1. Let list be an empty list of name-value pairs.
2. For each content attribute on the element whose first five characters are the string "data-", add a name-value pair to list whose name is the attribute's name with the first five character removed and whose value is the attribute's value.
3. Return list.

The algorithm for setting names to certain values

1. Let name be the concatenation of the string data- and the name passed to the algorithm.
2. Let value be the value passed to the algorithm.
3. Set the value of the attribute with the name name, to the value value, replacing any previous value if the attribute already existed. If setAttribute() would have raised an exception when setting an attribute with the name name, then this must raise the same exception.

The algorithm for deleting names

1. Let name be the concatenation of the string data- and the name passed to the algorithm.
2. Remove the attribute with the name name, if such an attribute exists. Do nothing otherwise.

User agents must not derive any implementation behavior from these attributes or values. Specifications intended for user agents must not define these attributes to have any meaningful values.

The user agent should allow the user to manually trigger elements that have an activation behavior, for instance using keyboard or voice input, or through mouse clicks. When the user triggers an element with a defined activation behavior in a manner other than clicking it, the default action of the interaction event must be to run synthetic click activation steps on the element.

When a user agent is to run synthetic click activation steps on an element, the user agent must run pre-click activation steps on the element, then fire a click event at the element. The default action of this click event must be to run post-click activation steps on the element. If the event is canceled, the user agent must run canceled activation steps on the element instead.

Given an element target, the nearest activatable element is the element returned by the following algorithm:

1. If target has a defined activation behavior, then return target and abort these steps.

2. If target has a parent element, then set target to that parent element and return to the first step.

3. Otherwise, there is no nearest activatable element.

When a pointing device is clicked, the user agent must run these steps:

1. Let e be the nearest activatable element of the element designated by the user, if any.

2. If there is an element e, run pre-click activation steps on it.

3. Dispatching the required click event.

   If there is an element e, then the default action of the click event must be to run post-click activation steps on element e.

   If there is an element e but the event is canceled, the user agent must run canceled activation steps on element e.

The above doesn't happen for arbitrary synthetic events dispatched by author script. However, the click() method can be used to make it happen programmatically.

When a user agent is to run pre-click activation steps on an element, it must run the pre-click activation steps defined for that element, if any.

When a user agent is to run post-click activation steps on an element, the user agent must fire a simple event called DOMActivate that is cancelable at that element. The default action of this event must be to run final activation steps on that element. If the event is canceled, the user agent must run canceled activation steps on the element instead.

When a user agent is to run canceled activation steps on an element, it must run the canceled activation steps defined for that element, if any.

When a user agent is to run final activation steps on an element, it must run the activation behavior defined for that element. Activation behaviors can refer to the click and DOMActivate events that were fired by the steps above leading up to this point.

Let view be a view of the DOM that replaces all a, ins, del, and map elements in the document with their contents. Then, in view, for each run of sibling phrasing content nodes uninterrupted by other types of content, in an element that accepts content other than phrasing content, let first be the first node of the run, and let last be the last node of the run. For each such run that consists of at least one node that is neither embedded content nor inter-element whitespace, a paragraph exists in the original DOM from immediately before first to immediately after last. (Paragraphs can thus span across a, ins, del, and map elements.)

Conformance checkers may warn authors of cases where they have paragraphs that overlap each other (this can happen with object, video, audio, and canvas elements).

Interactions with XPath and XSLT

Implementations of XPath 1.0 that operate on HTML documents parsed or created in the manners described in this specification (e.g. as part of the document.evaluate() API) are affected as follows:

In addition to the cases where a name expression would match a node per XPath 1.0, a name expression must evaluate to matching a node when all the following conditions are also met:

• The name expression has no namespace.
• The name expression has local name that is a match for local.
• The expression is being tested against an element node.
• The element has local name local.
• The element is in the HTML namespace.
• The element's document is an HTML document.

These requirements are a willful violation of the XPath 1.0 specification, motivated by desire to have implementations be compatible with legacy content while still supporting the changes that this specification introduces to HTML regarding which namespace is used for HTML elements. [XPATH10]

XSLT 1.0 processors outputting to a DOM when the output method is "html" (either explicitly or via the defaulting rule in XSLT 1.0) are affected as follows:

If the transformation program outputs an element in no namespace, the processor must, prior to constructing the corresponding DOM element node, change the namespace of the element to the HTML namespace, ASCII-lowercase the element's local name, and ASCII-lowercase the names of any non-namespaced attributes on the element.

