1. 7.4 Navigation and session history
      1. 7.4.1 Session history
        1. 7.4.1.1 Session history entries
        2. 7.4.1.2 Document state
        3. 7.4.1.3 Centralized modifications of session history
        4. 7.4.1.4 Low-level operations on session history
      2. 7.4.2 Navigation
        1. 7.4.2.1 Supporting concepts
        2. 7.4.2.2 Beginning navigation
        3. 7.4.2.3 Ending navigation
          1. 7.4.2.3.1 The usual cross-document navigation case
          2. 7.4.2.3.2 The javascript: URL special case
          3. 7.4.2.3.3 Fragment navigations
          4. 7.4.2.3.4 Non-fetch schemes and external software
        4. 7.4.2.4 Preventing navigation
      3. 7.4.3 Reloading and traversing
      4. 7.4.4 Non-fragment synchronous "navigations"
      5. 7.4.5 Populating a session history entry
      6. 7.4.6 Applying the history step
        1. 7.4.6.1 Updating the traversable
        2. 7.4.6.2 Updating the document
        3. 7.4.6.3 Scrolling to a fragment
        4. 7.4.6.4 Persisted history entry state

Welcome to the dragon's maw. Navigation, session history, and the traversal through that session history are some of the most complex parts of this standard.

The basic concept may not seem so difficult:

You can see some of the intertwined complexity peeking through here, in how traversal can cause a navigation (i.e., a network fetch to a stored URL), and how a navigation necessarily needs to interface with the session history list to ensure that when it finishes the user is looking at the right thing. But the real problems come in with the various edge cases and interacting web platform features:

In what follows, we have attempted to guide the reader through these complexities by appropriately cordoning them off into labeled sections and algorithms, and giving appropriate words of introduction where possible. Nevertheless, if you wish to truly understand navigation and session history, the usual advice will be invaluable.

7.4.1 Session history

7.4.1.1 Session history entries

A session history entry is a struct with the following items:

To get a session history entry's document, return its document state's document.


Serialized state is a serialization (via StructuredSerializeForStorage) of an object representing a user interface state. We sometimes informally refer to "state objects", which are the objects representing user interface state supplied by the author, or alternately the objects created by deserializing (via StructuredDeserialize) serialized state.

Pages can add serialized state to the session history. These are then deserialized and returned to the script when the user (or script) goes back in the history, thus enabling authors to use the "navigation" metaphor even in one-page applications.

Serialized state is intended to be used for two main purposes: first, storing a preparsed description of the state in the URL so that in the simple case an author doesn't have to do the parsing (though one would still need the parsing for handling URLs passed around by users, so it's only a minor optimization). Second, so that the author can store state that one wouldn't store in the URL because it only applies to the current Document instance and it would have to be reconstructed if a new Document were opened.

An example of the latter would be something like keeping track of the precise coordinate from which a popup div was made to animate, so that if the user goes back, it can be made to animate to the same location. Or alternatively, it could be used to keep a pointer into a cache of data that would be fetched from the server based on the information in the URL, so that when going back and forward, the information doesn't have to be fetched again.


A scroll restoration mode indicates whether the user agent should restore the persisted scroll position (if any) when traversing to an entry. A scroll restoration mode is one of the following:

"auto"
The user agent is responsible for restoring the scroll position upon navigation.
"manual"
The page is responsible for restoring the scroll position and the user agent does not attempt to do so automatically
7.4.1.2 Document state

Document state holds state inside a session history entry regarding how to present and, if necessary, recreate, a Document. It has:

User agents may destroy the documents of document states with non-null documents, as long as the Document is not fully active.

Apart from that restriction, this standard does not specify when user agents should destroy the document stored in a document state, versus keeping it cached.


A POST resource has:


A nested history has:

This will later contain ways to identify a nested navigable across reloads.



Several contiguous entries in a session history can share the same document state. This can occur when the initial entry is reached via normal navigation, and the following entry is added via history.pushState(). Or it can occur via navigation to a fragment.

All entries that share the same document state (and that are therefore merely different states of one particular document) are contiguous by construction.


A Document has a latest entry, a session history entry or null.

This is the entry that was most recently represented by a given Document. A single Document can represent many session history entries over time, as many contiguous session history entries can share the same document state as explained above.

7.4.1.3 Centralized modifications of session history

To maintain a single source of truth, all modifications to a traversable navigable's session history entries need to be synchronized. This is especially important due to how session history is influenced by all of the descendant navigables, and thus by multiple event loops. To accomplish this, we use the session history traversal parallel queue structure.

A session history traversal parallel queue is very similar to a parallel queue. It has an algorithm set, an ordered set.

The items in a session history traversal parallel queue's algorithm set are either algorithm steps, or synchronous navigation steps, which are a particular brand of algorithm steps involving a target navigable (a navigable).

To append session history traversal steps to a traversable navigable traversable given algorithm steps steps, append steps to traversable's session history traversal queue's algorithm set.

To append session history synchronous navigation steps involving a navigable targetNavigable to a traversable navigable traversable given algorithm steps steps, append steps as synchronous navigation steps targeting target navigable targetNavigable to traversable's session history traversal queue's algorithm set.

To start a new session history traversal parallel queue:

  1. Let sessionHistoryTraversalQueue be a new session history traversal parallel queue.

  2. Run the following steps in parallel:

    1. While true:

      1. If sessionHistoryTraversalQueue's algorithm set is empty, then continue.

      2. Let steps be the result of dequeuing from sessionHistoryTraversalQueue's algorithm set.

      3. Run steps.

  3. Return sessionHistoryTraversalQueue.

Synchronous navigation steps are tagged in the algorithm set to allow them to conditionally "jump the queue". This is handled within apply the history step.

Imagine the joint session history depicted by this Jake diagram:

01
top/a/b

And the following code runs at the top level:

history.back();
location.href = '#foo';

The desired result is:

012
top/a/b/b#foo

This isn't straightforward, as the sync navigation wins the race in terms of being observable, whereas the traversal wins the race in terms of queuing steps on the session history traversal parallel queue. To achieve this result, the following happens:

  1. history.back() appends steps intended to traverse by a delta of −1.

  2. location.href = '#foo' synchronously changes the active session history entry entry to a newly-created one, with the URL /b#foo, and appends synchronous steps to notify the central source of truth about that new entry. Note that this does not yet update the current session history entry, current session history step, or the session history entries list; those updates cannot be done synchronously, and instead must be done as part of the queued steps.

  3. On the session history traversal parallel queue, the steps queued by history.back() run:

    1. The target history step is determined to be 0: the current session history step (i.e., 1) plus the intended delta of −1.

    2. We enter the main apply the history step algorithm.

      The entry at step 0, for the /a URL, has its document populated.

      Meanwhile, the queue is checked for synchronous navigation steps. The steps queued by the location.href setter now run, and block the traversal from performing effects beyond document population (such as, unloading documents and switching active history entries) until they are finished. Those steps cause the following to happen:

      1. The entry with URL /b#foo is added, with its step determined to be 2: the current session history step (i.e., 1) plus 1.

      2. We fully switch to that newly added entry, including a nested call to apply the history step. This ultimately results in updating the document by dispatching events like hashchange.

      Only once that is all complete, and the /a history entry has been fully populated with a document, do we move on with applying the history step given the target step of 0.

      At this point, the Document with URL /b#foo unloads, and we finish moving to our target history step 0, which makes the entry with URL /a become the active session history entry and 0 become the current session history step.

Here is another more complex example, involving races between populating two different iframes, and a synchronous navigation once one of those iframes loads. We start with this setup:

012
top/t
frames[0]/i-0-a/i-0-b
frames[1]/i-1-a/i-1-b

and then call history.go(-2). The following then occurs:

  1. history.go(-2) appends steps intended to traverse by a delta of −2. Once those steps run:

    1. The target step is determined to be 2 + (−2) = 0.

    2. In parallel, the fetches are made to populate the two iframes, fetching /i-0-a and /i-1-a respectively.

      Meanwhile, the queue is checked for synchronous navigation steps. There aren't any right now.

    3. In the fetch race, the fetch for /i-0-a wins. We proceed onward to finish all of apply the history step's work for how the traversal impacts the frames[0] navigable, including updating its active session history entry to the entry with URL /i-0-a.

    4. Before the fetch for /i-1-a finishes, we reach the point where scripts may run for the newly-created document in the frames[0] navigable's active document. Some such script does run:

      location.href = '#foo'

      This synchronously changes the frames[0] navigable's active session history entry entry to a newly-created one, with the URL /i-0-a#foo, and appends synchronous steps to notify the central source of truth about that new entry.

      Unlike in the previous example, these synchronous steps do not "jump the queue" and update the traversable before we finish the fetch for /i-1-a. This is because the navigable in question, frames[0], has already been altered as part of the traversal, so we know that with the current session history step being 2, adding the new entry as a step 3 doesn't make sense.

    5. One the fetch for /i-1-a finally finishes, we proceed to finish updating the frames[1] navigable for the traversal, including updating its active session history entry to the entry with URL /i-1-a.

    6. Now that both navigables have finished processing the traversal, we update the current session history step to the target step of 0.

  2. Now we can process the steps that were queued for the synchronous navigation:

    1. The /i-0-a#foo entry is added, with its step determined to be 1: the current session history step (i.e., 0) plus 1. This also clears existing forward history.

    2. We fully switch to that newly added entry, including calling apply the history step. This ultimately results in updating the document by dispatching events like hashchange, as well as updating the current session history step to the target step of 1.

