HTML

Living Standard — Last Updated 7 17 September 2022

1. 1. 7.11 7.4 Browsing the web Navigation and session history
      1. 7.11.1 7.4.1 Navigating across documents Session history
         1. 7.11.2 7.4.1.1 Page load processing model for HTML files Session history entries
         2. 7.11.3 7.4.1.2 Page load processing model for XML files Document state
         3. 7.11.4 7.4.1.3 Page load processing model for text files Centralized modifications of session history
         4. 7.11.5 7.4.1.4 Page load processing model for multipart/x-mixed-replace resources Low-level operations on session history
      2. 7.11.6 7.4.2 Page load processing model for media Navigation
         1. 7.11.7 7.4.2.1 Page load processing model for content that uses plugins Supporting concepts
         2. 7.11.8 7.4.2.2 Page load processing model for inline content that doesn't have a DOM Beginning navigation
         3. 7.4.2.3 Ending navigation
            1. 7.4.2.3.1 Cross-document navigations
            2. 7.11.9 7.4.2.3.2 Navigating to a fragment Fragment navigations
            3. 7.11.10 7.4.2.3.3 History traversal Non-fetch schemes and external software
         4. 7.11.10.1 7.4.2.4 Persisted Preventing navigation
      3. 7.4.3 Reloading and traversing
      4. 7.4.4 Non-fragment synchronous "navigations"
      5. 7.4.5 Populating a session history entry state
         1. 7.11.10.2 7.4.5.1 The PopStateEvent interface usual case
         2. 7.11.10.3 7.4.5.2 The HashChangeEvent javascript: interface URL special case
      6. 7.11.10.4 7.4.6 The PageTransitionEvent interface Applying the history step
         1. 7.11.11 7.4.6.1 Loading documents Updating the traversable
         2. 7.11.12 7.4.6.2 Unloading documents Updating the document
         3. 7.4.6.3 Scrolling to a fragment
         4. 7.11.12.1 7.4.6.4 Persisted history entry state

7.4 Navigation and session history

Welcome to the dragon's maw. Navigation, session history, and the traversal through that session history are some of the most complex parts of this standard.

The BeforeUnloadEvent basic concept may not seem so difficult:

• The user is looking at a navigable that is presenting its active document . They navigate it to another URL .

• The browser fetches the given URL from the network, using it to populate a new session history entry with a newly- created Document .

• The browser updates the navigable 's active session history entry to the newly-populated one, and thus updates the active document that it is showing to the user.

• At some point later, the user presses the browser back button to go back to the previous session history entry .

• The browser looks at the URL stored in that session history entry , and uses it to re-fetch and populate that entry's document .

• The browser again updates the navigable 's active session history entry .

You can see some of the intertwined complexity peeking through here, in how traversal can cause a navigation (i.e., a network fetch to a stored URL), and how a navigation necessarily needs to interface with the session history list to ensure that when it finishes the user is looking at the right thing. But the real problems come in with the various edge cases and interacting web platform features:

• Nested navigables (e.g., iframe s) can also navigate and traverse, but those navigations need to be linearized into a single session history list since the user only has a single back/forward interface for the entire traversable navigable (e.g., browser tab).

• Since the user can traverse back more than a single step in the session history (e.g., by holding down their back button), they can end up traversing multiple navigables at the same time when nested navigables are involved. This needs to be synchronized across all of the involved navigables, which might involve multiple event loops or event agent clusters .

• During navigation, servers can respond with 204 or 205 status codes or with ` Content-Disposition: attachment ` headers, which cause navigation to abort and the navigable to stay on its original active document . (This is much worse if it happens during a traversal-initiated navigation!)

• Various other HTTP headers, such as ` Location `, ` Refresh `, ` X-Frame-Options `, and those for Content Security Policy, contribute to either the fetching process , or the Document -creation process , or both. The ` Cross-Origin-Opener-Policy ` header even contributes to the browsing context selection and creation process!

• Some navigations (namely fragment navigations and single-page app navigations ) are synchronous, meaning that JavaScript code expects to observe the navigation's results instantly. This then needs to be synchronized with the view of the session history that all other navigables in the tree see, which can be subject to race conditions and necessitate resolving conflicting views of the session history.

• The platform has accumulated various exciting navigation-related features that need special-casing, such as javascript: URLs, srcdoc iframe s, and the beforeunload event.

In what follows, we have attempted to guide the reader through these complexities by appropriately cordoning them off into labeled sections and algorithms, and giving appropriate words of introduction where possible. Nevertheless, if you wish to truly understand navigation and session history, the usual advice will be invaluable.

7.11.13 7.4.1 Aborting Session history

7.4.1.1 Session history entries

A session history entry is a struct with the following items :

• step , a non-negative integer or " pending ", initially " pending ".

• URL , a URL

• document load state , a document state .

• serialized state , which is serialized state or null, initially null..

• scroll restoration mode , a scroll restoration mode , initially " auto ".

• scroll position data , which is scroll position data for the document 's restorable scrollable regions .

• persisted user state , which is implementation-defined , initially null

  For example, some user agents might want to persist the values of form controls.

  User agents that persist the value of form controls are encouraged to also persist their directionality (the value of the element's dir attribute). This prevents values from being displayed incorrectly after a history traversal when the user had originally entered the values with an explicit, non-default directionality.

To get a session history entry 's document , return its document state 's document .

Serialized state is a serialization (via StructuredSerializeForStorage ) of an object representing a user interface state. We sometimes informally refer to "state objects", which are the objects representing user interface state supplied by the author, or alternately the objects created by deserializing (via StructuredDeserialize ) serialized state.

Pages can add serialized state to the session history. These are then deserialized and returned to the script when the user (or script) goes back in the history, thus enabling authors to use the "navigation" metaphor even in one-page applications.

A scroll restoration mode indicates whether the user agent should restore the persisted scroll position (if any) when traversing to an entry . A scroll restoration mode is one of the following:

" auto "

The user agent is responsible for restoring the scroll position upon navigation.

" manual "

The page is responsible for restoring the scroll position and the user agent does not attempt to do so automatically

7.11.14 7.4.1.2 Document state

Document state holds state inside a session history entry regarding how to present and, if necessary, recreate, a Document . It has:

• A document , a Document or null, initially null.

  When a history entry is active , it has a Document in its document state . However, when a Document is not fully active , it's possible for it to be destroyed to free resources. In such cases, this document item will be nulled out. The ` URL and other data in the session history entry and document state is then used to bring a new Document into being to take the place of the original, in the case where the user agent finds itself having to traverse to the entry.

  If the Document is not destroyed , then during history traversal , it can be reactivated . The cache in which browsers store such Document s is often called a back-forward cache , or bfcache (or perhaps "blazingly fast" cache).

• A history policy container , a policy container or " X-Frame-Options client ", initially " client ".

• A request referrer , which is " no-referrer ", " client ", or a URL , initially " client ".

• A request referrer policy , which is a referrer policy , initially the default referrer policy .

  The request referrer policy is distinct from the history policy container 's referrer policy . The former is used for fetches of this document, whereas the latter controls fetches by this document.

• An origin , which is an origin or null, initially null.

  This is the origin that we set " about: "-schemed Document s' origin to. We store it here because it is also used when restoring these Document s during traversal, since they are reconstructed locally without visiting the network. It is also used to compare the origin before and after the session history entry is repopulated . If the origins change, the navigable target name is cleared.

• Nested histories , a list of nested histories , initially an empty list .

• A resource , a string, POST resource or null, initially null.

  A string is treated as HTML. It's used to store the source of an iframe srcdoc document .

• A reload pending boolean, initially false.

• An ever populated boolean, initially false.

• A navigable target name string, initially the empty string.

User agents may destroy the documents of document states with non-null documents , as long as the Document is not fully active .

Apart from that restriction, this standard does not specify when user agents should destroy the document stored in a document state , versus keeping it cached.

A POST resource has:

• A request body , a byte sequence or failure.

