HTML

Living Standard — Last Updated 31 October 2022

1. 1. 7.2 APIs related to navigation and session history
      1. 7.2.1 Security infrastructure for Window , WindowProxy , and Location objects
         1. 7.2.1.1 Integration with IDL
         2. 7.2.1.2 Shared internal slot: [[CrossOriginPropertyDescriptorMap]]
         3. 7.2.1.3 Shared abstract operations
            1. 7.2.1.3.1 CrossOriginProperties ( O )
            2. 7.2.1.3.2 CrossOriginPropertyFallback ( P )
            3. 7.2.1.3.3 IsPlatformObjectSameOrigin ( O )
            4. 7.2.1.3.4 CrossOriginGetOwnPropertyHelper ( O , P )
            5. 7.2.1.3.5 CrossOriginGet ( O , P , Receiver )
            6. 7.2.1.3.6 CrossOriginSet ( O , P , V , Receiver )
            7. 7.2.1.3.7 CrossOriginOwnPropertyKeys ( O )
      2. 7.2.2 The Window object
         1. 7.2.2.1 Opening and closing windows
         2. 7.2.2.2 Indexed access on the Window object
         3. 7.2.2.3 Named access on the Window object
         4. 7.2.2.4 Accessing related windows
         5. 7.2.2.5 Historical browser interface element APIs
         6. 7.2.2.6 Script settings for Window objects
      3. 7.2.3 The WindowProxy exotic object
         1. 7.2.3.1 [[GetPrototypeOf]] ( )
         2. 7.2.3.2 [[SetPrototypeOf]] ( V )
         3. 7.2.3.3 [[IsExtensible]] ( )
         4. 7.2.3.4 [[PreventExtensions]] ( )
         5. 7.2.3.5 [[GetOwnProperty]] ( P )
         6. 7.2.3.6 [[DefineOwnProperty]] ( P , Desc )
         7. 7.2.3.7 [[Get]] ( P , Receiver )
         8. 7.2.3.8 [[Set]] ( P , V , Receiver )
         9. 7.2.3.9 [[Delete]] ( P )
         10. 7.2.3.10 [[OwnPropertyKeys]] ( )
      4. 7.2.4 The Location interface
         1. 7.2.4.1 [[GetPrototypeOf]] ( )
         2. 7.2.4.2 [[SetPrototypeOf]] ( V )
         3. 7.2.4.3 [[IsExtensible]] ( )
         4. 7.2.4.4 [[PreventExtensions]] ( )
         5. 7.2.4.5 [[GetOwnProperty]] ( P )
         6. 7.2.4.6 [[DefineOwnProperty]] ( P , Desc )
         7. 7.2.4.7 [[Get]] ( P , Receiver )
         8. 7.2.4.8 [[Set]] ( P , V , Receiver )
         9. 7.2.4.9 [[Delete]] ( P )
         10. 7.2.4.10 [[OwnPropertyKeys]] ( )
      5. 7.2.5 The History interface
      6. 7.2.6 Event interfaces
         1. 7.2.6.1 The PopStateEvent interface
         2. 7.2.6.2 The HashChangeEvent interface
         3. 7.2.6.3 The PageTransitionEvent interface
         4. 7.2.6.4 The BeforeUnloadEvent interface

7.2 APIs related to navigation and session history

7.2.1 Security infrastructure for Window , WindowProxy , and Location objects

Although typically objects cannot be accessed across origins , the web platform would not be true to itself if it did not have some legacy exceptions to that rule that the web depends upon.

This section uses the terminology and typographic conventions from the JavaScript specification. [JAVASCRIPT]

7.2.1.1 Integration with IDL

When perform a security check is invoked, with a platformObject , identifier , and type , run these steps:

1. If platformObject is not a Window or Location object, then return.

2. For each e of CrossOriginProperties ( platformObject ):

   1. If SameValue ( e .[[Property]], identifier ) is true, then:

      1. If type is " method " and e has neither [[NeedsGet]] nor [[NeedsSet]], then return.

      2. Otherwise, if type is " getter " and e .[[NeedsGet]] is true, then return.

      3. Otherwise, if type is " setter " and e .[[NeedsSet]] is true, then return.

3. If IsPlatformObjectSameOrigin ( platformObject ) is false, then throw a " SecurityError " DOMException .

7.2.1.2 Shared internal slot: [[CrossOriginPropertyDescriptorMap]]

Window and Location objects both have a [[CrossOriginPropertyDescriptorMap]] internal slot, whose value is initially an empty map.

The [[CrossOriginPropertyDescriptorMap]] internal slot contains a map with entries whose keys are ( currentGlobal , objectGlobal , propertyKey )-tuples and values are property descriptors, as a memoization of what is visible to scripts when currentGlobal inspects a Window or Location object from objectGlobal . It is filled lazily by CrossOriginGetOwnPropertyHelper , which consults it on future lookups.

User agents should allow a value held in the map to be garbage collected along with its corresponding key when nothing holds a reference to any part of the value. That is, as long as garbage collection is not observable.

For example, with const href = Object.getOwnPropertyDescriptor(crossOriginLocation, "href").set the value and its corresponding key in the map cannot be garbage collected as that would be observable.

User agents may have an optimization whereby they remove key-value pairs from the map when document.domain is set. This is not observable as document.domain cannot revisit an earlier value.

For example, setting document.domain to " example.com " on www.example.com means user agents can remove all key-value pairs from the map where part of the key is www.example.com, as that can never be part of the origin again and therefore the corresponding value could never be retrieved from the map.

7.2.1.3 Shared abstract operations

7.2.1.3.1 CrossOriginProperties ( O )

1. Assert : O is a Location or Window object.

2. If O is a Location object, then return « { [[Property]]: " href ", [[NeedsGet]]: false, [[NeedsSet]]: true }, { [[Property]]: " replace " } ».