The end result is:

01
top/t
frames[0]/i-0-a/i-0-a#foo
frames[1]/i-1-a
7.4.1.4 Low-level operations on session history

This section contains a miscellaneous grab-bag of operations that we perform throughout the standard when manipulating session history. The best way to get a sense of what they do is to look at their call sites.

To get session history entries for a navigable, navigable:

  1. Let traversable be navigable's traversable navigable.

  2. Assert: this is running within traversable's session history traversal queue.

  3. If navigable is traversable, return traversable's session history entries.

  4. Let docStates be an empty ordered set of document states.

  5. For each entry of traversable's session history entries, append entry's document state to docStates.

  6. For each docState of docStates:

    1. For each nestedHistory of docState's nested histories:

      1. If nestedHistory's id equals navigable's id, return nestedHistory's entries.

      2. For each entry of nestedHistory's entries, append entry's document state to docStates.

  7. Assert: this step is not reached.

To clear the forward session history of a traversable navigable navigable:

  1. Assert: this is running within navigable's session history traversal queue.

  2. Let step be the navigable's current session history step.

  3. Let entryLists be the ordered set « navigable's session history entries ».

  4. For each entryList of entryLists:

    1. Remove every session history entry from entryList that has a step greater than step.

    2. For each entry of entryList:

      1. For each nestedHistory of entry's document state's nested histories, append nestedHistory's entries list to entryLists.

To get all used history steps that are part of traversable navigable traversable:

  1. Assert: this is running within traversable's session history traversal queue.

  2. Let steps be an empty ordered set of non-negative integers.

  3. Let entryLists be the ordered set « traversable's session history entries ».

  4. For each entryList of entryLists:

    1. For each entry of entryList:

      1. Append entry's step to steps.

      2. For each nestedHistory of entry's document state's nested histories, append nestedHistory's entries list to entryLists.

  5. Return steps, sorted.

To apply pending history changes to a traversable navigable traversable with optional boolean checkForUserCancelation (default false):

  1. Let targetStep be traversable's current session history step.

  2. Apply the history step targetStep to traversable with checkForUserCancelation set to checkForUserCancelation.

Certain actions cause a navigable to navigate to a new resource.

For example, following a hyperlink, form submission, and the window.open() and location.assign() methods can all cause navigation.

Although in this standard the word "navigation" refers specifically to the navigate algorithm, this doesn't always line up with web developer or user perceptions. For example:

Before we can jump into the navigation algorithm itself, we need to establish several important structures that it uses.

The source snapshot params struct is used to capture data from a Document initiating a navigation. It is snapshotted at the beginning of a navigation and used throughout the navigation's lifetime. It has the following items:

has transient activation
a boolean
sandboxing flags
a sandboxing flag set
allows downloading
a boolean
fetch client
an environment settings object, only to be used as a request client
source policy container
a policy container

To snapshot source snapshot params given a Document sourceDocument, return a new source snapshot params with

has transient activation
true if sourceDocument's relevant global object has transient activation; otherwise false
sandboxing flags
sourceDocument's active sandboxing flag set
allows downloading
false if sourceDocument's active sandboxing flag set has the sandboxed downloads browsing context flag set; otherwise true
fetch client
sourceDocument's relevant settings object
source policy container
sourceDocument's policy container

The target snapshot params struct is used to capture data from a navigable being navigated. Like source snapshot params, it is snapshotted at the beginning of a navigation and used throughout the navigation's lifetime. It has the following items:

sandboxing flags
a sandboxing flag set

To snapshot target snapshot params given a navigable targetNavigable, return a new target snapshot params with sandboxing flags set to the result of determining the creation sandboxing flags given targetNavigable's active browsing context and targetNavigable's container.


Much of the navigation process is concerned with determining how to create a new Document, which ultimately happens in the create and initialize a Document object algorithm. The parameters to that algorithm are tracked via a navigation params struct, which has the following items:

id
null or a navigation ID
request
null or a request that started the navigation
response
a response that ultimately was navigated to (potentially a network error)
origin
an origin to use for the new Document
policy container
a policy container to use for the new Document
final sandboxing flag set
a sandboxing flag set to impose on the new Document
cross-origin opener policy
a cross-origin opener policy to use for the new Document
COOP enforcement result
a cross-origin opener policy enforcement result, used for reporting and potentially for causing a browsing context group switch
reserved environment
null or an environment reserved for the new Document
navigable
the navigable to be navigated
navigation timing type
a NavigationTimingType used for creating the navigation timing entry for the new Document
fetch controller
null or a fetch controller
commit early hints
null or an algorithm accepting a Document, once it has been created

Once a navigation params struct is created, this standard does not mutate any of its items. They are only passed onward to other algorithms.


A navigation ID is a UUID string generated during navigation. It is used to interface with the WebDriver BiDi specification as well as to track the ongoing navigation. [WEBDRIVERBIDI]


After Document creation, the relevant traversable navigable's session history gets updated. A history handling behavior is used to track the desired type of session history update throughout the navigation process. It is one of the following:

"push"
A regular navigation which adds a new session history entry, and will clear the forward session history.
"replace"
A navigation that will replace the active session history entry.
7.4.2.2 Beginning navigation

Each navigable has an ongoing navigation, which is a navigation ID, "traversal", or null, initially null. It is used to track navigation aborting and to prevent any navigations from taking place during traversal.

To navigate a navigable navigable to a URL url using a Document sourceDocument, with an optional POST resource, string, or null documentResource (default null), an optional response-or-null response (default null), an optional boolean exceptionsEnabled (default false), an optional history handling behavior historyHandling (default "push"), an optional string cspNavigationType (default "other"), and an optional referrer policy referrerPolicy (default the empty string):

  1. Let sourceSnapshotParams be the result of snapshotting source snapshot params given sourceDocument.

  2. Let initiatorOriginSnapshot be sourceDocument's origin.

  3. Let navigationId be the result of generating a random UUID. [WEBCRYPTO]

  4. If the surrounding agent is equal to navigable's active document's relevant agent, then continue these steps. Otherwise, queue a global task on the navigation and traversal task source given navigable's active window to continue these steps.

    We do this because we are about to look at a lot of properties of navigable's active document, which are in theory only accessible over in the appropriate event loop. (But, we do not want to unconditionally queue a task, since — for example — same-event-loop fragment navigations need to take effect synchronously.)

    Another implementation strategy would be to replicate the relevant information across event loops, or into a canonical "browser process", so that it can be consulted without queueing a task. This could give different results than what we specify here in edge cases, where the relevant properties have changed over in the target event loop but not yet been replicated. Further testing is needed to determine which of these strategies best matches browser behavior, in such racy edge cases.

  5. If navigable's active document's unload counter is greater than 0, then invoke WebDriver BiDi navigation failed with a WebDriver BiDi navigation status whose id is navigationId, status is "canceled", and url is url, and return.

  6. If navigable's parent is non-null, then set navigable's is delaying load events to true.

  7. Let targetBrowsingContext be navigable's active browsing context.

  8. Let targetSnapshotParams be the result of snapshotting target snapshot params given navigable.

  9. Invoke WebDriver BiDi navigation started with targetBrowsingContext, and a new WebDriver BiDi navigation status whose id is navigationId, url is url, and status is "pending".

  10. If navigable's ongoing navigation is "traversal", then:

    1. Invoke WebDriver BiDi navigation failed with targetBrowsingContext and a new WebDriver BiDi navigation status whose id is navigationId, status is "canceled", and url is url.

    2. Return.

    Any attempts to navigate a navigable that is currently traversing are ignored.

  11. Set navigable's ongoing navigation to navigationId.

    This will have the effect of aborting other ongoing navigations of navigable, since at certain points during navigation changes to the ongoing navigation will cause further work to be abandoned.

  12. If url's scheme is "javascript", then:

    1. Queue a global task on the navigation and traversal task source given navigable's active window to navigate to a javascript: URL given navigable, url, historyHandling, initiatorOriginSnapshot, and cspNavigationType.

    2. Return.

  13. In parallel, run these steps:

    1. Let unloadPromptCanceled be the result of checking if unloading is user-canceled for navigable's active document's inclusive descendant navigables.

    2. If unloadPromptCanceled is true, or navigable's ongoing navigation is no longer navigationId, then:

      1. Invoke WebDriver BiDi navigation failed with targetBrowsingContext and a new WebDriver BiDi navigation status whose id is navigationId, status is "canceled", and url is url.

      2. Abort these steps.

    3. Queue a global task on the navigation and traversal task source given navigable's active window to abort navigable's active document.

    4. If url is about:blank, then set documentState's origin to documentState's initiator origin.

    5. Otherwise, if url is about:srcdoc, then set documentState's origin to navigable's parent's active document's origin.

    6. Let historyEntry be a new session history entry, with its URL set to url and its document state set to documentState.

    7. Let navigationParams be null.

    8. If response is non-null:

      The navigate algorithm is only supplied with a response as part of the object and embed processing models, or for processing parts of multipart/x-mixed-replace responses after the initial response.

      1. Let policyContainer be the result of determining navigation params policy container given response's URL, null, a clone of the sourceDocument's policy container, navigable's container document's policy container, and null.

      2. Let finalSandboxFlags be the union of targetSnapshotParams's sandboxing flags and policyContainer's CSP list's CSP-derived sandboxing flags.

      3. Let responseOrigin be the result of determining the origin given response's URL, finalSandboxFlags, documentState's initiator origin, and null.