  This is only ever accessed in parallel , so it doesn't need to be stored in memory. However, it must return the same byte sequence each time. If this isn't possible due to resources changing on disk, or if resources can no longer be accessed, then this must be set to failure.

• A request content-type , which is ` header application/x-www-form-urlencoded `, ` multipart/form-data `, or ` text/plain `.

A nested history has:

• An id , a unique internal value .

  This is used to associate the nested history with a navigable .

• Entries , a list of session history entries .

This will later contain ways to identify a nested navigable across reloads.

Several contiguous entries in a session history can share the same document state . This can occur when the initial entry is reached via normal navigation , and the following entry is added via history.pushState() . Or it can occur via navigation to a fragment .

All entries that share the same document state (and that are therefore merely different states of one particular document) are contiguous by construction.

A Document has a latest entry , a session history entry or null.

This is the entry that was most recently represented by a given Document . A single Document can represent many session history entries over time, as many contiguous session history entries can share the same document state as explained above.

7.11.15 7.4.1.3 Centralized modifications of session history

To maintain a single source of truth, all modifications to a traversable navigable 's session history entries need to be synchronized. This is especially important due to how session history is influenced by all of the descendant navigables , and thus by multiple event loops . To accomplish this, we use the session history traversal parallel queue structure.

A session history traversal parallel queue is very similar to a parallel queue . It has an algorithm set , an ordered set .

The ` items in a session history traversal parallel queue 's algorithm set are either algorithm steps, or synchronous navigation steps , which are a particular brand of algorithm steps involving a target navigable (a navigable ).

To append session history traversal steps to a traversable navigable traversable given algorithm steps steps , append steps to traversable 's session history traversal queue 's algorithm set .

To append session history synchronous navigation steps to a traversable navigable traversable given algorithm steps steps and a navigable targetNavigable , append steps as synchronous navigation steps targeting target navigable targetNavigable to traversable 's session history traversal queue 's algorithm set .

To start a new session history traversal parallel queue :

1. Let sessionHistoryTraversalQueue be a new session history traversal parallel queue .

2. Run the following steps in parallel :

   1. While true:

      1. If sessionHistoryTraversalQueue 's algorithm set is empty, then continue .

      2. Let steps be the result of dequeuing from sessionHistoryTraversalQueue 's algorithm set .

      3. Run steps .

3. Return sessionHistoryTraversalQueue .

Synchronous navigation steps are tagged in the algorithm set to allow them to conditionally "jump the queue". This is handled within apply the history step .

history.back();
location.href
=
'#foo';

7.11 7.4.1.4 Browsing Low-level operations on session history

This section contains a miscellaneous grab-bag of operations that we perform throughout the web standard when manipulating session history. The best way to get a sense of what they do is to look at their call sites.

To get session history entries for a navigable , navigable :

1. Let traversable be navigable 's traversable navigable .

2. Assert: This is running within traversable 's session history traversal queue .

3. If navigable is traversable , return traversable 's session history entries .

4. Let docStates be an empty ordered set of document states .

5. For each entry of traversable 's session history entries , append entry 's document state to docStates .

6. For each docState of docStates :

   1. For each nestedHistory of docState 's nested histories :

      1. If nestedHistory 's id equals navigable 's id , return nestedHistory 's entries .

      2. For each entry of nestedHistory 's entries , append entry 's document state to docStates .

7. Assert: This step is not reached.

To clear the forward session history of a traversable navigable navigable :

1. Assert: This is running within navigable 's session history traversal queue .

2. Let step be the navigable 's current session history step .

3. Let entryLists be the ordered set « navigable 's session history entries ».

4. For each entryList of entryLists :

   1. Remove every session history entry from entryList that has a step greater than step .

   2. For each entry of entryList :

      1. For each nestedHistory of entry 's document state 's nested histories , append nestedHistory 's entries list to entryLists .

To get all used history steps that are part of traversable navigable traversable :

1. Assert: This is running within traversable 's session history traversal queue .

2. Let steps be an empty ordered set of non-negative integers.

3. Let entryLists be the ordered set « traversable 's session history entries ».

4. For each entryList of entryLists :

   1. For each entry of entryList :

      1. Append entry 's step to steps .

      2. For each nestedHistory of entry 's document state 's nested histories , append nestedHistory 's entries list to entryLists .

5. Return steps , sorted .

To apply pending history changes to a traversable navigable traversable with optional boolean checkForUserCancelation (default false):

1. Let targetStep be traversable 's current session history step .

2. Apply the history step targetStep to traversable with checkForUserCancelation set to checkForUserCancelation .

7.11.1 7.4.2 Navigating across documents Navigation

Certain actions cause the browsing context a navigable to navigate to a new resource. A user agent may provide various ways for the user to explicitly cause a browsing context to navigate, in addition to those defined in this specification.

For example, following a hyperlink , form submission , and the window.open() and location.assign() methods can all cause a browsing context navigation.

7.4.2.1 Supporting concepts

Before we can jump into the navigation algorithm itself, we need to establish several important structures that uses HTTP POST would also have it uses.

The source snapshot params struct is used to capture data from a Document initiating a navigation. It is snapshotted at the HTTP method beginning of a navigation and payload. Similarly, used throughout the navigation's lifetime. It has the following items :

has transient activation

a boolean

sandboxing flags

a sandboxing flag set

allows downloading

a boolean

fetch client

an iframe srcdoc environment settings object , only to be used as a request client

origin

an origin

source policy container

a policy container

To snapshot source snapshot params given a Document document sourceDocument , return a new source snapshot params needs to know with

has transient activation

true if sourceDocument 's relevant global object has transient activation ; otherwise false

sandboxing flags

sourceDocument 's active sandboxing flag set

allows downloading

false if sourceDocument 's active sandboxing flag set has the sandboxed downloads browsing context flag set; otherwise true

fetch client

sourceDocument 's relevant settings object

origin

sourceDocument 's origin

source policy container

sourceDocument 's policy container

The target snapshot params struct is used to capture data from a navigable being navigated. Like source snapshot params , it is snapshotted at the beginning of a navigation and used throughout the navigation's lifetime. It has the following items :

sandboxing flags

a sandboxing flag set

To snapshot target snapshot params given a navigable targetNavigable , return a new target snapshot params with sandboxing flags set to use. the result of determining the creation sandboxing flags given targetNavigable 's active browsing context and targetNavigable 's container .

Much of the navigation process is concerned with determining how to create a new Document , which ultimately happens in the create and initialize a Document object algorithm. The parameters to this that algorithm are tracked via a navigation params struct , which has the following items :

id

null or a navigation id ID

request

null or a request that started the navigation

response

a response that ultimately was navigated to (potentially a network error )

origin

an origin to use for the new Document

policy container

a policy container to use for the new Document

final sandboxing flag set

a sandboxing flag set to impose on the new Document

cross-origin opener policy

a cross-origin opener policy to use for the new Document

COOP enforcement result

a cross-origin opener policy enforcement result , used for reporting and potentially for causing a browsing context group switch

reserved environment

null or an environment reserved for the new Document

browsing context navigable

the browsing context navigable to be navigated (or discarded, if a browsing context group switch occurs)

history handling navigation timing type

a history handling behavior NavigationTimingType used for creating the navigation timing entry for the new Document

has cross-origin redirects

a boolean

process response end of body

an algorithm expecting a response

commit early hints

null or an algorithm accepting a Document , once it has been created

Once a navigation params struct is created, this standard does not mutate any of its items . They are only passed onward to other algorithms.

A navigation ID is a UUID string generated during navigation. It is used to interface with the WebDriver BiDi specification as well as to track the ongoing navigation . [WEBDRIVERBIDI]

After Document creation, the relevant traversable navigable 's session history gets updated. A history handling behavior is used to track the desired type of session history update throughout the navigation process. It is one of the following:

" default push "

A regular navigation which adds a new entry to the session history. " entry update " A navigation to an existing session history entry to recreate that entry's document , which was previously discarded . " reload " A navigation intended to reload the current page and replace will clear the current forward session history entry .

" replace "

A non-reload navigation that will replace the current active session history entry .