3. Return « { [[Property]]: " window ", [[NeedsGet]]: true, [[NeedsSet]]: false }, { [[Property]]: " self ", [[NeedsGet]]: true, [[NeedsSet]]: false }, { [[Property]]: " location ", [[NeedsGet]]: true, [[NeedsSet]]: true }, { [[Property]]: " close " }, { [[Property]]: " closed ", [[NeedsGet]]: true, [[NeedsSet]]: false }, { [[Property]]: " focus " }, { [[Property]]: " blur " }, { [[Property]]: " frames ", [[NeedsGet]]: true, [[NeedsSet]]: false }, { [[Property]]: " length ", [[NeedsGet]]: true, [[NeedsSet]]: false }, { [[Property]]: " top ", [[NeedsGet]]: true, [[NeedsSet]]: false }, { [[Property]]: " opener ", [[NeedsGet]]: true, [[NeedsSet]]: false }, { [[Property]]: " parent ", [[NeedsGet]]: true, [[NeedsSet]]: false }, { [[Property]]: " postMessage " } ».

This abstract operation does not return a Completion Record .

Indexed properties do not need to be safelisted in this algorithm, as they are handled directly by the WindowProxy object.

A JavaScript property name P is a cross-origin accessible window property name if it is " window ", " self ", " location ", " close ", " closed ", " focus ", " blur ", " frames ", " length ", " top ", " opener ", " parent ", " postMessage ", or an array index property name .

7.2.1.3.2 CrossOriginPropertyFallback ( P )

1. If P is " then ", @@toStringTag , @@hasInstance , or @@isConcatSpreadable , then return PropertyDescriptor { [[Value]]: undefined, [[Writable]]: false, [[Enumerable]]: false, [[Configurable]]: true }.

2. Throw a " SecurityError " DOMException .

7.2.1.3.3 IsPlatformObjectSameOrigin ( O )

1. Return true if the current settings object 's origin is same origin-domain with O 's relevant settings object 's origin , and false otherwise.

This abstract operation does not return a Completion Record .

Here the current settings object roughly corresponds to the "caller", because this check occurs before the execution context for the getter/setter/method in question makes its way onto the JavaScript execution context stack . For example, in the code w.document , this step is invoked before the document getter is reached as part of the [[Get]] algorithm for the WindowProxy w .

7.2.1.3.4 CrossOriginGetOwnPropertyHelper ( O , P )

If this abstract operation returns undefined and there is no custom behavior, the caller needs to throw a " SecurityError " DOMException . In practice this is handled by the caller calling CrossOriginPropertyFallback .

1. Let crossOriginKey be a tuple consisting of the current settings object , O 's relevant settings object , and P .

2. For each e of CrossOriginProperties ( O ):

   1. If SameValue ( e .[[Property]], P ) is true, then:

      1. If the value of the [[CrossOriginPropertyDescriptorMap]] internal slot of O contains an entry whose key is crossOriginKey , then return that entry's value.

      2. Let originalDesc be OrdinaryGetOwnProperty ( O , P ).

      3. Let crossOriginDesc be undefined.

      4. If e .[[NeedsGet]] and e .[[NeedsSet]] are absent, then:

         1. Let value be originalDesc .[[Value]].

         2. If IsCallable ( value ) is true, then set value to an anonymous built-in function, created in the current realm , that performs the same steps as the IDL operation P on object O .

         3. Set crossOriginDesc to PropertyDescriptor { [[Value]]: value , [[Enumerable]]: false, [[Writable]]: false, [[Configurable]]: true }.

      5. Otherwise:

         1. Let crossOriginGet be undefined.

         2. If e .[[NeedsGet]] is true, then set crossOriginGet to an anonymous built-in function, created in the current realm , that performs the same steps as the getter of the IDL attribute P on object O .

         3. Let crossOriginSet be undefined.

         4. If e .[[NeedsSet]] is true, then set crossOriginSet to an anonymous built-in function, created in the current realm , that performs the same steps as the setter of the IDL attribute P on object O .

         5. Set crossOriginDesc to PropertyDescriptor { [[Get]]: crossOriginGet , [[Set]]: crossOriginSet , [[Enumerable]]: false, [[Configurable]]: true }.

      6. Create an entry in the value of the [[CrossOriginPropertyDescriptorMap]] internal slot of O with key crossOriginKey and value crossOriginDesc .

      7. Return crossOriginDesc .

3. Return undefined.

This abstract operation does not return a Completion Record .

The reason that the property descriptors produced here are configurable is to preserve the invariants of the essential internal methods required by the JavaScript specification. In particular, since the value of the property can change as a consequence of navigation, it is required that the property be configurable. (However, see tc39/ecma262 issue #672 and references to it elsewhere in this specification for cases where we are not able to preserve these invariants, for compatibility with existing web content.) [JAVASCRIPT]

The reason the property descriptors are non-enumerable, despite this mismatching the same-origin behavior, is for compatibility with existing web content. See issue #3183 for details.

7.2.1.3.5 CrossOriginGet ( O , P , Receiver )

1. Let desc be ? O .[[GetOwnProperty]]( P ).

2. Assert : desc is not undefined.

3. If IsDataDescriptor ( desc ) is true, then return desc .[[Value]].

4. Assert : IsAccessorDescriptor ( desc ) is true.

5. Let getter be desc .[[Get]].

6. If getter is undefined, then throw a " SecurityError " DOMException .

7. Return ? Call ( getter , Receiver ).

7.2.1.3.6 CrossOriginSet ( O , P , V , Receiver )

1. Let desc be ? O .[[GetOwnProperty]]( P ).

2. Assert : desc is not undefined.

3. If desc .[[Set]] is present and its value is not undefined, then:

   1. Perform ? Call ( setter , Receiver , « V »).

   2. Return true.

4. Throw a " SecurityError " DOMException .

7.2.1.3.7 CrossOriginOwnPropertyKeys ( O )

1. Let keys be a new empty List .

2. For each e of CrossOriginProperties ( O ), append e .[[Property]] to keys .

3. Return the concatenation of keys and « " then ", @@toStringTag , @@hasInstance , @@isConcatSpreadable ».

This abstract operation does not return a Completion Record .