      4. Let coop be a new cross-origin opener policy.

      5. Let coopEnforcementResult be a new cross-origin opener policy enforcement result with

        url
        response's URL
        origin
        responseOrigin
        cross-origin opener policy
        coop
      6. Set navigationParams to a new navigation params, with

        id
        navigationId
        request
        null
        response
        response
        origin
        responseOrigin
        policy container
        policyContainer
        final sandboxing flag set
        finalSandboxFlags
        cross-origin opener policy
        coop
        COOP enforcement result
        coopEnforcementResult
        reserved environment
        null
        navigable
        navigable
        navigation timing type
        "navigate"
        fetch controller
        null
        commit early hints
        null
    9. Attempt to populate the history entry's document for historyEntry, given navigable, "navigate", sourceSnapshotParams, targetSnapshotParams, navigationId, navigationParams, cspNavigationType, with allowPOST set to true and completionSteps set to the following step:

      1. Append session history traversal steps to navigable's traversable to finalize a cross-document navigation given navigable, historyHandling, and historyEntry.

7.4.2.3 Ending navigation

Although the usual cross-document navigation case will first foray into populating a session history entry with a Document, all navigations that don't get aborted will ultimately end up calling into one of the below algorithms.

7.4.2.3.1 The usual cross-document navigation case

To finalize a cross-document navigation given a navigable navigable, history handling behavior historyHandling, and session history entry historyEntry:

  1. Assert: this is running on navigable's traversable navigable's session history traversal queue.

  2. Set navigable's is delaying load events to false.

  3. If historyEntry's document is null, then return.

    This means that attempting to populate the history entry's document ended up not creating a document, as a result of e.g., the navigation being canceled by a subsequent navigation, a 204 No Content response, etc.

  4. If all of the following are true:

    then set historyEntry's document state's navigable target name to the empty string.

  5. Let entryToReplace be navigable's active session history entry if historyHandling is "replace", otherwise null.

  6. Let traversable be navigable's traversable navigable.

  7. Let targetStep be null.

  8. Let targetEntries be the result of getting session history entries for navigable.

  9. If entryToReplace is null, then:

    1. Clear the forward session history of traversable.

    2. Set targetStep to traversable's current session history step + 1.

    3. Set historyEntry's step to targetStep.

    4. Append historyEntry to targetEntries.

    Otherwise:

    1. Replace entryToReplace with historyEntry in targetEntries.

    2. Set historyEntry's step to entryToReplace's step.

    3. Set targetStep to traversable's current session history step.

  10. Apply the history step targetStep to traversable.

7.4.2.3.2 The javascript: URL special case

javascript: URLs have a dedicated label on the issue tracker documenting various problems with their specification.

To navigate to a javascript: URL, given a navigable targetNavigable, a URL url, a history handling behavior historyHandling, an origin initiatorOrigin, and a string cspNavigationType:

  1. Assert: historyHandling is "replace".

  2. Set targetNavigable's ongoing navigation to null.

  3. If initiatorOrigin is not same origin-domain with targetNavigable's active document's origin, then return.

  4. Let request be a new request whose URL is url.

    This is a synthetic request solely for plumbing into the next step. It will never hit the network.

  5. If the result of should navigation request of type be blocked by Content Security Policy? given request and cspNavigationType is "Blocked", then return. [CSP]

  6. Let newDocument be the result of evaluating a javascript: URL given targetNavigable, url, and initiatorOrigin.

  7. If newDocument is null, then return.

    In this case, some JavaScript code was executed, but no new Document was created, so we will not perform a navigation.

  8. Let entryToReplace be targetNavigable's active session history entry.

  9. Let oldDocState be entryToReplace's document state.

  10. Let documentState be a new document state with

    document
    newDocument
    history policy container
    a clone of the oldDocState's history policy container
    request referrer
    oldDocState's request referrer
    request referrer policy
    oldDocState's request referrer policy or should this be the referrerPolicy that was passed to navigate?
    origin
    initiatorOriginSnapshot
    resource
    null
    ever populated
    true
    navigable target name
    oldDocState's navigable target name
  11. Let historyEntry be a new session history entry, with

    URL
    entryToReplace's URL
    document state
    documentState

    For the URL, we do not use url, i.e. the actual javascript: URL that the navigate algorithm was called with. This means javascript: URLs are never stored in session history, and so can never be traversed to.

  12. Append session history traversal steps to targetNavigable's traversable to finalize a cross-document navigation with targetNavigable, historyHandling, and historyEntry.

To evaluate a javascript: URL given a navigable targetNavigable, a URL url, and an origin newDocumentOrigin:

  1. Let urlString be the result of running the URL serializer on url.

  2. Let encodedScriptSource be the result of removing the leading "javascript:" from urlString.

  3. Let scriptSource be the UTF-8 decoding of the percent-decoding of encodedScriptSource.

  4. Let settings be targetNavigable's active document's relevant settings object.

  5. Let baseURL be settings's API base URL.

  6. Let script be the result of creating a classic script given scriptSource, settings, baseURL, and the default classic script fetch options.

  7. Let evaluationStatus be the result of running the classic script script.

  8. Let result be null.

  9. If evaluationStatus is a normal completion, and evaluationStatus.[[Value]] is a String, then set result to evaluationStatus.[[Value]].

  10. Otherwise, return null.

  11. Let response be a new response with

    URL
    targetNavigable's active document's URL
    header list
    « (`Content-Type`, `text/html;charset=utf-8`) »
    body
    the UTF-8 encoding of result, as a body

    The encoding to UTF-8 means that unpaired surrogates will not roundtrip, once the HTML parser decodes the response body.

  12. Let policyContainer be targetNavigable's active document's policy container.

  13. Let finalSandboxFlags be policyContainer's CSP list's CSP-derived sandboxing flags.

  14. Let coop be targetNavigable's active document's cross-origin opener policy.

  15. Let coopEnforcementResult be a new cross-origin opener policy enforcement result with

    url
    url
    origin
    initiatorOrigin
    cross-origin opener policy
    coop
  16. Let navigationParams be a new navigation params, with

    id
    navigationId
    request
    null this will cause the referrer of the resulting Document to be null; is that correct?
    response
    response
    origin
    initiatorOrigin
    policy container
    policyContainer
    final sandboxing flag set
    finalSandboxFlags
    cross-origin opener policy
    coop
    COOP enforcement result
    coopEnforcementResult
    reserved environment
    null
    navigable
    targetNavigable
    navigation timing type
    "navigate"
    fetch controller
    null
    commit early hints
    null
  17. Return the result of loading an HTML document given navigationParams.

7.4.2.3.3 Fragment navigations

To navigate to a fragment given a navigable navigable, a URL url, a history handling behavior historyHandling, and a navigation ID navigationId:

  1. Let historyEntry be a new session history entry, with

    URL
    url
    document state
    navigable's active session history entry's document state
    scroll restoration mode
    navigable's active session history entry's scroll restoration mode
  2. Let entryToReplace be navigable's active session history entry if historyHandling is "replace", otherwise null.

  3. Let history be navigable's active document's history object.

  4. Let scriptHistoryIndex be history's index.

  5. Let scriptHistoryLength be history's length.

  6. If historyHandling is "push", then:

    1. Set history's state to null.

    2. Increment scriptHistoryIndex.

    3. Set scriptHistoryLength to scriptHistoryIndex + 1.

  7. Set navigable's active session history entry to historyEntry.

  8. Update document for history step application given navigable's active document, historyEntry, true, scriptHistoryIndex, and scriptHistoryLength.

    This algorithm will be called twice as a result of a single fragment navigation: once synchronously, where best-guess values scriptHistoryIndex and scriptHistoryLength are set, history.state is nulled out, and various events are fired; and once asynchronously, where the final values for index and length are set, history.state remains untouched, and no events are fired.

  9. Scroll to the fragment given navigable's active document.

    If the scrolling fails because the Document is new and the relevant ID has not yet been parsed, then the second asynchronous call to update document for history step application will take care of scrolling.

  10. Let traversable be navigable's traversable navigable.

  11. Append the following session history synchronous navigation steps involving navigable to traversable:

    1. Finalize a same-document navigation given traversable, navigable, historyEntry, and entryToReplace.

    2. Invoke WebDriver BiDi fragment navigated with navigable's active browsing context and a new WebDriver BiDi navigation status whose id is navigationId, url is resource's url, and status is "complete".

To finalize a same-document navigation given a traversable navigable traversable, a navigable targetNavigable, a session history entry targetEntry, and session history entry-or-null entryToReplace:

This is used by both fragment navigations and by the URL and history update steps, which are the only synchronous updates to session history. By virtue of being synchronous, those algorithms are performed outside of the top-level traversable's session history traversal queue. This puts them out of sync with the top-level traversable's current session history step, so this algorithm is used to resolve conflicts due to race conditions.

  1. Assert: this is running on traversable's session history traversal queue.

  2. If targetNavigable's active session history entry is not targetEntry, then return.

  3. Let targetStep be null.

  4. Let targetEntries be the result of getting session history entries for targetNavigable.

  5. If entryToReplace is null, then:

    1. Clear the forward session history of traversable.

    2. Set targetStep to traversable's current session history step + 1.

    3. Set targetEntry's step to targetStep.

    4. Append targetEntry to targetEntries.

    Otherwise:

    1. Replace entryToReplace with targetEntry in targetEntries.

    2. Set targetEntry's step to entryToReplace's step.

    3. Set targetStep to traversable's current session history step.

  6. Apply the history step targetStep to traversable.

    This is done even for "replace" navigations, as it resolves race conditions across multiple synchronous navigations.