7.4.2.2 Beginning navigation

Each navigable has a an ongoing navigation id , which is a unique string. navigation ID , " traversal ", or null, initially null. It is used to track navigation aborting and to prevent any navigations from taking place during traversal .

To navigate a browsing context navigable browsingContext navigable to a resource URL resource url using a Document sourceDocument , with an optional POST resource or string documentResource (default null), an optional response response (default null), an optional boolean exceptionsEnabled (default false), an optional history handling behavior historyHandling (default " default push "), an optional policy container -or-null historyPolicyContainer (default null), an optional string navigationType cspNavigationType (default " other "), an optional navigation id referrer policy navigationId referrerPolicy (default null), the empty string), and an optional processResponseEndOfBody , which is an algorithm receiving a response (default an algorithm that does nothing):

1. If resource is a URL , then set Let resource sourceSnapshotParams to a new request whose URL be the result of snapshotting source snapshot params is given resource sourceDocument .

2. If resource is a request and historyHandling is " reload ", then set resource sourceDocument 's reload-navigation flag . If the source browsing context node navigable is not allowed by sandboxing to navigate browsingContext navigable given and sourceSnapshotParams , then:

   1. If exceptionsEnabled is given and is true, then throw a " SecurityError " DOMException .

   2. Otherwise, the user agent may instead offer to open resource in a new top-level browsing context or in the top-level browsing context of the source browsing context , at the user's option, in which case the user agent must navigate that designated top-level browsing context to resource as if the user had requested it independently. Doing so, however, can be dangerous, as it means that the user is overriding the author's explicit request to sandbox the content. Return.

3. If Let navigationId is null: be the result of generating a random UUID . [UUID]

4. historyHandling is " reload If the surrounding agent ", and is equal to browsingContext navigable 's active document 's relevant agent , then continue these steps. Otherwise, queue a global task on the navigation id and traversal task source is not null, let given navigationId navigable be 's active window to continue these steps.

   We do this because we are about to look at a lot of properties of browsingContext navigable 's active document 's navigation id , which are in theory only accessible over in the appropriate event loop . Otherwise let navigation id (But, we do not want to unconditionally queue a task, since — for example — same-event-loop fragment navigations need to take effect synchronously.)

   Another implementation strategy would be to replicate the result of generating relevant information across event loops, or into a random UUID . [UUID] canonical "browser process", so that it can be consulted without queueing a task. This could give different results than what we specify here in edge cases, where the relevant properties have changed over in the target event loop but not yet been replicated. Further testing is needed to determine which of these strategies best matches browser behavior, in such racy edge cases.

5. If browsingContext navigable 's active document 's unload counter is greater than 0, then invoke WebDriver BiDi navigation failed with a WebDriver BiDi navigation status whose id is navigationId , status is " canceled ", and url is resource 's url , , and return.

6. If historyHandling is " default ", and any of the following are true:

   browsingContext is still on its initial about:blank Document

   • resource url is a request whose URL equals browsingContext navigable 's active document 's URL ;

   • resource url is a request whose URL 's scheme is " javascript " "; or

   • navigable 's active document 's is initial about:blank is true

   then set historyHandling to " replace ".

7. If all of the following are true:

   • historyHandling documentResource is not " null;

   • reload

     ", resource response is a request , null;

   • resource url 's URL equals browsingContext navigable 's active document session history entry 's URL with exclude fragments set to true, true; and

   • resource url 's URL 's fragment is non-null, non-null

   then:

   1. Navigate to a fragment given browsingContext navigable , resource 's URL , url , historyHandling , and navigationId .

   2. Return.

8. Let If incumbentNavigationOrigin navigable be the origin of the incumbent settings object , or if no script was involved, the origin 's parent of the node document is non-null, then set navigable 's is delaying load events of the element that initiated the navigation . to true.

9. Let initiatorPolicyContainer targetBrowsingContext be a clone of the source browsing context navigable 's active document 's policy container browsing context .

10. If resource is a request , then set Let resource targetSnapshotParams 's policy container be the result of snapshotting target snapshot params to given initiatorPolicyContainer navigable .

11. Cancel any preexisting but not yet mature Invoke WebDriver BiDi navigation started attempt to navigate with browsingContext targetBrowsingContext , including canceling any instances of the fetch algorithm started by those attempts. If one of those attempts has already created and initialized a new WebDriver BiDi navigation status whose id is navigationId , url is url , and status is " pending ".

12. If navigable 's ongoing navigation is " Document traversal object , abort ", then:

    1. Invoke WebDriver BiDi navigation failed that with targetBrowsingContext and a new WebDriver BiDi navigation status whose id is navigationId , status is " Document canceled also. (Navigation ", and url is url .

    2. Return.

    Any attempts to navigate a navigable that have matured is currently traversing already have session history entries, and are therefore handled during the update ignored.

13. Set navigable 's ongoing navigation to navigationId .

    This will have the session history with effect of aborting other ongoing navigations of navigable , since at certain points during navigation changes to the new page ongoing navigation algorithm, later.) will cause further work to be abandoned.

14. In parallel , run these steps:

    1. Let unloadPromptResult be the result of calling prompt to unload checking if unloading is user-canceled with the for navigable 's active document of browsingContext . If this instance of the navigation algorithm gets canceled while this step is running, the prompt to unload algorithm must nonetheless be run to completion. 's inclusive descendant navigables .

    2. If unloadPromptResult is " refuse ", then return or navigable 's ongoing navigation is no longer navigationId , then:

       1. Invoke WebDriver BiDi navigation failed with targetBrowsingContext and a new WebDriver BiDi navigation status whose id is navigationId and , status is " canceled ". ", and url is url .

       2. Abort these steps.

    3. Queue a global task on the navigation and traversal task source given navigable 's active document window to abort of browsingContext . navigable 's active document .

    4. If Let browsingContext documentState is be a child browsing context , then put it in the delaying load events mode . new document state with

       The user agent must take this child browsing context

       request referrer policy out of the delaying load events mode

       referrerPolicy

       resource when this navigation

       documentResource

       navigable target name algorithm

       navigable 's target name

       The navigable target name can get cleared under various conditions later matures , or when it terminates (whether due to having run all in the steps, or being canceled, or being aborted), whichever happens first. navigation process, before the document state is finalized.

    5. Let If sandboxFlags url be the result of determining the creation sandboxing flags is about:blank given , then set browsingContext documentState and 's origin to browsingContext sourceSnapshotParams 's container origin .

    6. Let Otherwise, if allowedToDownload url be the result of running the allowed to download is about:srcdoc algorithm given the source browsing context , then set documentState 's origin and to browsingContext . navigable 's parent 's active document 's origin .

    7. Let hasTransientActivation historyEntry be true if a new session history entry , with its URL set to url and its document state set to documentState .

    8. If url 's scheme is " javascript ", then queue a global task on the DOM manipulation task source browsing context given navigable 's active window has transient activation ; otherwise false. to run these steps:

       1. Invoke WebDriver BiDi navigation started Populate a history entry's document by evaluating a javascript: URL with for browsingContext historyEntry , given navigable , sourceSnapshotParams , cspNavigationType , and url .

       2. Queue a new WebDriver BiDi navigation status task on the navigable 's traversable whose id 's session history traversal queue is to finalize a cross-document navigation with navigationId navigable , url is resource 's url , historyHandling , and status historyEntry .

       3. Return.

       So for example a javascript: URL is " in an pending href ". attribute of an Return, and continue running these steps a element would only be evaluated when the link was followed , while such a URL in parallel . This is the step src attribute of an iframe element would be evaluated in the context of the iframe 's nested navigable 's active window when the iframe is being set up. Once evaluated, its return value (if it was a string) would replace that attempts to obtain resource , if necessary. Jump to navigable 's active document , thus also changing the first appropriate substep: corresponding Window object.

    9. Let navigationParams be null.

    10. If resource response is non-null:

        The navigate algorithm is only supplied with a response as part of the object and embed processing models, or for processing parts of multipart/x-mixed-replace responses after the initial response.