This requirement is a willful violation of the XSLT 1.0 specification, required because this specification changes the namespaces and case-sensitivity rules of HTML in a manner that would otherwise be incompatible with DOM-based XSLT transformations. (Processors that serialize the output are unaffected.) [XSLT10]

When called with two or fewer arguments, the method must act as follows:

1. Let type be the value of the first argument, if there is one, or "text/html" otherwise.

2. Let replace be true if there is a second argument and it is an ASCII case-insensitive match for the value "replace", and false otherwise.

3. If the document has an active parser that isn't a script-created parser, and the insertion point associated with that parser's input stream is not undefined (that is, it does point to somewhere in the input stream), then the method does nothing. Abort these steps and return the Document object on which the method was invoked.

   This basically causes document.open() to be ignored when it's called in an inline script found during the parsing of data sent over the network, while still letting it have an effect when called asynchronously or on a document that is itself being spoon-fed using these APIs.

4. Unload the Document object, with the recycle parameter set to true. If the user refused to allow the document to be unloaded, then these steps must be aborted.

5. If the document has an active parser, then abort that parser, and throw away any pending content in the input stream.

6. Unregister all event listeners registered on the Document node and its descendants.

7. Remove any tasks associated with the Document in any task source.

8. Remove all child nodes of the document, without firing any mutation events.

9. Replace the Document's singleton objects with new instances of those objects. (This includes in particular the Window, Location, History, ApplicationCache, UndoManager, Navigator, and Selection objects, the various BarProp objects, the two Storage objects, and the various HTMLCollection objects. It also includes all the Web IDL prototypes in the JavaScript binding, including the Document object's prototype.)

10. Change the document's character encoding to UTF-16.

11. Change the document's address to the first script's browsing context's active document's address.

12. Create a new HTML parser and associate it with the document. This is a script-created parser (meaning that it can be closed by the document.open() and document.close() methods, and that the tokenizer will wait for an explicit call to document.close() before emitting an end-of-file token). The encoding confidence is irrelevant.

13. Mark the document as being an HTML document (it might already be so-marked).

14. If the type string contains a U+003B SEMICOLON (;) character, remove the first such character and all characters from it up to the end of the string.

    Strip all leading and trailing space characters from type.

    If type is not now an ASCII case-insensitive match for the string "text/html", then act as if the tokenizer had emitted a start tag token with the tag name "pre", then set the HTML parser's tokenization stage's content model flag to PLAINTEXT.

15. If replace is false, then:

    1. Remove all the entries in the browsing context's session history after the current entry in its Document's History object
    2. Remove any earlier entries that share the same Document
    3. Add a new entry just before the last entry that is associated with the text that was parsed by the previous parser associated with the Document object, as well as the state of the document at the start of these steps. (This allows the user to step backwards in the session history to see the page before it was blown away by the document.open() call.)

16. Finally, set the insertion point to point at just before the end of the input stream (which at this point will be empty).

17. Return the Document on which the method was invoked.

When called with three or more arguments, the open() method on the HTMLDocument object must call the open() method on the Window object of the HTMLDocument object, with the same arguments as the original call to the open() method, and return whatever that method returned. If the HTMLDocument object has no Window object, then the method must raise an INVALID_ACCESS_ERR exception.

The close() method must do nothing if there is no script-created parser associated with the document. If there is such a parser, then, when the method is called, the user agent must insert an explicit "EOF" character at the end of the parser's input stream.

The document.write(...) method must act as follows:

1. If the method was invoked on an XML document, throw an INVALID_ACCESS_ERR exception and abort these steps.

2. If the insertion point is undefined, the open() method must be called (with no arguments) on the document object. If the user refused to allow the document to be unloaded, then these steps must be aborted. Otherwise, the insertion point will point at just before the end of the (empty) input stream.

3. The string consisting of the concatenation of all the arguments to the method must be inserted into the input stream just before the insertion point.

4. If there is a pending external script, then the method must now return without further processing of the input stream.

5. Otherwise, the tokenizer must process the characters that were inserted, one at a time, processing resulting tokens as they are emitted, and stopping when the tokenizer reaches the insertion point or when the processing of the tokenizer is aborted by the tree construction stage (this can happen if a script end tag token is emitted by the tokenizer).

   If the document.write() method was called from script executing inline (i.e. executing because the parser parsed a set of script tags), then this is a reentrant invocation of the parser.