7.2.2 The Window object

[Global=Window,
 Exposed=Window,
 LegacyUnenumerableNamedProperties]
interface Window : EventTarget {
  // the current browsing context
  [LegacyUnforgeable] readonly attribute WindowProxy window;
  [Replaceable] readonly attribute WindowProxy self;
  [LegacyUnforgeable] readonly attribute Document document;
  attribute DOMString name; 
  [PutForwards=href, LegacyUnforgeable] readonly attribute Location location;
  readonly attribute History history;
  readonly attribute CustomElementRegistry customElements;
  [Replaceable] readonly attribute BarProp locationbar;
  [Replaceable] readonly attribute BarProp menubar;
  [Replaceable] readonly attribute BarProp personalbar;
  [Replaceable] readonly attribute BarProp scrollbars;
  [Replaceable] readonly attribute BarProp statusbar;
  [Replaceable] readonly attribute BarProp toolbar;
  attribute DOMString status;
  undefined close();
  readonly attribute boolean closed;
  undefined stop();
  undefined focus();
  undefined blur();
  // other browsing contexts
  [Replaceable] readonly attribute WindowProxy frames;
  [Replaceable] readonly attribute unsigned long length;
  [LegacyUnforgeable] readonly attribute WindowProxy? top;
  attribute any opener;
  [Replaceable] readonly attribute WindowProxy? parent;
  readonly attribute Element? frameElement;
  WindowProxy? open(optional USVString url = "", optional DOMString target = "_blank", optional [LegacyNullToEmptyString] DOMString features = "");  getter object (DOMString name);
  // Since this is the global object, the IDL named getter adds a NamedPropertiesObject exotic
  // object on the prototype chain. Indeed, this does not make the global object an exotic object.
  // Indexed access is taken care of by the WindowProxy exotic object.
  // the user agent
  readonly attribute Navigator navigator;
  readonly attribute Navigator clientInformation; // legacy alias of .navigator
  readonly attribute boolean originAgentCluster;
  // user prompts
  undefined alert();
  undefined alert(DOMString message);
  boolean confirm(optional DOMString message = "");
  DOMString? prompt(optional DOMString message = "", optional DOMString default = "");
  undefined print();
  undefined postMessage(any message, USVString targetOrigin, optional sequence<object> transfer = []);
  undefined postMessage(any message, optional WindowPostMessageOptions options = {});
  // also has obsolete members
};
Window includes GlobalEventHandlers;Window includes WindowEventHandlers;
dictionary WindowPostMessageOptions : StructuredSerializeOptions {
  USVString targetOrigin = "/";
};

window . window

✔ MDN

Window/window

Support in all current engines.

Firefox 1+ Safari 3+ Chrome 1+

---

Opera 12.1+ Edge 79+

---

Edge (Legacy) 12+ Internet Explorer 4+

---

Firefox Android ? Safari iOS 1+ Chrome Android ? WebView Android ? Samsung Internet ? Opera Android 12.1+

window . frames

✔ MDN

Window/frames

Support in all current engines.

Firefox 1+ Safari 1+ Chrome 1+

---

Opera 12.1+ Edge 79+

---

Edge (Legacy) 12+ Internet Explorer 4+

---

Firefox Android ? Safari iOS ? Chrome Android ? WebView Android ? Samsung Internet ? Opera Android 12.1+

window . self

✔ MDN

Window/self

Support in all current engines.

Firefox 1+ Safari 3+ Chrome 1+

---

Opera 12.1+ Edge 79+

---

Edge (Legacy) 12+ Internet Explorer 4+

---

Firefox Android ? Safari iOS 1+ Chrome Android ? WebView Android ? Samsung Internet ? Opera Android 12.1+

These attributes all return window .

window . document

✔ MDN

Window/document

Support in all current engines.

Firefox 1+ Safari 1+ Chrome 1+

---

Opera 12.1+ Edge 79+

---

Edge (Legacy) 12+ Internet Explorer 4+

---

Firefox Android ? Safari iOS ? Chrome Android ? WebView Android ? Samsung Internet ? Opera Android 12.1+

Returns the Document associated with window .

document . defaultView

✔ MDN

Document/defaultView

Support in all current engines.

Firefox 1+ Safari 1+ Chrome 1+

---

Opera 12.1+ Edge 79+

---

Edge (Legacy) 12+ Internet Explorer 9+

---

Firefox Android ? Safari iOS ? Chrome Android ? WebView Android ? Samsung Internet ? Opera Android 12.1+

Returns the Window associated with document , if there is one, or null otherwise.

The Window object has an associated Document , which is a Document object. It is set when the Window object is created, and only ever changed during navigation from the initial about:blank Document .

A Window 's browsing context is its associated Document 's browsing context . It is either null or a browsing context .

A Window 's navigable is the navigable whose active document is the Window 's associated Document 's, or null if there is no such navigable .

The window , frames , and self getter steps are to return this 's relevant realm .[[GlobalEnv]].[[GlobalThisValue]].

The document getter steps are to return this 's associated Document .

The Document object associated with a Window object can change in exactly one case: when the navigate algorithm creates a new Document object for the first page loaded in a browsing context . In that specific case, the Window object of the initial about:blank page is reused and gets a new Document object.

The defaultView getter steps are:

1. If this 's browsing context is null, then return null.

2. Return this 's browsing context 's WindowProxy object.

For historical reasons, Window objects must also have a writable, configurable, non-enumerable property named HTMLDocument whose value is the Document interface object .

7.2.2.1 Opening and closing windows

window = window . open ([ url [, target [, features ] ] ])

✔ MDN

Window/open

Support in all current engines.

Firefox 1+ Safari 1+ Chrome 1+

---

Opera 3+ Edge 79+

---

Edge (Legacy) 12+ Internet Explorer 4+

---

Firefox Android ? Safari iOS ? Chrome Android ? WebView Android ? Samsung Internet ? Opera Android 10.1+

Opens a window to show url (defaults to " about:blank "), and returns it. target (defaults to " _blank ") gives the name of the new window. If a window already exists with that name, it is reused. The features argument can contain a set of comma-separated tokens :

" noopener "

" noreferrer "

These behave equivalently to the noopener and noreferrer link types on hyperlinks .