        1. Assert: Let browsingContext policyContainer is not be the result of determining navigation params policy container given response 's URL , null, a top-level browsing context . clone of the sourceDocument 's policy container , navigable 's container document 's policy container , and null.

        2. Let finalSandboxFlags be the union of browsingContext targetSnapshotParams 's sandboxing flags and resource policyContainer 's forced CSP list 's CSP-derived sandboxing flag set flags .

        3. Let responseOrigin be the result of determining the origin given browsingContext , resource response 's url URL , finalSandboxFlags , and incumbentNavigationOrigin . sourceSnapshotParams 's origin , and null.

        4. Let coop be a new cross-origin opener policy .

        5. Let coopEnforcementResult be a new cross-origin opener policy enforcement result whose needs a browsing context group switch is false, would need a browsing context group switch due to report-only is false, url is resource response 's url URL , origin is responseOrigin , cross-origin opener policy is coop , and current context is navigation source is false.

        6. Let Set policyContainer navigationParams be the result of determining to a new navigation params , with

           id

           navigationId

           request

           null

           response

           response

           origin

           responseOrigin

           policy container

           policyContainer

           final sandboxing flag set

           finalSandboxFlags

           cross-origin opener policy

           coop

           COOP enforcement result

           coopEnforcementResult

           reserved environment

           null

           navigable

           navigable

           navigation timing type

           " navigate "

           has cross-origin redirects

           false

           process response end of body

           processResponseEndOfBody

           commit early hints

           null

    11. Attempt to populate the history entry's document for historyEntry , given resource navigable , " navigate ", sourceSnapshotParams , targetSnapshotParams , navigationId , navigationParams , cspNavigationType , with allowPOST set to true, processResponseEndOfBody set to processResponseEndOfBody , and completionSteps set to the following steps:

        1. Queue a task on the navigable 's url , traversable 's session history traversal queue to finalize a cross-document navigation given historyPolicyContainer navigable , initiatorPolicyContainer historyHandling , and browsingContext historyEntry .

7.4.2.3 Ending navigation

Although a cross-document navigation will first foray into populating a session history entry with a Document , all navigations that don't get aborted will ultimately end up calling into one of the below algorithms.

7.4.2.3.1 Cross-document navigations

To finalize a cross-document navigation given a navigable navigable , history handling behavior historyHandling , and session history entry historyEntry :

1. Set navigable 's is delaying load events to false.

2. If historyEntry 's document is null, then return.

   This means that attempting to populate the history entry's document ended up not creating a document, as a result of e.g., the navigation being canceled by a subsequent navigation, a 204 No Content response, etc.

3. Assert: This algorithm is running on navigable 's traversable navigable's session history traversal queue .

4. If all of the following are true:

   • navigable 's parent is null;

   • historyEntry 's document 's browsing context is not an auxiliary browsing context whose disowned is false; and

   • historyEntry 's document 's origin is not navigable 's active document 's policy container , origin

   then set historyEntry 's document state 's navigable target name to the empty string.

5. Let entryToReplace be navigable 's active session history entry if historyHandling is " replace ", otherwise null.

6. Let traversable be navigable 's traversable navigable .

7. Let targetStep be null.

8. Let targetEntries be the result of getting session history entries for navigable .

9. If entryToReplace is null, then:

   1. Clear the forward session history of traversable .

   2. Set targetStep to traversable 's current session history step + 1.

   3. Set historyEntry 's step to targetStep .

   4. Append historyEntry to targetEntries .

   Otherwise:

   1. Replace entryToReplace with historyEntry in targetEntries .

   2. Set historyEntry 's step to entryToReplace 's step .

   3. Set targetStep to traversable 's current session history step .

10. Apply the history step targetStep to traversable .

7.4.2.3.2 Fragment navigations

To navigate to a fragment given a navigable navigable , a URL url , a history handling behavior historyHandling , and a navigation ID navigationId :

1. Let historyEntry be a new session history entry , with

   URL

   url

   document state

   navigable 's active session history entry 's document state

   serialized state

   StructuredSerializeForStorage (null)

   scroll restoration mode

   navigable 's active session history entry 's scroll restoration mode

2. Let entryToReplace be navigable 's active session history entry if historyHandling is " replace ", otherwise null.

3. Let navigationParams history be navigable 's active document 's history object .

4. Let scriptHistoryIndex be history 's index .

5. Let scriptHistoryLength be history 's length .

6. If historyHandling is " push ", then:

   1. Set history 's state to null.

   2. Increment scriptHistoryIndex .

   3. Set scriptHistoryLength to scriptHistoryIndex + 1.

7. Set navigable 's active session history entry to historyEntry .

8. Update document for history step application given navigable 's active document , historyEntry , true, scriptHistoryIndex , and scriptHistoryLength .

   This algorithm will be called twice as a result of a single fragment navigation: once synchronously, where best-guess values scriptHistoryIndex and scriptHistoryLength are set, history.state is nulled out, and various events are fired; and once asynchronously, where the final values for index and length are set, history.state remains untouched, and no events are fired.

9. Scroll to the fragment given navigable 's active document .

   If the scrolling fails because the Document is new and the relevant ID has not yet been parsed, then the second asynchronous call to update document for history step application will take care of scrolling.

10. Let traversable be navigable 's traversable navigable .

11. Append the following session history synchronous navigation steps involving navigable to traversable :

    1. Finalize a same-document navigation params given traversable , navigable , historyEntry , and entryToReplace .

    2. Invoke WebDriver BiDi fragment navigated with navigable 's active browsing context and a new WebDriver BiDi navigation status whose id is navigationId , request url is null, response resource 's url , and status is " complete ".

To finalize a same-document navigation given a traversable navigable resource traversable , origin a navigable targetNavigable , a session history entry targetEntry , and session history entry -or-null entryToReplace :

This is used by both fragment navigations and by the URL and history update steps , which are the only synchronous updates to session history. By virtue of being synchronous, those algorithms are performed outside of the top-level traversable 's session history traversal queue . This puts them out of sync with the top-level traversable 's current session history step , so this algorithm is used to resolve conflicts due to race conditions.

1. Assert: this algorithm is running on responseOrigin traversable 's session history traversal queue .

2. If targetNavigable 's active session history entry is not targetEntry , policy container then return.

3. Let targetStep be null.

4. Let targetEntries be the result of getting session history entries for targetNavigable .

5. If entryToReplace is null, then:

   1. Clear the forward session history of policyContainer traversable .

   2. Set targetStep to traversable 's current session history step + 1.

   3. Set targetEntry 's step to targetStep .

   4. Append targetEntry to targetEntries .

   Otherwise:

   1. Replace entryToReplace with targetEntry in targetEntries .

   2. Set targetEntry 's step to entryToReplace 's step .

   3. Set targetStep to traversable 's current session history step .

6. Apply the history step targetStep to traversable .

   This is done even for " replace " navigations, as it resolves race conditions across multiple synchronous navigations.

7.4.2.3.3 Non-fetch schemes and external software

To attempt to create a URL scheme document , given a URL url , final a navigable navigable , a sandboxing flag set sandboxFlags , a navigation ID navigationId , a NavigationTimingType navTimingType , and a source snapshot params sourceSnapshotParams :

1. If url is to be handled using a mechanism that does not affect finalSandboxFlags navigable , cross-origin opener policy e.g., because url 's scheme is handled externally, then:

   1. Hand-off to external software given coop url , COOP enforcement navigable , sandboxFlags , and sourceSnapshotParams .

   2. Return null.

2. Handle url by displaying some sort of inline content, e.g., an error message because the specified scheme is not one of the supported protocols, or an inline prompt to allow the user to select a registered handler for the given scheme. Return the result of displaying the inline content is given coopEnforcementResult navigable , reserved environment navigationId , and navTimingType .

   In the case of a registered handler being used, navigate will be invoked with a new URL.