7.4.2.3.4 Non-fetch schemes and external software

One input to attempt to create a non-fetch scheme document is the non-fetch scheme navigation params struct. It is a light weight version of navigation params which only carries parameters relevant to the non-fetch scheme navigation case. It has the following items:

initiator origin

an origin possibly for use in a user-facing prompt to confirm the invocation of an external software package

This differs slightly from a document state's initiator origin in that a non-fetch scheme navigation params's initiator origin follows redirects up to the last fetch scheme URL in a redirect chain that ends in a non-fetch scheme URL.

To attempt to create a non-fetch scheme document, given a URL url, a navigable navigable, a sandboxing flag set sandboxFlags, a navigation ID navigationId, a NavigationTimingType navTimingType, a boolean hasTransientActivation, and an origin initiatorOrigin:

  1. If url is to be handled using a mechanism that does not affect navigable, e.g., because url's scheme is handled externally, then:

    1. Hand-off to external software given url, navigable, sandboxFlags, hasTransientActivation, and initiatorOrigin.

    2. Return null.

  2. Handle url by displaying some sort of inline content, e.g., an error message because the specified scheme is not one of the supported protocols, or an inline prompt to allow the user to select a registered handler for the given scheme. Return the result of displaying the inline content given navigable, navigationId, and navTimingType.

    In the case of a registered handler being used, navigate will be invoked with a new URL.

To hand-off to external software given a URL or response resource, a navigable navigable, a sandboxing flag set sandboxFlags, a boolean hasTransientActivation, and an origin initiatorOrigin user agents should:

  1. If all of the following conditions hold:

    then return without invoking the external software package.

    Navigation inside an iframe toward external software can be seen by users as a new popup or a new top-level navigation. That's why its is allowed in sandboxed iframe only when one of allow-popups, allow-top-navigation, allow-top-navigation-by-user-activation, or allow-top-navigation-to-custom-protocols is specified.

  2. Perform the appropriate handoff of resource while attempting to mitigate the risk that this is an attempt to exploit the target software. For example, user agents could prompt the user to confirm that initiatorOrigin is to be allowed to invoke the external software in question. In particular, if hasTransientActivation is false, then the user agent should not invoke the external software package without prior user confirmation.

    For example, there could be a vulnerability in the target software's URL handler which a hostile page would attempt to exploit by tricking a user into clicking a link.

7.4.2.4 Preventing navigation

A couple of scenarios can intervene early in the navigation process and put the whole thing to a halt. This can be especially exciting when multiple navigables are navigating at the same time, due to a session history traversal.

A navigable source is allowed by sandboxing to navigate a second navigable target, given a source snapshot params sourceSnapshotParams, if the following steps return true:

  1. If source is target, then return true.

  2. If source is an ancestor of target, then return true.

  3. If target is an ancestor of source, then:

    1. If target is not a top-level traversable, then return true.

    2. If sourceSnapshotParams's has transient activation is true, and sourceSnapshotParams's sandboxing flags's sandboxed top-level navigation with user activation browsing context flag is set, then return false.

    3. If sourceSnapshotParams's has transient activation is false, and sourceSnapshotParams's sandboxing flags's sandboxed top-level navigation without user activation browsing context flag is set, then return false.

    4. Return true.

  4. If target is a top-level traversable:

    1. If source is the one permitted sandboxed navigator of target, then return true.

    2. If sourceSnapshotParams's sandboxing flags's sandboxed navigation browsing context flag is set, then return false.

    3. Return true.

  5. If sourceSnapshotParams's sandboxing flags's sandboxed navigation browsing context flag is set, then return false.

  6. Return true.

To check if unloading is user-canceled for list of navigables navigables:

  1. Let documents be the active document of each item in navigables.

  2. Let unloadPromptShown be false.

  3. Let unloadPromptCanceled be false.

  4. Let totalTasks be the size of documents.

  5. Let completedTasks be 0.

  6. For each document of documents, queue a global task on the navigation and traversal task source given document's relevant global object to run the steps:

    1. Increase the document's unload counter by 1.

    2. Increase the event loop's termination nesting level by 1.

    3. Let event be the result of creating an event using BeforeUnloadEvent.

    4. Initialize event's type attribute to beforeunload and its cancelable attribute true.

    5. Dispatch event at document's relevant global object.

    6. Decrease the event loop's termination nesting level by 1.

    7. If all of the following are true:

      • unloadPromptShown is false;

      • document's active sandboxing flag set does not have its sandboxed modals flag set;

      • document's relevant global object has sticky activation;

      • event's canceled flag is set, or the returnValue attribute of event is not the empty string; and

      • showing an unload prompt is unlikely to be annoying, deceptive, or pointless

      then:

      1. Set unloadPromptShown to true.

      2. Invoke WebDriver BiDi user prompt opened with document's relevant global object, "beforeunload", and "".

      3. Ask the user to confirm that they wish to unload the document, and pause while waiting for the user's response.

        The message shown to the user is not customizable, but instead determined by the user agent. In particular, the actual value of the returnValue attribute is ignored.

      4. If the user did not confirm the page navigation, set unloadPromptCanceled to true.

      5. Invoke WebDriver BiDi user prompt closed with document's relevant global object and true if unloadPromptCanceled is false or false otherwise.

    8. Decrease the document's unload counter by 1.

    9. Increment completedTasks.

  7. Wait for completedTasks to be totalTasks.

  8. Return unloadPromptCanceled.

7.4.3 Reloading and traversing

To reload a navigable navigable:

  1. Set navigable's active session history entry's document state's reload pending to true.

  2. Let traversable be navigable's traversable navigable.

  3. Append the following session history traversal steps to traversable:

    1. Apply pending history changes to traversable with true.

      It is intentional that the resulting call to apply the history step does not pass sourceSnapshotParams or initiatorToCheck. Reloading is always treated as if it were done by navigable itself, even in cases like parent.location.reload().

To traverse the history by a delta given a traversable navigable traversable, an integer delta, and an optional Document sourceDocument:

  1. Let sourceSnapshotParams and initiatorToCheck be null.

  2. If sourceDocument is given, then:

    1. Set sourceSnapshotParams to the result of snapshotting source snapshot params given sourceDocument.

    2. Set initiatorToCheck to sourceDocument's node navigable.

  3. Append the following session history traversal steps to traversable:

    1. Let allSteps be the result of getting all used history steps for traversable.

    2. Let currentStepIndex be the index of traversable's current session history step within allSteps.

    3. Let targetStepIndex be currentStepIndex plus delta.

    4. If allSteps[targetStepIndex] does not exist, then abort these steps.

    5. Apply the history step allSteps[targetStepIndex] to traversable, with checkForUserCancelation set to true, sourceSnapshotParams set to sourceSnapshotParams, and initiatorToCheck set to initiatorToCheck.

Apart from the navigate algorithm, session history entries can be pushed or replaced via one more mechanism, the URL and history update steps. The most well-known callers of these steps are the history.replaceState() and history.pushState() APIs, but various other parts of the standard also need to perform updates to the active history entry, and they use these steps to do so.

The URL and history update steps, given a Document document, a URL newURL, an optional serialized state-or-null serializedData (default null), and an optional history handling behavior historyHandling (default "replace"), are:

  1. Let navigable be document's node navigable.

  2. Let activeEntry be navigable's active session history entry.

  3. Let newEntry be a new session history entry, with

    URL
    newURL
    serialized state
    if serializedData is not null, serializedData; otherwise activeEntry's serialized state
    document state
    activeEntry's document state
    scroll restoration mode
    activeEntry's scroll restoration mode
    persisted user state
    activeEntry's persisted user state
  4. If document's is initial about:blank is true, then set historyHandling to "replace".

    This means that pushState() on an initial about:blank Document behaves as a replaceState() call.

  5. Let entryToReplace be activeEntry if historyHandling is "replace", otherwise null.

  6. If historyHandling is "push", then:

    1. Increment document's history object's index.

    2. Set document's history object's length to its index + 1.

    These are temporary best-guess values for immediate synchronous access.

  7. If serializedData is not null, then restore the history object state given document and newEntry.

  8. Set document's URL to newURL.

    Since this is neither a navigation nor a history traversal, it does not cause a hashchange event to be fired.

  9. Set document's latest entry to newEntry.

  10. Set navigable's active session history entry to newEntry.

  11. Let traversable be navigable's traversable navigable.

  12. Append the following session history synchronous navigation steps involving navigable to traversable:

    1. Finalize a same-document navigation given traversable, navigable, newEntry, and entryToReplace.

Although both fragment navigation and the URL and history update steps perform synchronous history updates, only fragment navigation contains a synchronous call to update document for history step application. The URL and history update steps instead perform a few select updates inside the above algorithm, omitting others. This is somewhat of an unfortunate historical accident, and generally leads to web-developer sadness about the inconsistency. For example, this means that popstate events fire for fragment navigations, but not for history.pushState() calls.

7.4.5 Populating a session history entry

As explained in the overview, both navigation and traversal involve creating a session history entry and then attempting to populate its document member, so that it can be presented inside the navigable.

This involves either: using an already-given response; using the srcdoc resource stored in the session history entry; or fetching. The process has several failure modes, which can either result in doing nothing (leaving the navigable on its currently-active Document) or can result in populating the session history entry with an error document.

To attempt to populate the history entry's document for a session history entry entry, given a navigable navigable, a NavigationTimingType navTimingType, a source snapshot params sourceSnapshotParams, a target snapshot params targetSnapshotParams, an optional navigation ID-or-null navigationId (default null), an optional navigation params-or-null navigationParams (default null), an optional string cspNavigationType (default "other"), an optional boolean allowPOST (default false), and optional algorithm steps completionSteps (default an empty algorithm):

  1. Assert: this is running in parallel.

  2. Assert: if navigationParams is non-null, then navigationParams's response is non-null.

  3. Let currentBrowsingContext be navigable's active browsing context.

  4. Let documentResource be entry's document state's resource.

  5. If navigationParams is null, then:

    1. If documentResource is a string, then set navigationParams to the result of creating navigation params from a srcdoc resource given entry, navigable, targetSnapshotParams, navigationId, and navTimingType.