6. Finally, the method must return.

The document.writeln(...) method, when invoked, must act as if the document.write() method had been invoked with the same argument(s), plus an extra argument consisting of a string containing a single line feed character (U+000A).

On getting, if the node's document is an HTML document, then the attribute must return the result of running the HTML fragment serialization algorithm on the node; otherwise, the node's document is an XML document, and the attribute must return the result of running the XML fragment serialization algorithm on the node instead (this might raise an exception instead of returning a string).

On setting, the following steps must be run:

1. If the node's document is an HTML document: Invoke the HTML fragment parsing algorithm.

   If the node's document is an XML document: Invoke the XML fragment parsing algorithm.

   In either case, the algorithm must be invoked with the string being assigned into the innerHTML attribute as the input. If the node is an Element node, then, in addition, that element must be passed as the context element.

   If this raises an exception, then abort these steps.

   Otherwise, let new children be the nodes returned.

2. If the attribute is being set on a Document node, and that document has an active parser, then abort that parser.

3. Remove the child nodes of the node whose innerHTML attribute is being set, firing appropriate mutation events.

4. If the attribute is being set on a Document node, let target document be that Document node. Otherwise, the attribute is being set on an Element node; let target document be the ownerDocument of that Element.

5. Set the ownerDocument of all the nodes in new children to the target document.

6. Append all the new children nodes to the node whose innerHTML attribute is being set, preserving their order, and firing mutation events as appropriate.

On getting, if the node's document is an HTML document, then the attribute must return the result of running the HTML fragment serialization algorithm on a fictional node whose only child is the node on which the attribute was invoked; otherwise, the node's document is an XML document, and the attribute must return the result of running the XML fragment serialization algorithm on that fictional node instead (this might raise an exception instead of returning a string).

On setting, the following steps must be run:

1. Let target be the element whose outerHTML attribute is being set.

2. If target has no parent node, then abort these steps. There would be no way to obtain a reference to the nodes created even if the remaining steps were run.

3. If target's parent node is a Document object, throw a NO_MODIFICATION_ALLOWED_ERR exception and abort these steps.

4. Let parent be target's parent node, unless that is a DocumentFragment node, in which case let parent be an arbitrary body element.

5. If target's document is an HTML document: Invoke the HTML fragment parsing algorithm.

   If target's document is an XML document: Invoke the XML fragment parsing algorithm.

   In either case, the algorithm must be invoked with the string being assigned into the outerHTML attribute as the input, and parent as the context element.

   If this raises an exception, then abort these steps.

   Otherwise, let new children be targets returned.

6. Set the ownerDocument of all the nodes in new children to target's document.

7. Remove target from its parent node, firing mutation events as appropriate, and then insert in its place all the new children nodes, preserving their order, and again firing mutation events as appropriate.

The insertAdjacentHTML(position, text) method, when invoked, must run the following algorithm:

1. Let position and text be the method's first and second arguments, respectively.

2. Let target be the element on which the method was invoked.

3. Use the first matching item from this list:

   If position is an ASCII case-insensitive match for the string "beforebegin"

   If position is an ASCII case-insensitive match for the string "afterend"

   If target has no parent node, then abort these steps.

   If target's parent node is a Document object, then throw a NO_MODIFICATION_ALLOWED_ERR exception and abort these steps.

   Otherwise, let context be the parent node of target.

   If position is an ASCII case-insensitive match for the string "afterbegin"

   If position is an ASCII case-insensitive match for the string "beforeend"

   Let context be the same as target.

   Otherwise

   Throw a SYNTAX_ERR exception.

4. If target's document is an HTML document: Invoke the HTML fragment parsing algorithm.

   If target's document is an XML document: Invoke the XML fragment parsing algorithm.

   In either case, the algorithm must be invoked with text as the input, and the element selected in by the previous step as the context element.

   If this raises an exception, then abort these steps.

   Otherwise, let new children be targets returned.

5. Set the ownerDocument of all the nodes in new children to target's document.

6. Use the first matching item from this list:

   If position is an ASCII case-insensitive match for the string "beforebegin"

   Insert all the new children nodes immediately before target.

   If position is an ASCII case-insensitive match for the string "afterbegin"

   Insert all the new children nodes before the first child of target, if there is one. If there is no such child, append them all to target.

   If position is an ASCII case-insensitive match for the string "beforeend"

   Append all the new children nodes to target.