To hand-off to external software given a URL or response resource , a navigable navigable , a sandboxing flag set sandboxFlags , and a source snapshot params sourceSnapshotParams , user agents should:

1. If all of the following conditions hold:

   • navigable is null, not a top-level traversable ;

   • sandboxFlags has its sandboxed custom protocols navigation browsing context flag is set; and

   • browsingContext , history handling sandboxFlags has its sandboxed top-level navigation with user activation browsing context flag is set, or historyHandling , process response end sourceSnapshotParams 's has transient activation is false

   then return without invoking the external software package.

   Navigation inside an iframe toward external software can be seen by users as a new popup or a new top-level navigation. That's why its is allowed in sandboxed iframe only when one of body allow-popups , allow-top-navigation , allow-top-navigation-by-user-activation , or allow-top-navigation-to-custom-protocols is specified.

2. Perform the appropriate handoff of processResponseEndOfBody , resource while attempting to mitigate the risk that this is an attempt to exploit the target software. For example, user agents could prompt the user to confirm that sourceSnapshotParams 's origin is to be allowed to invoke the external software in question. In particular, if sourceSnapshotParams 's has cross-origin redirects transient activation is false, and commit early hints then the user agent should not invoke the external software package without prior user confirmation.

   For example, there could be a vulnerability in the target software's URL handler which a hostile page would attempt to exploit by tricking a user into clicking a link.

7.4.2.4 Preventing navigation is null.

Run A couple of scenarios can intervene early in the navigation process and put the whole thing to a halt. This can be especially exciting when multiple navigables are navigating at the same time, due to a session history traversal.

A navigable source is allowed by sandboxing to navigate response a second navigable with navigationType target , given a source snapshot params allowedToDownload sourceSnapshotParams , if the following steps return true:

1. If hasTransientActivation source is target , then return true.

2. If source is an ancestor of target , then return true.

3. If target is an ancestor of source , then:

   1. If target is not a top-level traversable , then return true.

   2. If sourceSnapshotParams 's has transient activation is true, and navigationParams . sourceSnapshotParams 's sandboxing flags 's sandboxed top-level navigation with user activation browsing context flag is set, then return false.

   3. If sourceSnapshotParams 's has transient activation is false, and sourceSnapshotParams 's sandboxing flags 's sandboxed top-level navigation without user activation browsing context flag is set, then return false.

   4. Return true.

4. If resource target is a request top-level traversable :

   1. If source is the one permitted sandboxed navigator whose URL of target , then return true.

   2. If sourceSnapshotParams 's sandboxing flags 's scheme sandboxed navigation browsing context flag is " set, then return false.

   3. javascript

      Return true.

5. If sourceSnapshotParams 's sandboxing flags 's sandboxed navigation browsing context flag is set, then return false.

6. "

   Return true.

Queue To check if unloading is user-canceled for list of navigables navigables :

1. Let documents be the active document of each item in navigables .

2. Let unloadPromptShown be false.

3. Let unloadPromptCanceled be false.

4. Let totalTasks be the size of documents .

5. Let completedTasks be 0.

6. For each document of documents , queue a global task on the DOM manipulation navigation and traversal task source given browsingContext document 's active window relevant global object to run these the steps:

   1. Increase the document 's unload counter by 1.

   2. Increase the event loop 's termination nesting level by 1.

   3. Let response event be the result of executing a javascript: URL request creating an event given resource , using BeforeUnloadEvent .

   4. Initialize browsingContext , event 's type attribute to beforeunload and incumbentNavigationOrigin . its cancelable attribute true.

   5. Let Dispatch finalSandboxFlags event be at document 's relevant global object .

   6. Decrease the union event loop 's termination nesting level by 1.

   7. If all of the following are true:

      • browsingContext unloadPromptShown 's sandboxing flags and is false;

      • response document 's forced active sandboxing flag set . does not have its sandboxed modals flag set;

      • Let coopEnforcementResult document be a new cross-origin opener policy enforcement result 's relevant global object whose needs a browsing context group switch has sticky activation is false, would need a browsing context group switch due to report-only ;

      • event 's canceled flag is false, url set, or the returnValue attribute of event is not the empty string; and

      • showing an unload prompt is unlikely to be annoying, deceptive, or pointless

      then:

      1. Set resource unloadPromptShown to true.

      2. Invoke WebDriver BiDi user prompt opened with document 's URL relevant global object , origin " beforeunload ", and "".

      3. Ask the user to confirm that they wish to unload the document, and pause while waiting for the user's response.

         The message shown to the user is not customizable, but instead determined by the user agent. In particular, the actual value of the returnValue attribute is ignored.

      4. If the user did not confirm the page navigation, set browsingContext unloadPromptCanceled 's active to true.

      5. Invoke WebDriver BiDi user prompt closed with document 's relevant global object and true if unloadPromptCanceled is false or false otherwise.

   8. Decrease the document 's origin , cross-origin opener policy unload counter by 1.

   9. Increment completedTasks .

7. Wait for completedTasks to be totalTasks .

8. If unloadPromptCanceled is true, then return " refuse ".

9. If browsingContext unloadPromptShown is true, then return " confirm ".

10. Return " no-prompt ".

7.4.3 Reloading and traversing

To reload a navigable navigable :

1. Set navigable 's active session history entry 's document state 's cross-origin opener policy , and current context is navigation source reload pending is false. to true.

2. Let navigationParams traversable be a new navigation params navigable 's traversable navigable .

3. Append the following session history traversal steps whose id to traversable :

   1. Apply pending history changes is to navigationId , request traversable with true.

      It is intentional that the resulting call to apply the history step does not pass sourceSnapshotParams or initiatorToCheck . Reloading is always treated as if it were done by resource , response navigable itself, even in cases like parent.location.reload() .

To traverse the history by a delta given a traversable navigable is response traversable , origin an integer delta , and an optional Document sourceDocument :

1. Let sourceSnapshotParams and initiatorToCheck be null.

2. If sourceDocument is given, then:

   1. Set browsingContext sourceSnapshotParams to the result of snapshotting source snapshot params given sourceDocument .

   2. Set initiatorToCheck to sourceDocument 's active document node navigable .

3. Append the following session history traversal steps to traversable :

   1. Let allSteps be the result of getting all used history steps for traversable .

   2. Let currentStepIndex be the index of traversable 's origin current session history step within allSteps .

   3. Let targetStepIndex be currentStepIndex plus delta .

   4. If allSteps [ targetStepIndex ] does not exist , policy container then abort these steps.

   5. Apply the history step is browsingContext allSteps 's [ targetStepIndex ] to traversable , with checkForUserCancelation set to true, sourceSnapshotParams set to sourceSnapshotParams , and initiatorToCheck set to initiatorToCheck .

7.4.4 Non-fragment synchronous "navigations"

Apart from the navigate algorithm, session history entries can be pushed or replaced via one more mechanism, the URL and history update steps . The most well-known callers of these steps are the history.replaceState() and history.pushState() APIs, but various other parts of the standard also need to perform updates to the active history entry , and they use these steps to do so.

The URL and history update steps , given a Document document , a URL newURL , an optional serialized state -or-null serializedData (default null), and an optional history handling behavior historyHandling (default " replace "), are:

1. Let navigable be document 's policy container node navigable .

2. Let activeEntry be navigable 's active session history entry .

3. Let newEntry be a new session history entry , final sandboxing flag set with

   URL is

   finalSandboxFlags , cross-origin opener policy newURL

   serialized state

   if serializedData is not null, browsingContext serializedData ; otherwise activeEntry 's active serialized state

   document state

   activeEntry 's cross-origin opener policy , COOP enforcement result document state is

   scroll restoration mode

   coopEnforcementResult , reserved environment activeEntry 's scroll restoration mode

   persisted user state

   activeEntry 's persisted user state

4. If document 's is null, browsing context initial about:blank is true, then set browsingContext , history handling historyHandling to " replace is ".

   This means that pushState() on an initial about:blank Document behaves as a replaceState() call.

5. Let entryToReplace be activeEntry if historyHandling , process response end of body is " replace ", otherwise null.

6. If historyHandling is " push ", then:

   1. Increment processResponseEndOfBody , has cross-origin redirects document 's history object 's index .

   2. Set document 's history object 's length to its index + 1.

   These are temporary best-guess values for immediate synchronous access.

