Define read-back-allowed rendering

source

@@ -4210,6 +4210,7 @@ a.setAttribute('href', 'https://example.com/'); // change the content attribute
 
     <ul class="brief">
      <li><dfn data-x-href="https://drafts.csswg.org/css-values/#lengths">&lt;length></dfn></li>
+     <li><dfn data-x-href="https://drafts.csswg.org/css-values/#urls">&lt;url></dfn></li>
      <li>The <dfn data-x-href="https://drafts.csswg.org/css-values/#em">'em'</dfn> unit</li>
      <li>The <dfn data-x-href="https://drafts.csswg.org/css-values/#ex">'ex'</dfn> unit</li>
      <li>The <dfn data-x-href="https://drafts.csswg.org/css-values/#vw">'vw'</dfn> unit</li>
@@ -151602,6 +151603,10 @@ legend[align=right i] {
   <code>video</code> element, as defined by the relevant rendering rules; for WebVTT, those are the
   <span>rules for updating the display of WebVTT text tracks</span>. <ref>WEBVTT</ref></p>
 
+  <p>During <span>read-back-allowed rendering</span>, subtitles and captions are
+  <span>expected</span> to be rendered with default appearance that ignores any user
+  preferences.</p>
+
   <p>When the user agent starts <span data-x="expose a user interface to the user">exposing a user
   interface</span> for a <code>video</code> element, the user agent should run the <span>rules for
   updating the text track rendering</span> of each of the <span data-x="text track">text
@@ -153312,6 +153317,10 @@ select {
   elements in their user interface, as discussed <a
   href="#providing-users-with-a-means-to-follow-hyperlinks-created-using-the-link-element">previously</a>.</p>
 
+  <p>During <span>read-back-allowed rendering</span>, user agents are <span>expected</span> to act
+  as if the <code data-x="selector-visited">:visited</code> <span>pseudo-class</span> does not
+  match.</p>
+
 
 
 
@@ -153550,6 +153559,77 @@ if (s = prompt('What is your name?')) {
 
 
 
+  <h3>Read-back-allowed rendering</h3>
+
+  <p>During <dfn export>read-back-allowed rendering</dfn>, any security- or privacy-sensitive
+  information that isn't otherwise observable to author code are omitted or replaced with safe
+  defaults. The detailed requirements are in the relevant sections above.</p>
+
+
+  <p>The following must not be exposed during <span>read-back-allowed rendering</span>:</p>
+
+  <dl>
+   <dt>All content
+   <dd><span>CORS-cross-origin</span> content, including in <span>embedded content</span> (e.g.,
+   <code>iframe</code>, <code>img</code>), <code>canvas</code> elements whose bitmap's <span
+   data-x="concept-canvas-origin-clean">origin-clean</span> flag is set to false, CSS
+   <span>&lt;url></span> references (e.g., <span>'background-image'</span>,
+   <span>'border-image-source'</span>), and SVG elements (e.g., <code data-x="">use</code>, <code
+   data-x="">pattern</code>, <code data-x="">feImage</code>).
+   <dd>Non-default colors, themes, and preferences.
+   <dd>Non-default selection and find-in-page highlights.
+   <dd>Spelling and grammar markers.
+   <dd>Subpixel text rendering and antialiasing.
+
+   <dt><span data-x="form-associated element">Form-associated elements</span>
+   <dd>Platform-specific appearance.
+   <dd>Pending autofill suggestions.
+
+   <dt><span data-x="media element">Media elements</span>
+   <dd>User preferences for caption and subtitle selection and appearance.
+
+   <dt><code>a</code> and <code>area</code> elements
+   <dd>Visited link information.
+  </dl>
+
+  <p class="XXX">The above cases should all be merged into the appropriate part of the rendering
+  section.</p>
+
+  <p>The following explicitly may be exposed during <span>read-back-allowed rendering</span>:</p>
+
+  <dl>
+   <dt>All content
+   <dd>Matching text from find-in-page.
+
+   <dt><span data-x="form-associated element">Form-associated elements</span>
+   <dd>Default appearance that is the same on all platforms.
+
+   <dt><code>iframe</code> and <code>frame</code> elements
+   <dd><span>CORS-same-origin</span> frames are not sensitive information, but
+   <span>CORS-cross-origin</span> content within them is.</dd>
+  </dl>
+
+  <h4>Summary</h4>
+
+  <!-- NON-NORMATIVE SECTION -->
+
+  <p>The following table summarizes how <span>read-back-allowed rendering</span> affects various
+  elements and features when they are rendered:</p>
+
+  <table>
+   <thead>
+    <tr>
+     <th>Category
+     <th>Expected behavior
+   <tbody>
+    <tr>
+     <td><code>a</code> and <code>area</code> elements
+     <td>The <code data-x="selector-visited">:visited</code> <span>pseudo-class</span> never matches.
+    <tr>
+     <td><span data-x="media element">Media elements</span>
+     <td>Subtitles and captionss use default appearance, ignoring any user preferences.
+  </table>
+
 
   <h2 split-filename="obsolete" id="obsolete">Obsolete features</h2>