    2. Otherwise, if both of the following are true:

      then set navigationParams to the result of creating navigation params by fetching given entry, navigable, sourceSnapshotParams, targetSnapshotParams, cspNavigationType, navigationId, and navTimingType.

    3. Otherwise, if entry's URL's scheme is not a fetch scheme, then set navigationParams to a new non-fetch scheme navigation params, with

      initiator origin
      entry's document state's initiator origin
  6. Queue a global task on the navigation and traversal task source, given navigable's active window, to run these steps:

    1. If navigable's ongoing navigation no longer equals navigationId, then run completionSteps and return.

    2. Let failure be false.

    3. If navigationParams is a non-fetch scheme navigation params, then set entry's document state's document to the result of running attempt to create a non-fetch scheme document given entry's URL, navigable, targetSnapshotParams's sandboxing flags, navigationId, navTimingType, sourceSnapshotParams's has transient activation, and navigationParams's initiator origin.

      The entry's URL might have been changed within the previous step of this algorithm following an HTTP redirect.

    4. Otherwise, if navigationParams is null, then set failure to true.

    5. Otherwise, if the result of should navigation response to navigation request of type in target be blocked by Content Security Policy? given navigationParams's request, navigationParams's response, navigationParams's policy container's CSP list, cspNavigationType, and currentBrowsingContext is "Blocked", then set failure to true. [CSP]

    6. Otherwise, if navigationParams's reserved environment is non-null and the result of checking a navigation response's adherence to its embedder policy given navigationParams's response, navigable, and navigationParams's policy container's embedder policy is false, then set failure to true.

    7. Otherwise, if the result of checking a navigation response's adherence to `X-Frame-Options` given navigationParams's response, navigable, navigationParams's policy container's CSP list, and navigationParams's origin is false, then set failure to true.

    8. If failure is true, then:

      1. Set entry's document state's document to the result of creating a document for inline content that doesn't have a DOM, given navigable, null, and navTimingType. The inline content should indicate to the user the sort of error that occurred.

      2. Set entry's document state's document's salvageable to false.

      3. If navigationParams is not null, then:

        1. Run the environment discarding steps for navigationParams's reserved environment.

        2. Invoke WebDriver BiDi navigation failed with currentBrowsingContext and a new WebDriver BiDi navigation status whose id is navigationId, status is "canceled", and url is navigationParams's response's URL.

    9. Otherwise, if navigationParams's response's status is 204 or 205, then:

      1. Run completionSteps.

      2. Return.

    10. Otherwise:

      1. Let document be the result of loading a document given navigationParams, sourceSnapshotParams, and entry's document state's initiator origin.

      2. If document is null, then run completionSteps and return.

      3. Set entry's document state's document to document.

      4. Set entry's document state's origin to document's origin.

    11. If entry's document state's request referrer is "client", then set it to request's referrer.

      This ensures that if we traverse back entry and have to refetch, we use the same referrer, instead of deriving the referrer from the fetch client.

    12. If entry's document state's document is not null, then set entry's document state's ever populated to true.

    13. Run completionSteps.

To create navigation params from a srcdoc resource given a session history entry entry, a navigable navigable, a target snapshot params targetSnapshotParams, a navigation ID-or-null navigationId, and a NavigationTimingType navTimingType:

  1. Let documentResource be entry's document state's resource.

  2. Let response be a new response with

    URL
    about:srcdoc
    header list
    « (`Content-Type`, `text/html`) »
    body
    the UTF-8 encoding of documentResource, as a body
  3. Let responseOrigin be the result of determining the origin given response's URL, targetSnapshotParams's sandboxing flags, null, and entry's document state's origin.

  4. Let coop be a new cross-origin opener policy.

  5. Let coopEnforcementResult be a new cross-origin opener policy enforcement result with

    url
    response's URL
    origin
    responseOrigin
    cross-origin opener policy
    coop
  6. Let policyContainer be the result of determining navigation params policy container given response's URL, entry's document state's history policy container, null, navigable's container document's policy container, and null.

  7. Return a new navigation params, with

    id
    navigationId
    request
    null
    response
    response
    origin
    responseOrigin
    policy container
    policyContainer
    final sandboxing flag set
    targetSnapshotParams's sandboxing flags
    cross-origin opener policy
    coop
    COOP enforcement result
    coopEnforcementResult
    reserved environment
    null
    navigable
    navigable
    navigation timing type
    navTimingType
    fetch controller
    null
    commit early hints
    null

To create navigation params by fetching given a session history entry entry, a navigable navigable, a source snapshot params sourceSnapshotParams, a target snapshot params targetSnapshotParams, a string cspNavigationType, a navigation ID-or-null navigationId, and a NavigationTimingType navTimingType, perform the following steps. They return a navigation params, a non-fetch scheme navigation params, or null.

This algorithm mutates entry.

  1. Assert: this is running in parallel.

  2. Let documentResource be entry's document state's resource.

  3. Let request be a new request, with

    url
    entry's URL
    policy container
    entry's document state's history policy container
    client
    sourceSnapshotParams's fetch client
    destination
    "document"
    credentials mode
    "include"
    use-URL-credentials flag
    set
    redirect mode
    "manual"
    replaces client id
    navigable's active document's relevant settings object's id
    mode
    "navigate"
    referrer
    entry's document state's request referrer
    referrer policy
    entry's document state's request referrer policy
  4. If documentResource is a POST resource, then:

    1. Set request's method to `POST`.

    2. Set request's body to documentResource's request body.

    3. Set `Content-Type` to documentResource's request content-type in request's header list.

  5. If entry's document state's reload pending is true, then set request's reload-navigation flag.

  6. Otherwise, if entry's document state's ever populated is true, then set request's history-navigation flag.

  7. If sourceSnapshotParams's has transient activation is true, then set request's user-activation to true.

  8. If navigable's container is non-null:

    1. If the navigable's container has a browsing context scope origin, then set request's origin to that browsing context scope origin.

    2. Set request's destination and initiator type to navigable's container's local name.

  9. Let response be null.

  10. Let responseOrigin be null.

  11. Let fetchController be null.

  12. Let coopEnforcementResult be a new cross-origin opener policy enforcement result, with

    url
    navigable's active document's URL
    origin
    navigable's active document's origin
    cross-origin opener policy
    navigable's active document's cross-origin opener policy
    current context is navigation source
    true if navigable's active document's origin is same origin with entry's document state's initiator origin otherwise false
  13. Let finalSandboxFlags be an empty sandboxing flag set.

  14. Let responsePolicyContainer be null.

  15. Let responseCOOP be a new cross-origin opener policy.

  16. Let locationURL be null.

  17. Let currentURL be request's current URL.

  18. Let commitEarlyHints be null.

  19. While true:

    1. If request's reserved client is not null and currentURL's origin is not the same as request's reserved client's creation URL's origin, then:

      1. Run the environment discarding steps for request's reserved client.

      2. Set request's reserved client to null.

      3. Set commitEarlyHints to null.

        Preloaded links from early hint headers remain in the preload cache after a same origin redirect, but get discarded when the redirect is cross-origin.

    2. If request's reserved client is null, then:

      1. Let topLevelCreationURL be currentURL.

      2. Let topLevelOrigin be null.

      3. If navigable is not a top-level traversable, then:

        1. Let parentEnvironment be navigable's parent's active document's relevant settings object.

        2. Set topLevelCreationURL to parentEnvironment's top-level creation URL.

        3. Set topLevelOrigin to parentEnvironment's top-level origin.

      4. Set request's reserved client to a new environment whose id is a unique opaque string, target browsing context is navigable's active browsing context, creation URL is currentURL, top-level creation URL is topLevelCreationURL, and top-level origin is topLevelOrigin.

        The created environment's active service worker is set in the Handle Fetch algorithm during the fetch if the request URL matches a service worker registration. [SW]

    3. If the result of should navigation request of type be blocked by Content Security Policy? given request and cspNavigationType is "Blocked", then set response to a network error and break. [CSP]

    4. Set response to null.

    5. If fetchController is null, then set fetchController to the result of fetching request, with processEarlyHintsResponse set to processEarlyHintsResponse as defined below, processResponse set to processResponse as defined below, and useParallelQueue set to true.

      Let processEarlyHintsResponse be the following algorithm given a response earlyResponse:

      1. If commitEarlyHints is null, then set commitEarlyHints to the result of processing early hint headers given earlyResponse and request's reserved client.

      Let processResponse be the following algorithm given a response fetchedResponse:

      1. Set response to fetchedResponse.

    6. Otherwise, process the next manual redirect for fetchController.

      This will result in calling the processResponse we supplied above, during our first iteration through the loop, and thus setting response.

      Navigation handles redirects manually as navigation is the only place in the web platform that cares for redirects to mailto: URLs and such.

    7. Wait until either response is non-null, or navigable's ongoing navigation changes to no longer equal navigationId.

      If the latter condition occurs, then abort fetchController, and return.

      Otherwise, proceed onward.

    8. If request's body is null, then set entry's document state's resource to null.

      Fetch unsets the body for particular redirects.

    9. Set responsePolicyContainer to the result of creating a policy container from a fetch response given response and request's reserved client.