7. If serializedData is false, not null, then restore the history object state given document and commit early hints newEntry .

8. Set document 's URL to newURL .

   Since this is null. neither a navigation nor a history traversal , it does not cause a hashchange event to be fired.

9. Run process Set document 's latest entry to newEntry .

10. Set navigable 's active session history entry to newEntry .

11. Let traversable be navigable 's traversable navigable .

12. Append the following session history synchronous navigation steps involving navigable to traversable :

    1. Finalize a navigate response same-document navigation with given navigationType traversable , allowedToDownload navigable , hasTransientActivation newEntry , and navigationParams entryToReplace .

    So for example

Although both fragment navigation and the URL and history update steps perform synchronous history updates, only fragment navigation contains a javascript: synchronous call to update document for history step application . The URL and history update steps in instead perform a few select updates inside the above algorithm, omitting others. This is somewhat of an unfortunate historical accident, and generally leads to web-developer sadness about the inconsistency. For example, this means that href popstate attribute of an events fire for fragment navigations, but not for a history.pushState() element would only be evaluated when calls.

7.4.5 Populating a session history entry

As explained in the link was followed overview , while such both navigation and traversal involve creating a session history entry and then attempting to populate its document member, so that it can be presented inside the navigable .

This process breaks down into two high-level cases: the usual case , and the javascript: URL special case . The usual case involves either using an already-given response , using the srcdoc resource stored in the session history entry , or fetching . The src javascript: attribute case bypasses most of the usual machinery and instead assembles enough information to immediately load an HTML document . Both cases have several failure modes, which can either result in doing nothing (leaving the navigable on its currently- active iframe Document element would be evaluated ) or can result in populating the context of the iframe session history entry with an error document .

7.4.5.1 The usual case 's nested browsing context when

To attempt to populate the history entry's document for a session history entry entry , given a navigable navigable , a iframe NavigationTimingType is being set up. Once evaluated, its return value (if it was navTimingType , a string) would replace that browsing context source snapshot params sourceSnapshotParams , a target snapshot params targetSnapshotParams , an optional navigation ID -or-null navigationId (default null), an optional navigation params -or-null navigationParams (default null), an optional string cspNavigationType (default " other "), an optional boolean allowPOST (default false), optional algorithm steps processResponseEndOfBody (default an empty algorithm), and optional algorithm steps completionSteps (default an empty algorithm):

1. Assert: if navigationParams is non-null, then navigationParams 's response is non-null.

2. Let currentBrowsingContext be navigable 's active document , thus also changing the corresponding browsing context .

3. Window

   Let documentResource be entry 's document state object. 's resource .

4. If navigationParams is null, then:

   1. If resource documentResource is a request whose URL string, then set navigationParams to the result of creating navigation params from a srcdoc resource given entry , navigable , targetSnapshotParams , navigationId , navTimingType , and processResponseEndOfBody .

   2. Otherwise, if both of the following are true:

      • entry 's scheme URL is a fetch scheme ; and

      • documentResource is null, or allowPOST is true and documentResource 's request body is not failure

      Run process a navigate fetch then set navigationParams to the result of creating navigation params by fetching given entry , navigable , sourceSnapshotParams , targetSnapshotParams , cspNavigationType , navigationId , resource navTimingType , and processResponseEndOfBody .

5. Queue a global task on the networking task source browsing context , given browsingContext , navigable 's active window , to run these steps:

   1. If navigationType navigable 's ongoing navigation no longer equals navigationId , then run sandboxFlags completionSteps and return.

   2. Let failure be false.

   3. If navigationParams is null and entry 's URL is not a fetch scheme , then set entry 's document state 's document to the result of running attempt to create a URL scheme document given entry 's URL , navigable , historyPolicyContainer targetSnapshotParams 's sandboxing flags , navigationId , initiatorPolicyContainer navTimingType , and allowedToDownload sourceSnapshotParams .

      The entry 's URL might have been changed within the previous step of this algorithm following an HTTP redirect.

   4. Otherwise, if navigationParams is null, then set failure to true.

   5. Otherwise, if the result of should navigation response to navigation request of type in target be blocked by Content Security Policy? given navigationParams 's request , navigationParams 's response , navigationParams 's policy container 's CSP list , cspNavigationType , and hasTransientActivation currentBrowsingContext is " Blocked ", then set failure to true. [CSP]

   6. Otherwise, if navigationParams 's reserved environment is non-null and the result of checking a navigation response's adherence to its embedder policy given navigationParams 's response , navigable , and incumbentNavigationOrigin navigationParams 's policy container 's embedder policy is false, then set failure to true.

   7. Otherwise, if the result of checking a navigation response's adherence to ` X-Frame-Options ` given navigationParams 's response , navigable , historyHandling navigationParams 's policy container 's CSP list , and navigationParams 's origin is false, then set failure to true.

   8. If failure is true, then:

      1. Set entry 's document state 's document to the result of creating a document for inline content that doesn't have a DOM , given navigable , null, and processResponseEndOfBody navTimingType . Otherwise, The inline content should indicate to the user the sort of error that occurred.

      2. Set resource entry 's document state 's document 's salvageable to false.

      3. If navigationParams is not null, then:

         1. Run processResponseEndOfBody given navigationParams 's response .

         2. Run the environment discarding steps for navigationParams 's reserved environment .

         3. Invoke WebDriver BiDi navigation failed with currentBrowsingContext and a request new WebDriver BiDi navigation status whose id is navigationId , status is " canceled ", and url is navigationParams 's response 's URL .

   9. Otherwise, if navigationParams 's response 's scheme status is neither " 204 or 205, then:

      javascript

      1. Run processResponseEndOfBody given navigationParams 's response .

      2. Run completionSteps .

      3. Return.

   10. Otherwise, if navigationParams 's response has a ` Content-Disposition " nor ` header specifying the attachment disposition type, then:

       1. Let sourceAllowsDownloading be sourceSnapshotParams 's allows downloading .

       2. Let targetAllowsDownloading be false if navigationParams 's final sandboxing flag set has the sandboxed downloads browsing context flag set; otherwise true.

       3. If the result of running allowed to download with sourceAllowsDownloading and targetAllowsDownloading is true, then handle navigationParams 's response as a fetch scheme download .

       4. Invoke WebDriver BiDi download started with currentBrowsingContext and a new WebDriver BiDi navigation status whose id is navigationId , status is " complete ", and url is navigationParams 's response 's URL .

       5. Run process completionSteps .

       6. Return.

   11. Otherwise:

       1. Let document be the result of loading a navigate URL scheme document given resource navigationParams and sourceSnapshotParams .

       2. If document is null, then run completionSteps and return.

       3. Set entry 's URL , document state 's document to browsingContext , document .

       4. Set sandboxFlags , entry 's document state 's origin to document 's origin .

   12. If entry 's document state 's request referrer is " client ", then set it to request 's referrer .

       This ensures that if we traverse back entry and have to refetch, we use the same referrer , instead of deriving the referrer from the fetch client.

   13. If hasTransientActivation entry 's document state 's document is not null, then set entry 's document state 's ever populated to true.

   14. Run completionSteps .

To process create navigation params from a navigate fetch , srcdoc resource given a session history entry entry , a navigable navigable , a target snapshot params targetSnapshotParams , a navigation id ID -or-null navigationId , request a NavigationTimingType request navTimingType , two browsing contexts and an algorithm processResponseEndOfBody :

1. Let documentResource be entry 's document state 's resource .

2. Let sourceBrowsingContext response be a new response whose URL list consists of about:srcdoc , header list consists of (` Content-Type `, ` text/html `), and body is documentResource .

3. Let responseOrigin be the result of determining the origin given response 's URL , targetSnapshotParams 's sandboxing flags , null, and browsingContext , entry 's document state 's origin .

4. Let coop be a string new cross-origin opener policy .

5. Let navigationType coopEnforcementResult be a new cross-origin opener policy enforcement result whose needs a browsing context group switch is false, would need a browsing context group switch due to report-only is false, url is response 's URL , origin is responseOrigin , cross-origin opener policy is coop , and current context is navigation source is false.