" popup "

Encourages user agents to provide a minimal web browser user interface for the new window. (Impacts the visible getter on all BarProp objects as well.)

globalThis.open("https://email.example/message/CAOOOkFcWW97r8yg=SsWg7GgCmp4suVX9o85y8BvNRqMjuc5PXg",
undefined,
"noopener,popup");

window . name [ = value ]

✔ MDN

Window/name

Support in all current engines.

Firefox 1+ Safari 1+ Chrome 1+

---

Opera 12.1+ Edge 79+

---

Edge (Legacy) 12+ Internet Explorer 4+

---

Firefox Android ? Safari iOS ? Chrome Android ? WebView Android ? Samsung Internet ? Opera Android 12.1+

Returns the name of the window.

Can be set, to change the name.

window . close ()

✔ MDN

Window/close

Support in all current engines.

Firefox 1+ Safari 1+ Chrome 1+

---

Opera 3+ Edge 79+

---

Edge (Legacy) 12+ Internet Explorer 4+

---

Firefox Android ? Safari iOS ? Chrome Android ? WebView Android ? Samsung Internet ? Opera Android 10.1+

Closes the window.

window . closed

✔ MDN

Window/closed

Support in all current engines.

Firefox 1+ Safari 1+ Chrome 1+

---

Opera 12.1+ Edge 79+

---

Edge (Legacy) 12+ Internet Explorer 4+

---

Firefox Android ? Safari iOS ? Chrome Android ? WebView Android ? Samsung Internet ? Opera Android 12.1+

Returns true if the window has been closed, false otherwise.

window . stop ()

✔ MDN

Window/stop

Support in all current engines.

Firefox 1+ Safari 3+ Chrome 1+

---

Opera 12.1+ Edge 79+

---

Edge (Legacy) 14+ Internet Explorer No

---

Firefox Android ? Safari iOS 1+ Chrome Android ? WebView Android ? Samsung Internet ? Opera Android 12.1+

Cancels the document load.

The window open steps , given a string url , a string target , and a string features , are as follows:

1. If the event loop 's termination nesting level is nonzero, return null.

2. Let sourceDocument be the entry global object 's associated Document .

3. If target is the empty string, then set target to " _blank ".

4. Let tokenizedFeatures be the result of tokenizing features .

5. Let noopener and noreferrer be false.

6. If tokenizedFeatures [" noopener "] exists , then:

   1. Set noopener to the result of parsing tokenizedFeatures [" noopener "] as a boolean feature .

   2. Remove tokenizedFeatures [" noopener "].

7. If tokenizedFeatures [" noreferrer "] exists , then:

   1. Set noreferrer to the result of parsing tokenizedFeatures [" noreferrer "] as a boolean feature .

   2. Remove tokenizedFeatures [" noreferrer "].

8. Let referrerPolicy be the empty string.

9. If noreferrer is true, then set noopener to true and set referrerPolicy to " no-referrer ".

10. Let targetNavigable and windowType be the result of applying the rules for choosing a navigable given target , sourceDocument 's node navigable , and noopener .

    If there is a user agent that supports control-clicking a link to open it in a new tab, and the user control-clicks on an element whose onclick handler uses the window.open() API to open a page in an iframe element, the user agent could override the selection of the target browsing context to instead target a new tab.

11. If targetNavigable is null, then return null.

12. If windowType is either " new and unrestricted " or " new with no opener ", then:

    1. Set targetNavigable 's active browsing context 's is popup to the result of checking if a popup window is requested , given tokenizedFeatures .

    2. Set up browsing context features for targetNavigable 's active browsing context given tokenizedFeatures . [CSSOMVIEW]

    3. Let urlRecord be the URL record about:blank .

    4. If url is not the empty string, then parse url relative to the entry settings object , and set urlRecord to the resulting URL record , if any. If the parse a URL algorithm failed, then throw a " SyntaxError " DOMException .

    5. If urlRecord matches about:blank , then perform the URL and history update steps given targetNavigable 's active document and urlRecord .

       This is necessary in case url is something like about:blank?foo . If url is just plain about:blank , this will do nothing.

    6. Otherwise, navigate targetNavigable to urlRecord using sourceDocument , with referrerPolicy set to referrerPolicy and exceptionsEnabled set to true.

13. Otherwise:

    1. If url is not the empty string, then:

       1. Let urlRecord be the URL record about:blank .

       2. Parse url relative to the entry settings object , and set urlRecord to the resulting URL record , if any. If the parse a URL algorithm failed, then throw a " SyntaxError " DOMException .

       3. Navigate targetNavigable to urlRecord using sourceDocument , with referrerPolicy set to referrerPolicy and exceptionsEnabled set to true.

    2. If noopener is false, then set targetNavigable 's active browsing context 's opener browsing context to sourceDocument 's browsing context .

14. If noopener is true or windowType is " new with no opener ", then return null.

15. Return targetNavigable 's active WindowProxy .

The open( url , target , features ) method steps are to run the window open steps with url , target , and features .

The method provides a mechanism for navigating an existing browsing context or opening and navigating an auxiliary browsing context .

To tokenize the features argument :

1. Let tokenizedFeatures be a new ordered map .

2. Let position point at the first code point of features .

3. While position is not past the end of features :

   1. Let name be the empty string.

   2. Let value be the empty string.

   3. Collect a sequence of code points that are feature separators from features given position . This skips past leading separators before the name.

   4. Collect a sequence of code points that are not feature separators from features given position . Set name to the collected characters, converted to ASCII lowercase .

   5. Set name to the result of normalizing the feature name name .

   6. While position is not past the end of features and the code point at position in features is not U+003D (=):

      1. If the code point at position in features is U+002C (,), or if it is not a feature separator , then break .

      2. Advance position by 1.

      This skips to the first U+003D (=) but does not skip past a U+002C (,) or a non-separator.

   7. If the code point at position in features is a feature separator :

      1. While position is not past the end of features and the code point at position in features is a feature separator :

         1. If the code point at position in features is U+002C (,), then break .

         2. Advance position by 1.

         This skips to the first non-separator but does not skip past a U+002C (,).

      2. Collect a sequence of code points that are not feature separators code points from features given position . Set value to the collected code points, converted to ASCII lowercase .

   8. If name is not the empty string, then set tokenizedFeatures [ name ] to value .

4. Return tokenizedFeatures .

To check if a window feature is set , given tokenizedFeatures , featureName , and defaultValue :

1. If tokenizedFeatures [ featureName ] exists , then return the result of parsing tokenizedFeatures [ featureName ] as a boolean feature .

2. Return defaultValue .

To check if a popup window is requested , given tokenizedFeatures :

1. If tokenizedFeatures is empty , then return false.

2. If tokenizedFeatures [" popup "] exists , then return the result of parsing tokenizedFeatures [" popup "] as a boolean feature .

3. Let location be the result of checking if a window feature is set , given tokenizedFeatures , " location ", and false.

4. Let toolbar be the result of checking if a window feature is set , given tokenizedFeatures , " toolbar ", and false.

5. If location and toolbar are both false, then return true.

6. Let menubar be the result of checking if a window feature is set , given tokenizedFeatures , menubar ", and false.

7. If menubar is false, then return true.

8. Let resizable be the result of checking if a window feature is set , given tokenizedFeatures , " resizable ", and true.

9. If resizable is false, then return true.

10. Let scrollbars be the result of checking if a window feature is set , given tokenizedFeatures , " scrollbars ", and false.

11. If scrollbars is false, then return true.

12. Let status be the result of checking if a window feature is set , given tokenizedFeatures , " status ", and false.

13. If status is false, then return true.

14. Return false.

A code point is a feature separator if it is ASCII whitespace , U+003D (=), or U+002C (,).

For legacy reasons, there are some aliases of some feature names. To normalize a feature name name , switch on name :

" screenx "

Return " left ".

" screeny "

Return " top ".

" innerwidth "

Return " width ".

" innerheight "

Return " height ".

Anything else

Return name .

To parse a boolean feature given a string value :

1. If value is the empty string, then return true.

2. If value is " yes ", then return true.

3. If value is " true ", then return true.

4. Let parsed be the result of parsing value as an integer .

5. If parsed is an error, then set it to 0.

6. Return false if parsed is 0, and true otherwise.

The name getter steps are:

1. If this 's navigable is null, then return the empty string.

2. Return this 's navigable 's target name .

The name setter steps are:

1. If this 's navigable is null, then return.

2. Set this 's navigable 's active session history entry 's document state 's navigable target name to the given value.

The name gets reset when the navigable is navigated to another origin .

The close() method steps are:

1. Let thisTraversable be null.

2. For each top-level traversable traversable of the user agent's top-level traversable set : if traversable 's active document 's relevant global object equals this , then set thisTraversable to traversable and break .

3. If thisTraversable is null, then return.

   In this case the method is being called on a Window that does not correspond to a top-level traversable , and so closing is not allowed.

4. If thisTraversable 's is closing is true, then return.

5. Let browsingContext be thisTraversable 's active browsing context .

6. Let sourceSnapshotParams be the result of snapshotting source snapshot params given thisTraversable 's active document .

7. If all the following are true:

   • thisTraversable is script-closable ;
   • the incumbent global object 's browsing context is familiar with browsingContext ; and
   • the incumbent global object 's node navigable is allowed by sandboxing to navigate thisTraversable , given sourceSnapshotParams

   then:

   1. Set thisTraversable 's is closing to true.

   2. Queue a task on the DOM manipulation task source to close thisTraversable .

A navigable is script-closable if its active browsing context is an auxiliary browsing context that was created by a script (as opposed to by an action of the user), or if it is a top-level traversable whose session history entries 's size is 1.

The closed getter steps are to return true if this 's browsing context is null or its is closing is true; otherwise false.

The stop() method steps are:

1. If this 's navigable is null, then return.

2. Stop loading this 's navigable .

7.2.2.2 Indexed access on the Window object

window . length

✔ MDN

Window/length

Support in all current engines.

Firefox 1+ Safari 1+ Chrome 1+

---

Opera 12.1+ Edge 79+

---

Edge (Legacy) 12+ Internet Explorer 4+

---

Firefox Android ? Safari iOS ? Chrome Android ? WebView Android ? Samsung Internet ? Opera Android 12.1+

Returns the number of document-tree child navigables .

window [ index ]

Returns the WindowProxy corresponding to the indicated document-tree child navigables .

The length getter steps are to return this 's associated Document 's document-tree child navigables 's size .

Indexed access to document-tree child navigables is defined through the [[GetOwnProperty]] internal method of the WindowProxy object.

7.2.2.3 Named access on the Window object

window [ name ]

Returns the indicated element or collection of elements.

As a general rule, relying on this will lead to brittle code. Which IDs end up mapping to this API can vary over time, as new features are added to the web platform, for example. Instead of this, use document.getElementById() or document.querySelector() .

The document-tree child navigable target name property set of a Window object window is the return value of running these steps:

1. Let children be the document-tree child navigables of window 's associated Document .

2. Let firstNamedChildren be an empty ordered set .

3. For each navigable of children :

   1. Let name be navigable 's target name .

   2. If name is the empty string, then continue .

   3. If names contains name , then continue .

   4. Append navigable to firstNamedChildren .

4. Let names be an empty ordered set .

5. For each navigable of firstNamedChildren :

   1. Let name be navigable 's target name .

   2. If navigable 's active document 's origin is same origin with window 's relevant settings object 's origin , then append name to names .

6. Return names .

<iframe src=https://elsewhere.example.com/></iframe>
<iframe
name=spices></iframe>

The Window object supports named properties . The supported property names of a Window object window at any moment consist of the following, in tree order according to the element that contributed them, ignoring later duplicates:

• window 's document-tree child navigable target name property set ;

• the value of the name content attribute for all embed , form , img , and object elements that have a non-empty name content attribute and are in a document tree with window 's associated Document as their root ; and

• the value of the id content attribute for all HTML elements that have a non-empty id content attribute and are in a document tree with window 's associated Document as their root .

To determine the value of a named property name in a Window object window , the user agent must return the value obtained using the following steps:

1. Let objects be the list of named objects of window with the name name .

   There will be at least one such object, by definition.

2. If objects contains a navigable , then:

   1. Let container be the first navigable container in window 's associated Document 's descendants whose nested navigable is in objects .

   2. Return container 's nested navigable 's active WindowProxy .

3. Otherwise, if objects has only one element, return that element.

4. Otherwise return an HTMLCollection rooted at window 's associated Document , whose filter matches only named objects of window with the name name . (By definition, these will all be elements.)

Named objects of Window object window with the name name , for the purposes of the above algorithm, consist of the following:

• document-tree child navigables of window 's associated Document whose target name is name ;

• embed , form , img , or object elements that have a name content attribute whose value is name and are in a document tree with window 's associated Document as their root ; and

• HTML elements that have an id content attribute whose value is name and are in a document tree with window 's associated Document as their root .

7.2.2.4 Accessing related windows

window . top

✔ MDN

Window/top

Support in all current engines.

Firefox 1+ Safari 3+ Chrome 1+

---

Opera 12.1+ Edge 79+

---

Edge (Legacy) 12+ Internet Explorer 4+

---

Firefox Android 4+ Safari iOS 1+ Chrome Android ? WebView Android ? Samsung Internet ? Opera Android 12.1+

Returns the WindowProxy for the top-level traversable .

window . opener [ = value ]

✔ MDN

Window/opener

Support in all current engines.

Firefox 1+ Safari 1+ Chrome 1+

---

Opera 3+ Edge 79+

---

Edge (Legacy) 12+ Internet Explorer 9+

---

Firefox Android ? Safari iOS ? Chrome Android ? WebView Android ? Samsung Internet ? Opera Android 10.1+

Returns the WindowProxy for the opener browsing context .

Returns null if there isn't one or if it has been set to null.

Can be set to null.

window . parent

✔ MDN

Window/parent

Support in all current engines.

Firefox 1+ Safari 1.3+ Chrome 1+

---

Opera 3+ Edge 79+

---

Edge (Legacy) 12+ Internet Explorer 9+

---

Firefox Android ? Safari iOS ? Chrome Android ? WebView Android ? Samsung Internet ? Opera Android 10.1+

Returns the WindowProxy for the parent navigable .

window . frameElement

✔ MDN

) in which the window is embedded."> Window/frameElement

Support in all current engines.

Firefox 1+ Safari 3+ Chrome 1+

---

Opera 12.1+ Edge 79+

---

Edge (Legacy) 12+ Internet Explorer 5.5+

---

Firefox Android ? Safari iOS 1+ Chrome Android ? WebView Android ? Samsung Internet ? Opera Android 12.1+

Returns the navigable container element.

Returns null if there isn't one, and in cross-origin situations.

The top getter steps are:

1. If this 's navigable is null, then return null.

2. Return this 's navigable 's top-level traversable 's active WindowProxy .

The opener getter steps are:

1. Let current be this 's browsing context .

2. If current is null, then return null.

3. If current 's disowned is true, then return null.

4. If current 's opener browsing context is null, then return null.

5. Return current 's opener browsing context 's WindowProxy object.

The opener setter steps are:

1. If the given value is null and this 's browsing context is non-null, then set this 's browsing context 's disowned to true.

2. If the given value is non-null, then return ? OrdinaryDefineOwnProperty ( this , " opener ", { [[Value]]: the given value, [[Writable]]: true, [[Enumerable]]: true, [[Configurable]]: true }).

The parent getter steps are:

1. Let navigable be this 's navigable .

2. If navigable is null, then return null.

3. If navigable 's parent is not null, then set navigable to navigable 's parent .

4. Return navigable 's active WindowProxy .

The frameElement getter steps are:

1. Let current be this 's node navigable .

2. If current is null, then return null.

3. Let container be current 's container .

4. If container is null, then return null.

5. If container 's node document 's origin is not same origin-domain with the current settings object 's origin , then return null.

6. Return container .

<!DOCTYPE html>
<iframe></iframe>
<script>
"use strict";
const element = document.querySelector("iframe");
const iframeWindow = element.contentWindow;
element.remove();
console.assert(iframeWindow.top === null);
console.assert(iframeWindow.parent === null);
console.assert(iframeWindow.frameElement === null);
</script>

7.2.2.5 Historical browser interface element APIs

For historical reasons, the Window interface had some properties that represented the visibility of certain web browser interface elements.

For privacy and interoperability reasons, those properties now return values that represent whether the Window 's browsing context 's is popup property is true or false.

Each interface element is represented by a BarProp object:

[Exposed=Window]
interface BarProp {
  readonly attribute boolean visible;
};

window . locationbar . visible

✔ MDN

Window/locationbar

Support in all current engines.

Firefox 1+ Safari 3+ Chrome 1+

---

Opera ? Edge 79+

---

Edge (Legacy) 12+ Internet Explorer No

---

Firefox Android ? Safari iOS 1+ Chrome Android ? WebView Android ? Samsung Internet ? Opera Android ?

window . menubar . visible

✔ MDN

Window/menubar

Support in all current engines.

Firefox 1+ Safari 3+ Chrome 1+

---

Opera ? Edge 79+

---

Edge (Legacy) 12+ Internet Explorer No

---

Firefox Android ? Safari iOS 1+ Chrome Android ? WebView Android ? Samsung Internet ? Opera Android ?

window . personalbar . visible

✔ MDN

Window/personalbar

Support in all current engines.

Firefox 1+ Safari 3+ Chrome 1+

---

Opera 12.1+ Edge 79+

---

Edge (Legacy) 12+ Internet Explorer No

---

Firefox Android ? Safari iOS 1+ Chrome Android ? WebView Android ? Samsung Internet ? Opera Android 12.1+

window . scrollbars . visible

✔ MDN

Window/scrollbars

Support in all current engines.

Firefox 1+ Safari 3+ Chrome 1+

---

Opera 12.1+ Edge 79+

---

Edge (Legacy) 12+ Internet Explorer No

---

Firefox Android ? Safari iOS 1+ Chrome Android ? WebView Android ? Samsung Internet ? Opera Android 12.1+

window . statusbar . visible

✔ MDN

Window/statusbar

Support in all current engines.

Firefox 1+ Safari 3+ Chrome 1+

---

Opera ? Edge 79+

---

Edge (Legacy) 12+ Internet Explorer No

---

Firefox Android ? Safari iOS 1+ Chrome Android ? WebView Android ? Samsung Internet ? Opera Android ?

window . toolbar . visible

✔ MDN

Window/toolbar

Support in all current engines.

Firefox 1+ Safari 3+ Chrome 1+

---

Opera ? Edge 79+

---

Edge (Legacy) 12+ Internet Explorer No

---

Firefox Android ? Safari iOS 1+ Chrome Android ? WebView Android ? Samsung Internet ? Opera Android ?

Returns true if the Window is not a popup; otherwise, returns false.

The visible getter steps are:

1. Let browsingContext be this 's relevant global object 's browsing context .

2. If browsingContext is null, then return true.

3. Return the negation of browsingContext 's top-level browsing context 's is popup .

The following BarProp objects must exist for each Window object:

The location bar BarProp object

Historically represented the user interface element that contains a control that displays the browser's location bar.

The menu bar BarProp object

Historically represented the user interface element that contains a list of commands in menu form, or some similar interface concept.

The personal bar BarProp object

Historically represented the user interface element that contains links to the user's favorite pages, or some similar interface concept.

The scrollbar BarProp object

Historically represented the user interface element that contains a scrolling mechanism, or some similar interface concept.

The status bar BarProp object

Historically represented a user interface element found immediately below or after the document, as appropriate for the user's media, which typically provides information about ongoing network activity or information about elements that the user's pointing device is currently indicating.

The toolbar BarProp object

Historically represented the user interface element found immediately above or before the document, as appropriate for the user's media, which typically provides session history traversal controls (back and forward buttons, reload buttons, etc.).

The locationbar attribute must return the location bar BarProp object .

The menubar attribute must return the menu bar BarProp object .

The personalbar attribute must return the personal bar BarProp object .

The scrollbars attribute must return the scrollbar BarProp object .

The statusbar attribute must return the status bar BarProp object .

The toolbar attribute must return the toolbar BarProp object .

For historical reasons, the status attribute on the Window object must, on getting, return the last string it was set to, and on setting, must set itself to the new value. When the Window object is created, the attribute must be set to the empty string. It does not do anything else.

7.2.2.6 Script settings for Window objects

To set up a window environment settings object , given a URL creationURL , a JavaScript execution context execution context , null or an environment reservedEnvironment , a URL topLevelCreationURL , and an origin topLevelOrigin , run these steps:

1. Let realm be the value of execution context 's Realm component.

2. Let window be realm 's global object .

3. Let settings object be a new environment settings object whose algorithms are defined as follows:

   The realm execution context

   Return execution context .

   The module map

   Return the module map of window 's associated Document .

   The API URL character encoding

   Return the current character encoding of window 's associated Document .

   The API base URL

   Return the current base URL of window 's associated Document .

   The origin

   Return the origin of window 's associated Document .

   The policy container

   Return the policy container of window 's associated Document .

   The cross-origin isolated capability

   Return true if both of the following hold, and false otherwise:

   1. realm 's agent cluster 's cross-origin-isolation mode is " concrete ", and

   2. window 's associated Document is allowed to use the " cross-origin-isolated " feature.

   The time origin

   Return window 's associated Document 's load timing info 's navigation start time .

4. If reservedEnvironment is non-null, then:

   1. Set settings object 's id to reservedEnvironment 's id , target browsing context to reservedEnvironment 's target browsing context , and active service worker to reservedEnvironment 's active service worker .

   2. Set reservedEnvironment 's id to the empty string.

      The identity of the reserved environment is considered to be fully transferred to the created environment settings object . The reserved environment is not searchable by the environment ’s id from this point on.

5. Otherwise, set settings object 's id to a new unique opaque string, settings object 's target browsing context to null, and settings object 's active service worker to null.

6. Set settings object 's creation URL to creationURL , settings object 's top-level creation URL to topLevelCreationURL , and settings object 's top-level origin to topLevelOrigin .

7. Set realm 's [[HostDefined]] field to settings object .

7.2.3 The WindowProxy exotic object

A WindowProxy is an exotic object that wraps a Window ordinary object, indirecting most operations through to the wrapped object. Each browsing context has an associated WindowProxy object. When the browsing context is navigated , the Window object wrapped by the browsing context 's associated WindowProxy object is changed.

The WindowProxy exotic object must use the ordinary internal methods except where it is explicitly specified otherwise below.

There is no WindowProxy interface object .

Every WindowProxy object has a [[Window]] internal slot representing the wrapped Window object.

Although WindowProxy is named as a "proxy", it does not do polymorphic dispatch on its target's internal methods as a real proxy would, due to a desire to reuse machinery between WindowProxy and Location objects. As long as the Window object remains an ordinary object this is unobservable and can be implemented either way.

7.2.3.1 [[GetPrototypeOf]] ( )

1. Let W be the value of the [[Window]] internal slot of this .

2. If IsPlatformObjectSameOrigin ( W ) is true, then return ! OrdinaryGetPrototypeOf ( W ).

3. Return null.

7.2.3.2 [[SetPrototypeOf]] ( V )

1. Return ! SetImmutablePrototype ( this , V ).

7.2.3.3 [[IsExtensible]] ( )

1. Return true.

7.2.3.4 [[PreventExtensions]] ( )

1. Return false.

7.2.3.5 [[GetOwnProperty]] ( P )

1. Let W be the value of the [[Window]] internal slot of this .

2. If P is an array index property name , then:

   1. Let index be ! ToUint32 ( P ).

   2. Let children be the document-tree child navigables of W 's associated Document .

   3. Let value be undefined.

   4. If index is less than children 's size , then:

      1. Sort children in ascending order, with navigableA being less than navigableB if navigableA 's container was inserted into W 's associated Document earlier than navigableB 's container was.