    10. Set finalSandboxFlags to the union of targetSnapshotParams's sandboxing flags and responsePolicyContainer's CSP list's CSP-derived sandboxing flags.

    11. Set responseOrigin to the result of determining the origin given response's URL, finalSandboxFlags, entry's document state's initiator origin, and null.

    12. If navigable is a top-level traversable, then:

      1. Set responseCOOP to the result of obtaining a cross-origin opener policy given response and request's reserved client.

      2. Set coopEnforcementResult to the result of enforcing the response's cross-origin opener policy given navigable's active browsing context, request's URL, responseOrigin, responseCOOP, coopEnforcementResult and request's referrer.

      3. If finalSandboxFlags is not empty and responseCOOP's value is not "unsafe-none", then set response to an appropriate network error and break.

        This results in a network error as one cannot simultaneously provide a clean slate to a response using cross-origin opener policy and sandbox the result of navigating to that response.

    13. If response is not a network error, navigable is a child navigable, and the result of performing a cross-origin resource policy check with navigable's container document's origin, navigable's container document's relevant settings object, request's destination, response, and true is blocked, then set response to a network error and break.

      Here we're running the cross-origin resource policy check against the parent navigable rather than navigable itself. This is because we care about the same-originness of the embedded content against the parent context, not the navigation source.

    14. Set locationURL to response's location URL given currentURL's fragment.

    15. If locationURL is failure or null, then break.

    16. Assert: locationURL is a URL.

    17. Set entry's serialized state to StructuredSerializeForStorage(null).

    18. Let oldDocState be entry's document state.

    19. Set entry's document state to a new document state, with

      history policy container
      a clone of the oldDocState's history policy container
      request referrer
      oldDocState's request referrer
      request referrer policy
      oldDocState's request referrer policy
      origin
      oldDocState's origin
      resource
      oldDocState's resource
      ever populated
      oldDocState's ever populated
      navigable target name
      oldDocState's navigable target name

      For the navigation case, only entry referenced oldDocState, which was created early in the navigate algorithm. So for navigations, this is functionally just an update to entry's document state. For the traversal case, it's possible adjacent session history entries also reference oldDocState, in which case they will continue doing so even after we've updated entry's document state.

      The setup is given by the following Jake diagram:

      0123
      top/a/a#foo/a#bar/b

      Also assume that the document state shared by the entries in steps 0, 1, and 2 has a null document, i.e., bfcache is not in play.

      Now consider the scenario where we traverse back to step 2, but this time when fetching /a, the server responds with a `Location` header pointing to /c. That is, locationURL points to /c and so we have reached this step instead of breaking out of the loop.

      In this case, we replace the document state of the session history entry occupying step 2, but we do not replace the document state of the entries occupying steps 0 and 1. The resulting Jake diagram looks like this:

      0123
      top/a/a#foo/c#bar/b

      Note that we perform this replacement even if we end up in a redirect chain back to the original URL, for example if /c itself had a `Location` header pointing to /a. Such a case would end up like so:

      0123
      top/a/a#foo/a#bar/b
    20. If locationURL's scheme is not an HTTP(S) scheme, then:

      1. Set entry's document state's resource to null.

      2. Break.

    21. Set currentURL to locationURL.

    22. Set entry's URL to currentURL.

    By the end of this loop we will be in one of these scenarios:

    • locationURL is failure, because of an unparseable `Location` header.

    • locationURL is null, either because response is a network error or because we successfully fetched a non-network error HTTP(S) response with no `Location` header.

    • locationURL is a URL with a non-HTTP(S) scheme.

  20. If locationURL is a URL whose scheme is not a fetch scheme, then return a new non-fetch scheme navigation params, with

    initiator origin
    request's current URL's origin

    At this point, request's current URL is the last URL in the redirect chain with a fetch scheme before redirecting to a non-fetch scheme URL. It is this URL's origin that will be used as the initiator origin for navigations to non-fetch scheme URLs.

  21. If any of the following are true:

    then return null.

    We allow redirects to non-fetch scheme URLs, but redirects to fetch scheme URLs that aren't HTTP(S) are treated like network errors.

  22. Assert: locationURL is null and response is not a network error.

  23. Let resultPolicyContainer be the result of determining navigation params policy container given response's URL, entry's document state's history policy container, sourceSnapshotParams's source policy container, null, and responsePolicyContainer.

  24. Return a new navigation params, with

    id
    navigationId
    request
    request
    response
    response
    origin
    responseOrigin
    policy container
    resultPolicyContainer
    final sandboxing flag set
    finalSandboxFlags
    cross-origin opener policy
    responseCOOP
    COOP enforcement result
    coopEnforcementResult
    reserved environment
    request's reserved client
    navigable
    navigable
    navigation timing type
    navTimingType
    fetch controller
    fetchController
    commit early hints
    commitEarlyHints

An element has a browsing context scope origin if its Document's node navigable is a top-level traversable or if all of its Document's ancestor navigables all have active documents whose origins are the same origin as the element's node document's origin. If an element has a browsing context scope origin, then its value is the origin of the element's node document.

This definition is broken and needs investigation to see what it was intended to express: see issue #4703.

To load a document given navigation params navigationParams, source snapshot params sourceSnapshotParams, and origin initiatorOrigin, perform the following steps. They return a Document or null.

  1. Let type be the computed type of navigationParams's response.

  2. If the user agent has been configured to process resources of the given type using some mechanism other than rendering the content in a navigable, then skip this step. Otherwise, if the type is one of the following types:

    an HTML MIME type
    Return the result of loading an HTML document, given navigationParams.
    an XML MIME type that is not an explicitly supported XML MIME type
    Return the result of loading an XML document given navigationParams and type.
    a JavaScript MIME type
    a JSON MIME type that is not an explicitly supported JSON MIME type
    "text/css"
    "text/plain"
    "text/vtt"
    Return the result of loading a text document given navigationParams and type.
    "multipart/x-mixed-replace"
    Return the result of loading a multipart/x-mixed-replace document, given navigationParams, sourceSnapshotParams, and initiatorOrigin.
    A supported image, video, or audio type
    Return the result of loading a media document given navigationParams and type.
    "application/pdf"
    "text/pdf"
    If the user agent's PDF viewer supported is true, return the result of creating a document for inline content that doesn't have a DOM given navigationParams's navigable.

    Otherwise, proceed onward.

    An explicitly supported XML MIME type is an XML MIME type for which the user agent is configured to use an external application to render the content, or for which the user agent has dedicated processing rules. For example, a web browser with a built-in Atom feed viewer would be said to explicitly support the application/atom+xml MIME type.

    An explicitly supported JSON MIME type is a JSON MIME type for which the user agent is configured to use an external application to render the content, or for which the user agent has dedicated processing rules.

    In both cases, the external application or user agent will either display the content inline directly in navigationParams's navigable, or hand it off to external software. Both happen in the steps below.

  3. Otherwise, the document's type is such that the resource will not affect navigationParams's navigable, e.g., because the resource is to be handed to an external application or because it is an unknown type that will be processed as a download. Hand-off to external software given navigationParams's response, navigationParams's navigable, navigationParams's final sandboxing flag set, sourceSnapshotParams's has transient activation, and initiatorOrigin.

  4. Return null.

7.4.6 Applying the history step

For both navigation and traversal, once we have an idea of where we want to head to in the session history, much of the work comes about in applying that notion to the traversable navigable and the relevant Document. For navigations, this work generally occurs toward the end of the process; for traversals, it is the beginning.

7.4.6.1 Updating the traversable

Ensuring a traversable ends up at the right session history step is particularly complex, as it can involve coordinating across multiple navigable descendants of the traversable, populating them in parallel, and then synchronizing back up to ensure everyone has the same view of the result. This is further complicated by the existence of synchronous same-document navigations being mixed together with cross-document navigations, and how web pages have come to have certain relative timing expectations.

A changing navigable continuation state is used to store information during the apply the history step algorithm, allowing parts of the algorithm to continue only after other parts have finished. It is a struct with:

displayed document
A Document
target entry
A session history entry
navigable
A navigable
update only
A boolean

To apply the history step non-negative integer step to a traversable navigable traversable, with optional boolean checkForUserCancelation (default false), optional source snapshot params-or-null sourceSnapshotParams (default null), and optional navigable initiatorToCheck:

sourceSnapshotParams and initiatorToCheck are always either both given or both not given. They are usually not given, as most callers do not need the extra checks on the navigation initiator that they cause. (Possibly because the caller has already performed such checks themselves.)

  1. Assert: This is running within traversable's session history traversal queue.

  2. Let targetStep be the result of getting the used step given traversable and step.

  3. If initiatorToCheck is given, then:

    1. Assert: sourceSnapshotParams is not null.

    2. For each navigable of get all navigables whose current session history entry will change or reload: if initiatorToCheck is not allowed by sandboxing to navigate navigable given sourceSnapshotParams, then return.

  4. Let navigablesCrossingDocuments be the result of getting all navigables that might experience a cross-document traversal given traversable and targetStep.

  5. If checkForUserCancelation is true, and the result of checking if unloading is user-canceled given navigablesCrossingDocuments given traversable and targetStep is true, then return.

    Some algorithms check if unloading is user-canceled as a prerequisite to modifying the history tree. Those algorithms will set checkForUserCancelation to false when calling this algorithm to avoid performing the check twice.

    It might not be correct to block on beforeunload results here. This may have observable consequences.

  6. Let changingNavigables be the result of get all navigables whose current session history entry will change or reload given traversable and targetStep.

  7. Let nonchangingNavigablesThatStillNeedUpdates be the result of getting all navigables that only need history object length/index update given traversable and targetStep.

  8. For each navigable of changingNavigables:

    1. Let targetEntry be the result of getting the target history entry given navigable and targetStep.

    2. Set navigable's current session history entry to targetEntry.

    3. Set navigable's ongoing navigation to "traversal".

  9. Let totalChangeJobs be the size of changingNavigables.

  10. Let completedChangeJobs be 0.

  11. Let changingNavigableContinuations be an empty queue of changing navigable continuation states.

    This queue is used to split the operations on changingNavigables into two parts. Specifically, changingNavigableContinuations holds data for the second part.

  12. For each navigable of changingNavigables, queue a global task on the navigation and traversal task source of navigable's active window to run the steps:

    This set of steps are split into two parts to allow synchronous navigations to be processed before documents unload. State is stored in changingNavigableContinuations for the second part.

    1. Let displayedEntry be navigable's active session history entry.

    2. Let targetEntry be navigable's current session history entry.

    3. Let changingNavigableContinuation be a changing navigable continuation state with:

      displayed document
      displayedEntry's document
      target entry
      targetEntry
      navigable
      navigable
      update-only
      false
    4. If displayedEntry is targetEntry and targetEntry's document state's reload pending is false, then:

      1. Set changingNavigableContinuation's update-only to true.

      2. Enqueue changingNavigableContinuation on changingNavigableContinuations.

      3. Abort these steps.

      This case occurs due to a synchronous navigation which already updated the active session history entry.

    5. Let oldOrigin be targetEntry's document state's origin.

    6. If targetEntry's document is null, or targetEntry's document state's reload pending is true, then:

      1. Let navTimingType be "back_forward" if targetEntry's document is null; otherwise "reload".

      2. Let targetSnapshotParams be the result of snapshotting target snapshot params given navigable.

      3. Let potentiallyTargetSpecificSourceSnapshotParams be sourceSnapshotParams.

      4. If potentiallyTargetSpecificSourceSnapshotParams is null, then set it to the result of snapshotting source snapshot params given navigable's active document.

        In this case there is no clear source of the traversal/reload. We treat this situation as if navigable navigated itself, but note that some properties of targetEntry's original initiator are preserved in targetEntry's document state, such as the initiator origin and referrer, which will appropriately influence the navigation.

      5. Set targetEntry's document state's reload pending to false.

      6. Let allowPOST be targetEntry's document state's reload pending.

      7. In parallel, attempt to populate the history entry's document for targetEntry, given navigable, potentiallyTargetSpecificSourceSnapshotParams, targetSnapshotParams, with allowPOST set to allowPOST and completionSteps set to queue a global task on the navigation and traversal task source given navigable's active window to run afterDocumentPopulated.

      Otherwise, run afterDocumentPopulated immediately.

      In both cases, let afterDocumentPopulated be the following steps:

      1. If targetEntry's document is null, then set changingNavigableContinuation's update-only to true.

        This means we tried to populate the document, but were unable to do so, e.g. because of the server returning a 204.

      2. If targetEntry's document's origin is not oldOrigin, then set targetEntry's serialized state to StructuredSerializeForStorage(null).

        This clears history state when the origin changed vs a previous load of targetEntry without a redirect occuring. This can happen due to a change in CSP sandbox headers.

      3. If all of the following are true:

        then set targetEntry's document state's navigable target name to the empty string.

      4. Enqueue changingNavigableContinuation on changingNavigableContinuations.

        The rest of this job runs later in this algorithm.

  13. Let navigablesThatMustWaitBeforeHandlingSyncNavigation be an empty set.

  14. While completedChangeJobs does not equal totalChangeJobs:

    1. If traversable's running nested apply history step is false, then:

      1. While traversable's session history traversal queue's algorithm set contains one or more synchronous navigation steps with a target navigable not contained in navigablesThatMustWaitBeforeHandlingSyncNavigation:

        1. Let steps be the first item in traversable's session history traversal queue's algorithm set that is synchronous navigation steps with a target navigable not contained in navigablesThatMustWaitBeforeHandlingSyncNavigation.

        2. Remove steps from traversable's session history traversal queue's algorithm set.

        3. Set traversable's running nested apply history step to true.

        4. Run steps.

        5. Set traversable's running nested apply history step to false.

        Synchronous navigations that are intended to take place before this traversal jump the queue at this point, so they can be added to the correct place in traversable's session history entries before this traversal potentially unloads their document. More details can be found here.

    2. Let changingNavigableContinuation be the result of dequeuing from changingNavigableContinuations.

    3. If changingNavigableContinuation is nothing, then continue.

    4. Let displayedDocument be changingNavigableContinuation's displayed document.

    5. Let targetEntry be changingNavigableContinuation's target entry.

    6. Let navigable be changingNavigableContinuation's navigable.

    7. Set navigable's ongoing navigation to null.

      This allows new navigations of navigable to start, whereas during the traversal they were blocked.

    8. Let (scriptHistoryLength, scriptHistoryIndex) be the result of getting the history object length and index given traversable and targetStep.

      These values might have changed since they were last calculated.

    9. Append navigable to navigablesThatMustWaitBeforeHandlingSyncNavigation.

      Once a navigable has reached this point in traversal, additionally queued synchronous navigation steps are likely to be intended to occur after this traversal rather than before it, so they no longer jump the queue. More details can be found here.

    10. Queue a global task on the navigation and traversal task source given navigable's active window to run the steps:

      1. If changingNavigableContinuation's update-only is false, then:

        1. Unload displayedDocument given targetEntry's document.

        2. For each childNavigable of displayedDocument's descendant navigables, queue a global task on the navigation and traversal task source given childNavigable's active window to unload childNavigable's active document.

        3. Activate history entry targetEntry for navigable.

      2. If targetEntry's document is not equal to displayedDocument, then queue a global task on the navigation and traversal task source given targetEntry's document's relevant global object to perform the following step. Otherwise, continue onward to perform the following step within the currently-queued task.

      3. Update document for history step application given targetEntry's document, targetEntry, changingNavigableContinuation's update-only, scriptHistoryLength, and scriptHistoryIndex.

      4. Increment completedChangeJobs.

  15. Let totalNonchangingJobs be the size of nonchangingNavigablesThatStillNeedUpdates.

    This step onwards deliberately waits for all the previous operations to complete, as they include processing synchronous navigations which will also post tasks to update history length and index.

  16. Let completedNonchangingJobs be 0.

  17. Let (scriptHistoryLength, scriptHistoryIndex) be the result of getting the history object length and index given traversable and targetStep.

  18. For each navigable of nonchangingNavigablesThatStillNeedUpdates, queue a global task on the navigation and traversal task source given navigable's active window to run the steps:

    1. Let document be navigable's active document.

    2. Set document's history object's index to scriptHistoryIndex.

    3. Set document's history object's length to scriptHistoryLength.

    4. Increment completedNonchangingJobs.

  19. Wait for completedNonchangingJobs to equal totalNonchangingJobs.

  20. Set traversable's current session history step to targetStep.

To activate history entry session history entry entry for navigable navigable:

  1. Save persisted state to the navigable's active session history entry.

  2. Let newDocument be entry's document.

  3. Assert: newDocument's is initial about:blank is false, i.e., we never traverse back to the initial about:blank Document because it always gets replaced when we navigate away from it.

  4. Set navigable's active session history entry to entry.

  5. Make active newDocument.

To get the used step given a traversable navigable traversable, and a non-negative integer step, perform the following steps. They return a non-negative integer.

  1. Let steps be the result of getting all used history steps within traversable.

  2. Return the greatest item in steps that is less than or equal to step.

    This caters for situations where there's no session history entry with step step, due to the removal of a navigable.

To get the history object length and index given a traversable navigable traversable, and a non-negative integer step, perform the following steps. They return a tuple of two non-negative integers.

  1. Let steps be the result of getting all used history steps within traversable.

  2. Let scriptHistoryLength be the size of steps.

  3. Assert: steps contains step.

    It is assumed that step has been adjusted by getting the used step.

  4. Let scriptHistoryIndex be the index of step in sessionSteps.

  5. Return (scriptHistoryLength, scriptHistoryIndex).

To get all navigables whose current session history entry will change or reload given a traversable navigable traversable, and a non-negative integer targetStep, perform the following steps. They return a list of navigables.

  1. Let results be an empty list.

  2. Let navigablesToCheck be « traversable ».

    This list is extended in the loop below.

  3. For each navigable of navigablesToCheck:

    1. Let targetEntry be the result of getting the target history entry given navigable and targetStep.

    2. If targetEntry is not navigable's current session history entry or targetEntry's document state's reload pending is true, then append navigable to results.

    3. If targetEntry's document is navigable's document, and targetEntry's document state's reload pending is false, then extend navigablesToCheck with the child navigables of navigable.

      Adding child navigables to navigablesToCheck means those navigables will also be checked by this loop. Child navigables are only checked if the navigable's active document will not change as part of this traversal.

  4. Return results.

To get all navigables that only need history object length/index update given a traversable navigable traversable, and a non-negative integer targetStep, perform the following steps. They return a list of navigables.

Other navigables might not be impacted by the traversal. For example, if the response is a 204, the currently active document will remain. Additionally, going 'back' after a 204 will change the current session history entry, but the active session history entry will already be correct.

  1. Let results be an empty list.

  2. Let navigablesToCheck be « traversable ».

    This list is extended in the loop below.

  3. For each navigable of navigablesToCheck:

    1. Let targetEntry be the result of getting the target history entry given navigable and targetStep.

    2. If targetEntry is navigable's current session history entry and targetEntry's document state's reload pending is false, then:

      1. Append navigable to results.

      2. Extend navigablesToCheck with navigable's child navigables.

        Adding child navigables to navigablesToCheck means those navigables will also be checked by this loop. child navigables are only checked if the navigable's active document will not change as part of this traversal.

  4. Return results.

To get the target history entry given a navigable navigable, and a non-negative integer step, perform the following steps. They return a session history entry.

  1. Let entries be the result of getting session history entries for navigable.

  2. Return the item in entries that has the greatest step less than or equal to step.

To see why getting the target history entry returns the entry with the greatest step less than or equal to the input step, consider the following Jake diagram:

0123
top/t/t#foo
frames[0]/i-0-a/i-0-b

For the input step 1, the target history entry for the top navigable is the /t entry, whose step is 0, while the target history entry for the frames[0] navigable is the /i-0-b entry, whose step is 1:

0123
top/t/t#foo
frames[0]/i-0-a/i-0-b

Similarly, given the input step 3 we get the top entry whose step is 3, and the frames[0] entry whose step is 1:

0123
top/t/t#foo
frames[0]/i-0-a/i-0-b

To get all navigables that might experience a cross-document traversal given a traversable navigable traversable, and a non-negative integer targetStep, perform the following steps. They return a list of navigables.

From traversable's session history traversal queue's perspective, these documents are candidates for going cross-document during the traversal described by targetStep. They will not experience a cross-document traversal if the status code for their target document is HTTP 204 No Content.

Note that if a given navigable might experience a cross-document traversal, this algorithm will return navigable but not its child navigables. Those would end up unloaded, not traversed.

  1. Let results be an empty list.

  2. Let navigablesToCheck be « traversable ».

    This list is extended in the loop below.

  3. For each navigable of navigablesToCheck:

    1. Let targetEntry be the result of getting the target history entry given navigable and targetStep.

    2. If targetEntry's document is not navigable's document or targetEntry's document state's reload pending is true, then append navigable to results.

      Although navigable's active history entry can change synchronously, the new entry will always have the same Document, so accessing navigable's document is reliable.

    3. Otherwise, extend navigablesToCheck with navigable's child navigables.

      Adding child navigables to navigablesToCheck means those navigables will also be checked by this loop. Child navigables are only checked if the navigable's active document will not change as part of this traversal.

  4. Return results.

7.4.6.2 Updating the document

To update document for history step application given a Document document, a session history entry entry, a boolean doNotReactivate, and integers scriptHistoryLength and scriptHistoryIndex:

  1. Let documentIsNew be true if document's latest entry is null; otherwise false.

  2. Let documentsEntryChanged be true if document's latest entry is not entry; otherwise false.

  3. Set document's history object's index to scriptHistoryIndex.

  4. Set document's history object's length to scriptHistoryLength.

  5. If documentsEntryChanged is true, then:

    1. Let oldURL be document's latest entry's URL.

    2. Set document's latest entry to entry.

    3. Restore the history object state given document and entry.

    4. If documentIsNew is false, then fire an event named popstate at document's relevant global object, using PopStateEvent, with the state attribute initialized to document's history object's state.

    5. Restore persisted state given entry.

    6. If documentIsNew is false, and oldURL's fragment is not equal to entry's URL's fragment, then queue a global task on the DOM manipulation task source given document's relevant global object to fire an event named hashchange at document's relevant global object, using HashChangeEvent, with the oldURL attribute initialized to the serialization of oldURL and the newURL attribute initialized to the serialization of entry's URL.

  6. If documentIsNew is true, then:

    1. Try to scroll to the fragment for document.

    2. At this point scripts may run for the newly-created document document.

  7. Otherwise, if documentsEntryChanged is false and doNotReactivate is false, then reactivate document.

    documentsEntryChanged can be false for one of two reasons: either we are restoring from bfcache, or we are asynchronously finishing up a synchronous navigation which already synchronously set document's latest entry. The doNotReactivate argument distinguishes between these two cases.

To restore the history object state given Document document and session history entry entry:

  1. Let targetRealm be document's relevant realm.

  2. Let state be StructuredDeserialize(entry's serialized state, targetRealm). If this throws an exception, catch it and let state be null.

  3. Set document's history object's state to state.

To make active a Document document:

  1. Let window be document's relevant global object.

  2. Set document's browsing context's WindowProxy's [[Window]] internal slot value to window.

  3. Set document's visibility state to document's node navigable's traversable navigable's system visibility state.

  4. Set window's relevant settings object's execution ready flag.

To reactivate a Document document:

This algorithm updates document after it has come out of bfcache, i.e., after it has been made fully active again.

  1. For each formControl of form controls in document with an autofill field name of "off", invoke the reset algorithm for formControl.

  2. If document's suspended timer handles is not empty:

    1. Assert: document's suspension time is not zero.

    2. Let suspendDuration be the current high resolution time minus document's suspension time.

    3. Let activeTimers be document's relevant global object's map of active timers.

    4. For each handle in document's suspended timer handles, if activeTimers[handle] exists, then increase activeTimers[handle] by suspendDuration.

  3. If document's current document readiness is "complete", and document's page showing flag is false, then:

    1. Set document's page showing flag to true.

    2. Update the visibility state of document to "visible".

    3. Fire a page transition event named pageshow at document's relevant global object with true.

To try to scroll to the fragment for a Document document, perform the following steps in parallel:

  1. Wait for an implementation-defined amount of time. (This is intended to allow the user agent to optimize the user experience in the face of performance concerns.)

  2. Queue a global task on the navigation and traversal task source given document's relevant global object to run these steps:

    1. If document has no parser, or its parser has stopped parsing, or the user agent has reason to believe the user is no longer interested in scrolling to the fragment, then abort these steps.

    2. Scroll to the fragment given document.

    3. If document's indicated part is still null, then try to scroll to the fragment for document.

7.4.6.3 Scrolling to a fragment

To scroll to the fragment given a Document document:

  1. If document's indicated part is null, then set document's target element to null.

  2. Otherwise, if document's indicated part is top of the document, then:

    1. Set document's target element to null.

    2. Scroll to the beginning of the document for document. [CSSOMVIEW]

    3. Return.

  3. Otherwise:

    1. Assert: document's indicated part is an element.

    2. Let target be document's indicated part.

    3. Set document's target element to target.

    4. Run the ancestor details revealing algorithm on target.

    5. Run the ancestor hidden-until-found revealing algorithm on target.

    6. Scroll target into view, with behavior set to "auto", block set to "start", and inline set to "nearest". [CSSOMVIEW]

    7. Run the focusing steps for target, with the Document's viewport as the fallback target.

    8. Move the sequential focus navigation starting point to target.

A Document's indicated part is the one that its URL's fragment identifies, or null if the fragment does not identify anything. The semantics of the fragment in terms of mapping it to a node is defined by the specification that defines the MIME type used by the Document (for example, the processing of fragments for XML MIME types is the responsibility of RFC7303). [RFC7303]

There is also a target element for each Document, which is used in defining the :target pseudo-class and is updated by the above algorithm. It is initially null.

For an HTML document document, the following processing model must be followed to determine its indicated part:

  1. Let fragment be document's URL's fragment.

  2. If fragment is the empty string, then return the special value top of the document.

  3. Let potentialIndicatedElement be the result of finding a potential indicated element given document and fragment.

  4. If potentialIndicatedElement is not null, then return potentialIndicatedElement.

  5. Let fragmentBytes be the result of percent-decoding fragment.

  6. Let decodedFragment be the result of running UTF-8 decode without BOM on fragmentBytes.

  7. Set potentialIndicatedElement to the result of finding a potential indicated element given document and decodedFragment.

  8. If potentialIndicatedElement is not null, then return potentialIndicatedElement.

  9. If decodedFragment is an ASCII case-insensitive match for the string top, then return the top of the document.

  10. Return null.

To find a potential indicated element given a Document document and a string fragment, run these steps:

  1. If there is an element in the document tree whose root is document and that has an ID equal to fragment, then return the first such element in tree order.

  2. If there is an a element in the document tree whose root is document that has a name attribute whose value is equal to fragment, then return the first such element in tree order.

  3. Return null.

7.4.6.4 Persisted history entry state

To save persisted state to a session history entry entry:

  1. Set the scroll position data of entry to contain the scroll positions for all of entry's document's restorable scrollable regions.

  2. Optionally, update entry's persisted user state to reflect any state that the user agent wishes to persist, such as the values of form fields.

To restore persisted state from a session history entry entry:

  1. If entry's scroll restoration mode is "auto", then the user agent may use entry's scroll position data to restore the scroll positions of entry's document's restorable scrollable regions.

    The user agent not restoring scroll positions does not imply that scroll positions will be left at any particular value (e.g., (0,0)). The actual scroll position depends on the navigation type and the user agent's particular caching strategy. So web applications cannot assume any particular scroll position but rather are urged to set it to what they want it to be.

  2. Optionally, update other aspects of entry's document and its rendering, for instance values of form fields, that the user agent had previously recorded in entry's persisted user state.

    This can even include updating the dir attribute of textarea elements or input elements whose type attribute is in either the Text state or the Search state, if the persisted state includes the directionality of user input in such controls.

    Restoring the value of form controls as part of this process does not fire any input or change events, but can trigger the formStateRestoreCallback of form-associated custom elements.


The restorable scrollable regions of a Document document are document's viewport, and all of document's scrollable regions excepting any navigable containers.

Child navigable scroll restoration is handled as part of state restoration for the session history entry for those navigables' Documents.