6. Let policyContainer be the result of determining navigation params policy container given response 's URL , entry 's document state 's history policy container , null, navigable 's container document 's policy container , and null.

7. Return a new navigation params , with

   id

   navigationId

   request

   null

   response

   response

   origin

   responseOrigin

   policy container

   policyContainer

   final sandboxing flag set

   sandboxFlags , two targetSnapshotParams's sandboxing flags

   cross-origin opener policy containers

   historyPolicyContainer coop and

   COOP enforcement result

   initiatorPolicyContainer coopEnforcementResult

   reserved environment

   null

   navigable

   navigable

   navigation timing type

   navTimingType

   has cross-origin redirects

   false

   process response end of body

   an algorithm that does nothing

   commit early hints

   null

To create navigation params by fetching given a session history entry entry , a boolean navigable allowedToDownload navigable , a boolean source snapshot params hasTransientActivation sourceSnapshotParams , an origin a target snapshot params incumbentNavigationOrigin targetSnapshotParams , a history handling behavior string cspNavigationType , a navigation ID -or-null historyHandling navigationId , and a NavigationTimingType processResponseEndOfBody navTimingType , which is and an algorithm accepting a response : processResponseEndOfBody :

This algorithm mutates entry .

1. Let response documentResource be null. entry 's document state 's resource .

2. Set Let request be a new request , with

   url

   entry 's client URL to

   policy container

   sourceBrowsingContext entry 's active document state 's relevant settings object , history policy container

   client

   sourceSnapshotParams 's fetch client

   destination to

   " document ", mode to " navigate ",

   credentials mode to

   " include ", "

   use-URL-credentials flag ,

   set

   redirect mode to

   " manual ", and "

   replaces client id to

   browsingContext navigable 's active document 's relevant settings object 's id

   mode

   " navigate "

   referrer

   entry 's document state 's request referrer

   referrer policy

   entry 's document state 's request referrer policy

3. If documentResource is a POST resource , then:

   1. Set request 's method to ` POST `.

   2. Set request 's body to documentResource 's request body .

   3. Set ` Content-Type ` to documentResource 's request content-type in request 's header list .

4. If hasTransientActivation entry 's document state 's reload pending is true, then set request 's reload-navigation flag .

5. Otherwise, if entry 's document state 's ever populated is true, then set request 's history-navigation flag .

6. If sourceSnapshotParams 's has transient activation is true, then set request 's user-activation to true.

7. If browsingContext navigable 's container is non-null:

   1. If the browsingContext navigable 's container has a browsing context scope origin , then set request 's origin to that browsing context scope origin .

   2. Set request 's destination to browsingContext navigable 's container 's local name .

8. Let responseOrigin response be null.

9. Let currentContextIsSource responseOrigin be the result of whether browsingContext 's active document is same origin with sourceBrowsingContext 's active document . null.

10. Let coopEnforcementResult be a new cross-origin opener policy enforcement result whose , with

    needs a browsing context group switch is false,

    false

    would need a browsing context group switch due to report-only is false,

    false

    url is

    browsingContext navigable 's active document 's url , URL

    origin is

    browsingContext navigable 's active document 's origin ,

    cross-origin opener policy is

    browsingContext navigable 's active document 's cross-origin opener policy , and

    current context is navigation source

    true if navigable 's active document 's origin is same origin with currentContextIsSource . sourceSnapshotParams 's origin ; otherwise false

11. Let finalSandboxFlags be an empty sandboxing flag set .

12. Let responsePolicyContainer be null.

13. Let responseCOOP be a new cross-origin opener policy .

14. Let locationURL be null.

15. Let currentURL be request 's current URL .

16. Let hasCrossOriginRedirects be false.

17. Let commitEarlyHints be null.

18. While true:

    1. If locationURL is non-null, then: If locationURL 's origin is not the same as currentURL 's origin , then set hasCrossOriginRedirects to true. Set currentURL to locationURL . If request 's reserved client is not null and currentURL 's origin is not the same as request 's reserved client 's creation URL 's origin , then:

       1. Run the environment discarding steps for request 's reserved client .

       2. Set request 's reserved client to null.

       3. Set commitEarlyHints to null.

          Preloaded links from early hint headers remain in the preload cache after a same origin redirect, but get discarded when the redirect is cross-origin.

    2. If request 's reserved client is null, then:

       1. Let topLevelCreationURL be currentURL .

       2. Let topLevelOrigin be null.

       3. If browsingContext navigable is not a top-level browsing context traversable , then:

          1. Let parentEnvironment be browsingContext navigable 's container parent 's active document 's relevant settings object .

          2. Set topLevelCreationURL to parentEnvironment 's top-level creation URL and .

          3. Set topLevelOrigin to parentEnvironment 's top-level origin .

       4. Set request 's reserved client to a new environment whose id is a unique opaque string, target browsing context is browsingContext , navigable 's active browsing context , creation URL is currentURL , top-level creation URL is topLevelCreationURL , and top-level origin is topLevelOrigin .

          The created environment's active service worker is set in the Handle Fetch algorithm during the fetch if the request URL matches a service worker registration. [SW]

    3. If the result of Should should navigation request of type be blocked by Content Security Policy? given request and navigationType cspNavigationType is " Blocked ", then set response to a network error and break . [CSP]

    4. Otherwise:

       If response is null, fetch request , with processEarlyHintsResponse set to the following step given a response earlyResponse : If commitEarlyHints is null, then set commitEarlyHints to the result of processing early hint headers given earlyResponse and request 's reserved client .

    5. Otherwise, perform HTTP-redirect fetch using request and response .

    6. If request 's body is null, then set entry 's document state 's resource to null.

       Fetch unsets the body for particular redirects.

    7. Wait for the task on the networking task source to process response and set response to the result.

       If navigationId is not null, then, while waiting, if navigable 's ongoing navigation changes to no longer equal navigationId , terminate the ongoing fetch with the aborted flag set, and return.

       Upon returning, attempt to populate the history entry's document will detect that this in-flight navigation was canceled and it will be handled accordingly.

    8. Set responsePolicyContainer to the result of creating a policy container from a fetch response given response and request 's reserved client .

    9. Set finalSandboxFlags to the union of browsingContext targetSnapshotParams 's sandboxing flags and response responsePolicyContainer 's forced CSP list 's CSP-derived sandboxing flag set flags .

    10. Let sourceOrigin be entry 's document state 's origin if request 's current URL matches about:blank , and sourceSnapshotParams 's origin otherwise.

    11. Set responseOrigin to the result of determining the origin given browsingContext , request response 's URL , finalSandboxFlags , and incumbentNavigationOrigin . sourceOrigin , and null.

    12. If browsingContext navigable is a top-level browsing context traversable , then:

        1. Set responseCOOP to the result of obtaining a cross-origin opener policy given response and request 's reserved client .

        2. Set coopEnforcementResult to the result of enforcing the response's cross-origin opener policy given browsingContext , navigable 's active browsing context , request 's URL , responseOrigin , responseCOOP , coopEnforcementResult and request 's referrer .

        3. If sandboxFlags is not empty and responseCOOP 's value is not " unsafe-none ", then set response to an appropriate network error and break .

           This results in a network error as one cannot simultaneously provide a clean slate to a response using cross-origin opener policy and sandbox the result of navigating to that response.

    13. If response is not a network error , browsingContext navigable is a child browsing context navigable , and the result of performing a cross-origin resource policy check with browsingContext navigable 's container document 's origin , browsingContext navigable 's container document 's relevant settings object , request 's destination , response , and true is blocked , then set response to a network error and break .

        Here we're running the cross-origin resource policy check against the parent browsing context navigable rather than sourceBrowsingContext . navigable itself. This is because we care about the same-originness of the embedded content against the parent context, not the navigation source.