   If position is an ASCII case-insensitive match for the string "afterend"

   Insert all the new children nodes immediately after target.

   The new children nodes must be inserted in a manner that preserves their order and fires mutation events as appropriate.

If there are multiple base elements with href attributes, all but the first are ignored.

If there are multiple base elements with target attributes, all but the first are ignored.

The href and target DOM attributes must reflect the respective content attributes of the same name.

The semantics of the protocol used (e.g. HTTP) must be followed when fetching external resources. (For example, redirects must be followed and 404 responses must cause the external resource to not be applied.)

Fetching external resources must delay the load event of the element's document until the task that is queued by the networking task source once the resource has been fetched (defined below) has been run.

The task that is queued by the networking task source once the resource has been fetched must, if the loads were successful, queue a task to fire a simple event called load at the link element; otherwise, if the resource or one of its subresources failed to completely load for any reason (e.g. DNS error, HTTP 404 response, a connection being prematurely closed, unsupported Content-Type), it must instead queue a task to fire a simple event called error at the link element. Non-network errors in processing the resource or its subresources (e.g. CSS parse errors, PNG decoding errors) are not failures for the purposes of this paragraph.

The task source for these tasks is the DOM manipulation task source.

Interactive user agents should provide users with a means to follow the hyperlinks created using the link element, somewhere within their user interface. The exact interface is not defined by this specification, but it should include the following information (obtained from the element's attributes, again as defined below), in some form or another (possibly simplified), for each hyperlink created with each link element in the document:

• The relationship between this document and the resource (given by the rel attribute)
• The title of the resource (given by the title attribute).
• The address of the resource (given by the href attribute).
• The language of the resource (given by the hreflang attribute).
• The optimum media for the resource (given by the media attribute).

User agents may also include other information, such as the type of the resource (as given by the type attribute).

If the link is a hyperlink then the media attribute is purely advisory, and describes for which media the document in question was designed.

However, if the link is an external resource link, then the media attribute is prescriptive. The user agent must apply the external resource to views while their state match the listed media and the other relevant conditions apply, and must not apply them otherwise.

The external resource might have further restrictions defined within that limit its applicability. For example, a CSS style sheet might have some @media blocks. This specification does not override such further restrictions or requirements.

User agents must not consider the type attribute authoritative — upon fetching the resource, user agents must not use the type attribute to determine its actual type. Only the actual type (as defined in the next paragraph) is used to determine whether to apply the resource, not the aforementioned assumed type.

If the external resource link type defines rules for processing the resource's Content-Type metadata, then those rules apply. Otherwise, if the resource is expected to be an image, user agents may apply the image sniffing rules, with the official type being the type determined from the resource's Content-Type metadata, and use the resulting sniffed type of the resource as if it was the actual type. Otherwise, if neither of these conditions apply or if the user agent opts not to apply the image sniffing rules, then the user agent must use the resource's Content-Type metadata to determine the type of the resource. If there is no type metadata, but the external resource link type has a default type defined, then the user agent must assume that the resource is of that type.

The stylesheet link type defines rules for processing the resource's Content-Type metadata.

Once the user agent has established the type of the resource, the user agent must apply the resource if it is of a supported type and the other relevant conditions apply, and must ignore the resource otherwise.

<link rel="stylesheet" href="A" type="text/plain">
<link rel="stylesheet" href="B" type="text/css">
<link rel="stylesheet" href="C">

Some versions of HTTP defined a Link: header, to be processed like a series of link elements. If supported, for the purposes of ordering links defined by HTTP headers must be assumed to come before any links in the document, in the order that they were given in the HTTP entity header. (URIs in these headers are to be processed and resolved according to the rules given in HTTP; the rules of this specification don't apply.) [HTTP] [RFC2068]

The DOM attributes href, rel, media, hreflang, and type, and sizes each must reflect the respective content attributes of the same name.

The DOM attribute relList must reflect the rel content attribute.

The name DOM attribute must reflect the content attribute of the same name. The DOM attribute httpEquiv must reflect the content attribute http-equiv.

Conformance checkers must use the information given on the WHATWG Wiki MetaExtensions page to establish if a value not explicitly defined in this specification is allowed or not. When an author uses a new type not defined by either this specification or the Wiki page, conformance checkers should offer to add the value to the Wiki, with the details described above, with the "proposal" status.

When a meta element is inserted into the document, if its http-equiv attribute is present and represents one of the above states, then the user agent must run the algorithm appropriate for that state, as described in the following list: