Ian Hickson wrote:
Yes; at least according to the current HTML5 draft. The spec currently
splits navigation from rendering, so <iframe>s (and browsing contexts in
general) work the same mostly independent of their location.
I'm not sure we'll want to implement this in Gecko.
Is script allowed to run in that Window after that?
According to the current spec, yes.
Nor this, possibly. In particular, the parent window chain can affect
the security context of a window in various ways. For example, it's
possible to disable script on a window and all its descendant windows.
What I would suggest is that a window that is not in the DOM:
1) Does not allow navigation.
2) Does not allow script execution.
Possibly some other restrictions to make sure the behavior is sane from
a security perspective....
-Boris