      2. Set value to children [ index ]'s active WindowProxy .

   5. If value is undefined, then:

      1. If IsPlatformObjectSameOrigin ( W ) is true, then return undefined.

      2. Throw a " SecurityError " DOMException .

   6. Return PropertyDescriptor { [[Value]]: value , [[Writable]]: false, [[Enumerable]]: true, [[Configurable]]: true }.

3. If IsPlatformObjectSameOrigin ( W ) is true, then return ! OrdinaryGetOwnProperty ( W , P ).

   This is a willful violation of the JavaScript specification's invariants of the essential internal methods to maintain compatibility with existing web content. See tc39/ecma262 issue #672 for more information. [JAVASCRIPT]

4. Let property be CrossOriginGetOwnPropertyHelper ( W , P ).

5. If property is not undefined, then return property .

6. If property is undefined and P is in W 's document-tree child navigable target name property set , then:

   1. Let value be the active WindowProxy of the named object of W with the name P .

   2. Return PropertyDescriptor { [[Value]]: value , [[Enumerable]]: false, [[Writable]]: false, [[Configurable]]: true }.

      The reason the property descriptors are non-enumerable, despite this mismatching the same-origin behavior, is for compatibility with existing web content. See issue #3183 for details.

7. Return ? CrossOriginPropertyFallback ( P ).

7.2.3.6 [[DefineOwnProperty]] ( P , Desc )

1. Let W be the value of the [[Window]] internal slot of this .

2. If IsPlatformObjectSameOrigin ( W ) is true, then:

   1. If P is an array index property name , return false.

   2. Return ? OrdinaryDefineOwnProperty ( W , P , Desc ).

      This is a willful violation of the JavaScript specification's invariants of the essential internal methods to maintain compatibility with existing web content. See tc39/ecma262 issue #672 for more information. [JAVASCRIPT]

3. Throw a " SecurityError " DOMException .

7.2.3.7 [[Get]] ( P , Receiver )

1. Let W be the value of the [[Window]] internal slot of this .

2. Check if an access between two browsing contexts should be reported , given the current global object 's browsing context , W 's browsing context , P , and the current settings object .

3. If IsPlatformObjectSameOrigin ( W ) is true, then return ? OrdinaryGet ( this , P , Receiver ).

4. Return ? CrossOriginGet ( this , P , Receiver ).

this is passed rather than W as OrdinaryGet and CrossOriginGet will invoke the [[GetOwnProperty]] internal method.

7.2.3.8 [[Set]] ( P , V , Receiver )

1. Let W be the value of the [[Window]] internal slot of this .

2. Check if an access between two browsing contexts should be reported , given the current global object 's browsing context , W 's browsing context , P , and the current settings object .

3. If IsPlatformObjectSameOrigin ( W ) is true, then:

   1. If P is an array index property name , then return false.

   2. Return ? OrdinarySet ( W , P , V , Receiver ).

4. Return ? CrossOriginSet ( this , P , V , Receiver ).

   this is passed rather than W as CrossOriginSet will invoke the [[GetOwnProperty]] internal method.

7.2.3.9 [[Delete]] ( P )

1. Let W be the value of the [[Window]] internal slot of this .

2. If IsPlatformObjectSameOrigin ( W ) is true, then:

   1. If P is an array index property name , then:

      1. Let desc be ! this .[[GetOwnProperty]]( P ).

      2. If desc is undefined, then return true.

      3. Return false.

   2. Return ? OrdinaryDelete ( W , P ).

3. Throw a " SecurityError " DOMException .

7.2.3.10 [[OwnPropertyKeys]] ( )

1. Let W be the value of the [[Window]] internal slot of this .

2. Let maxProperties be W 's associated Document 's document-tree child navigables 's size .

3. Let keys be the range 0 to maxProperties , exclusive.

4. If IsPlatformObjectSameOrigin ( W ) is true, then return the concatenation of keys and OrdinaryOwnPropertyKeys ( W ).

5. Return the concatenation of keys and ! CrossOriginOwnPropertyKeys ( W ).

7.2.4 The Location interface

Each Window object is associated with a unique instance of a Location object, allocated when the Window object is created.

The Location exotic object is defined through a mishmash of IDL, invocation of JavaScript internal methods post-creation, and overridden JavaScript internal methods. Coupled with its scary security policy, please take extra care while implementing this excrescence.

To create a Location object, run these steps:

1. Let location be a new Location platform object .

2. Let valueOf be location 's relevant realm .[[Intrinsics]].[[ %Object.prototype.valueOf% ]].

3. Perform ! location .[[DefineOwnProperty]](" valueOf ", { [[Value]]: valueOf , [[Writable]]: false, [[Enumerable]]: false, [[Configurable]]: false }).

4. Perform ! location .[[DefineOwnProperty]]( @@toPrimitive , { [[Value]]: undefined, [[Writable]]: false, [[Enumerable]]: false, [[Configurable]]: false }).

5. Set the value of the [[DefaultProperties]] internal slot of location to location .[[OwnPropertyKeys]]().

6. Return location .

The addition of valueOf and @@toPrimitive own data properties, as well as the fact that all of Location 's IDL attributes are marked [ LegacyUnforgeable ] , is required by legacy code that consulted the Location interface, or stringified it, to determine the document URL , and then used it in a security-sensitive way. In particular, the valueOf , @@toPrimitive , and [ LegacyUnforgeable ] stringifier mitigations ensure that code such as foo[location] = bar or location + "" cannot be misdirected.

document . location [ = value ]

window . location [ = value ]

Returns a Location object with the current page's location.

Can be set, to navigate to another page.

The Document object's location getter steps are to return this 's relevant global object 's Location object, if this is fully active , and null otherwise.

The Window object's location getter steps are to return this 's Location object.

Location objects provide a representation of the URL of their associated Document , as well as methods for navigating and reloading the associated navigable .