    14. Set locationURL to response 's location URL given currentURL 's fragment .

    15. If locationURL is failure or null, then break .

    16. Set entry 's URL to locationURL .

    17. Set entry 's serialized state to null.

    18. Let oldDocState be entry 's document state .

    19. Set entry 's document state to a new document state , with request referrer , request referrer policy , resource , ever populated , and navigable target name copied from oldDocState , and the history policy container set to a clone of the oldDocState 's history policy container .

        For the navigation case, only entry referenced oldDocState , so this is functionally just an update to entry 's document state . For the traversal case, it's possible adjacent session history entries also reference oldDocState , in which case they will continue doing so even after we've updated entry 's document state .

        Consider a session history which contains... TODO-DOMENIC: fill out the full example of the traversal case, maybe.

    20. If locationURL is not a URL whose scheme is an HTTP(S) scheme , then break . then:

        1. Set entry 's document state 's resource to null.

        2. Break .

        Navigation handles redirects manually as navigation is the only place in the web platform that cares for redirects to mailto: URLs and such.

    21. If locationURL 's origin is not the same as currentURL 's origin , then set hasCrossOriginRedirects to true.

    22. Set currentURL to locationURL .

    By the end of this loop we will be in one of these scenarios:

    • response is a network error .

    • locationURL is failure, because of an unparseable ` Location ` header.

    • locationURL is null, because we successfully fetched a non- network error HTTP(S) response with no ` Location ` header.

    • locationURL is a URL with a non- HTTP(S) scheme .

19. If locationURL is failure, then set response to a network error . Otherwise, if locationURL is a URL whose scheme is a fetch scheme not null or " javascript ", then set response to is a network error . Otherwise, if locationURL is a URL , then process a navigate URL scheme given locationURL , browsingContext , sandboxFlags , and hasTransientActivation , and return. Let responsePolicyContainer be the result of creating a policy container from a fetch response given response and request 's reserved client . return null.

20. Let resultPolicyContainer be the result of determining navigation params policy container given response 's URL , historyPolicyContainer , entry 's document state 's history policy container , initiatorPolicyContainer , sourceSnapshotParams 's source policy container , null, and responsePolicyContainer .

21. Let navigationParams be Return a new navigation params whose , with

    id is

    navigationId ,

    request is

    request ,

    response is

    response ,

    origin is

    responseOrigin ,

    policy container is

    resultPolicyContainer ,

    final sandboxing flag set is

    finalSandboxFlags ,

    cross-origin opener policy is

    responseCOOP ,

    COOP enforcement result is

    coopEnforcementResult ,

    reserved environment is

    request 's reserved client , browsing context is browsingContext , history handling

    navigable is

    historyHandling , process response end of body navigable

    navigation timing type is

    processResponseEndOfBody , navTimingType

    has cross-origin redirects is

    hasCrossOriginRedirects , and commit early hints is commitEarlyHints . Run process a navigate response with navigationType , allowedToDownload , hasTransientActivation , and navigationParams . To

    process a navigate response , given a string navigationType , a boolean allowedToDownload , a boolean hasTransientActivation , and a navigation params end of body navigationParams :

    Let response be navigationParams processResponseEndOfBody 's response . Let browsingContext be navigationParams 's browsing context .

    commit early hints

    Let failure commitEarlyHints be false.

If response is An element has a network error , then set failure to true. Otherwise, browsing context scope origin if the result of Should navigation response to navigation request of type in target be blocked by Content Security Policy? given navigationParams 's request , response , navigationParams 's policy container 's CSP list , navigationType , and browsingContext is " Blocked ", then set failure to true. [CSP] its Document Otherwise, if navigationParams 's reserved environment node navigable is non-null and the result of checking a navigation response's adherence to its embedder policy given response , browsingContext , and navigationParams 's policy container 's embedder policy top-level traversable is false, then set failure to true. Otherwise, or if the result all of checking a navigation response's adherence to ` X-Frame-Options ` given response , browsingContext , and navigationParams 's origin is false, then set failure to true. If failure is true, then: its Document Call navigationParams 's process response end of body ancestor navigables with response . Display the inline content with an appropriate error shown to all have active documents whose origins are the user same origin given browsingContext . Run as the environment discarding steps element's node document for navigationParams 's reserved environment origin . Invoke WebDriver BiDi navigation failed with browsingContext and If an element has a new WebDriver BiDi navigation status whose id is navigationParams 's id browsing context scope origin , status then its value is " canceled ", and url the origin is response 's URL of the element's node document . Return.

This definition is where the network errors defined broken and propagated by Fetch , such as DNS or TLS errors, end up being displayed needs investigation to users. [FETCH] see what it was intended to express: see issue #4703 .

If response 's status To load a document given navigation params is 204 or 205, then call navigationParams 's process response end of body and source snapshot params with response sourceSnapshotParams , and return. If response has perform the following steps. They return a ` Content-Disposition Document ` header specifying the attachment disposition type, then: or null.

1. If allowedToDownload is true, then handle response as a download . Invoke WebDriver BiDi download started with browsingContext and a new WebDriver BiDi navigation status whose id is navigationParams 's id , status is " complete ", and url is response 's URL . Return. Let type be the computed type of response navigationParams 's response .

2. If the user agent has been configured to process resources of the given type using some mechanism other than rendering the content in a browsing context navigable , then skip this step. Otherwise, if the type is one of the following types, jump to the appropriate entry in the following list, and process response as described there: types:

   an HTML MIME type

   Follow the steps given in Return the result of loading an HTML document section providing , given navigationParams . Once the steps have completed, return.

   an XML MIME type that is not an explicitly supported XML MIME type

   Follow the steps given in Return the result of loading an XML document section providing given navigationParams and type . Once the steps have completed, return.

   a JavaScript MIME type

   a JSON MIME type that is not an explicitly supported JSON MIME type

   " text/css "

   " text/plain "

   " text/vtt "

   Follow the steps given in Return the plain result of loading a text file document section providing given navigationParams and type . Once the steps have completed, return.

   " multipart/x-mixed-replace "

   Follow the steps given in Return the result of loading a multipart/x-mixed-replace section providing document , given navigationParams and sourceSnapshotParams . Once the steps have completed, return.

   A supported image, video, or audio type

   Follow the steps given in Return the result of loading a media document section providing given navigationParams and type . Once the steps have completed, return.

   " application/pdf "

   " text/pdf "

   If the user agent's PDF viewer supported is true, then either follow the steps given in the plugin section providing navigationParams and type , or display return the result of creating a document for inline content that doesn't have a DOM given browsingContext . Once the steps have completed, return. See issue #6003 for discussion on picking one of these two behaviors to standardize. navigationParams 's navigable .

   Otherwise, proceed onward.

   An explicitly supported XML MIME type is an XML MIME type for which the user agent is configured to use an external application to render the content (either a plugin rendering directly in browsingContext , or a separate application), content, or one for which the user agent has dedicated processing rules (e.g., rules. For example, a web browser with a built-in Atom feed viewer would be said to explicitly support the application/atom+xml MIME type), or one for which the user agent has a dedicated handler. type.

   An explicitly supported JSON MIME type is a JSON MIME type for which the user agent is configured to use an external application to render the content (either a plugin rendering directly in browsingContext , or a separate application), content, or one for which the user agent has dedicated processing rules, or one for which rules.

   In both cases, the external application or user agent has a dedicated handler. will either display the content inline directly in navigationParams 's navigable , or hand it off to external software . Both happen in the steps below.

3. If, given type , the new resource is to be handled by displaying some sort of inline content, e.g., a native rendering of the content or an error message because the specified type is not supported, then display return the result of creating a document for inline content that doesn't have a DOM given browsingContext , navigationParams 's navigable , navigationParams 's id , and then return. navigationParams 's navigation timing type .

4. Otherwise, the document's type is such that the resource will not affect browsingContext , navigationParams 's navigable , e.g., because the resource is to be handed to an external application or because it is an unknown type that will be processed as a download . Hand-off to external software given navigationParams 's response , , browsingContext , navigationParams 's navigable , navigationParams 's final sandboxing flag set , and hasTransientActivation sourceSnapshotParams .

5. To process a navigate URL scheme , given a URL url , a browsing context browsingContext , a sandboxing flag set Return null.