102102 The above statement is designed to permit feature detection. If
103103 < a for ="Navigator "> < code > share</ code > </ a > is present, there is a
104104 reasonable expectation that it will work and present the user with at
105- least one < a > share target</ a > . Clients should be able to use the
106- presence or absence of this method to determine whether to show UI
107- that triggers its use.
105+ least one < a > share target</ a > . Clients can use the presence or
106+ absence of this method to determine whether to show UI that triggers
107+ its use.
108108 </ div >
109109 < section >
110110 < h4 >
@@ -235,13 +235,13 @@ <h3>
235235 These fields are < a data-cite =
236236 "!WEBIDL#idl-USVString "> < code > USVString</ code > </ a > (as opposed to
237237 < a data-cite ="!WEBIDL#idl-DOMString "> < code > DOMString</ code > </ a > )
238- because they must not contain invalid < a data-cite =
238+ because they are not allowed to contain invalid < a data-cite =
239239 "rfc2781#section-2 "> UTF-16</ a > surrogates. This means the user agent
240240 is free to re-encode them in any Unicode encoding (e.g.,
241241 < a data-cite ="rfc3629#section-3 "> UTF-8</ a > ).
242242 </ div >
243243 < div class ="note ">
244- The < a for ="ShareData "> url</ a > field may contain a < a data-cite =
244+ The < a for ="ShareData "> url</ a > field can contain a < a data-cite =
245245 "!URL#relative-url-with-fragment-string "> relative URL</ a > . In this
246246 case, it will be automatically resolved relative to the current page
247247 location, just like a < a data-cite =
262262 user agent.
263263 </ p >
264264 < p >
265- A share target may not be directly able to accept a < a > ShareData</ a >
265+ A share target might not be directly able to accept a < a > ShareData</ a >
266266 (due to not having been written with this API in mind). However, it
267267 MUST have the ability to receive data that matches some or all of the
268268 concepts exposed in < a > ShareData</ a > . To < dfn > convert data to a format
@@ -272,18 +272,17 @@ <h2>
272272 payload is at the discretion of the share target.
273273 </ p >
274274 < p >
275- Each share target may be made conditionally available depending on the
275+ Each share target MAY be made conditionally available depending on the
276276 < a > ShareData</ a > payload delivered to the < a for ="Navigator "> share</ a >
277277 method.
278278 </ p >
279279 < div class ="note ">
280280 Once a share target has been given the payload, the share is considered
281281 successful. If the target considers the data unacceptable or an error
282- occurs, the target should either recover gracefully, or show an error
283- message to the end-user, because the sender is not going to know that
284- an error occurred. In other words, the < a for ="Navigator "> share</ a >
285- method is "fire and forget"; it does not wait for the target to approve
286- or reject the payload.
282+ occurs, it can either recover gracefully, or show an error message to
283+ the end-user; it cannot rely on the sender to handle errors. In other
284+ words, the < a for ="Navigator "> share</ a > method is "fire and forget"; it
285+ does not wait for the target to approve or reject the payload.
287286 </ div >
288287 < section class ="informative ">
289288 < h3 >
@@ -314,16 +313,16 @@ <h3>
314313 < p >
315314 In some cases, the host operating system will provide a sharing or
316315 intent system similar to Web Share. In these cases, the user agent
317- may simply forward the share data to the operating system and not
316+ can simply forward the share data to the operating system and not
318317 talk directly to native applications.
319318 </ p >
320319 < p >
321320 Mapping the < a > ShareData</ a > to the share target (or operating
322321 system)'s native format can be tricky as some platforms will not have
323322 an equivalent set of fields. For example, if the target has a "text"
324- field but not a "URL" field, it may be necessary to concatenate both
325- the < a for ="ShareData "> text</ a > and < a for ="ShareData "> url</ a > fields
326- of < a > ShareData</ a > and pass the result in the "text" field of the
323+ field but not a "URL" field, one solution is to concatenate both the
324+ < a for ="ShareData "> text</ a > and < a for ="ShareData "> url</ a > fields of
325+ < a > ShareData</ a > and pass the result in the "text" field of the
327326 target.
328327 </ p >
329328 </ section >
@@ -332,14 +331,10 @@ <h3>
332331 < h2 >
333332 Security and privacy considerations
334333 </ h2 >
335- < p >
336- Implementations should observe the following security and privacy
337- advice.
338- </ p >
339334 < p >
340335 Web Share enables data to be sent from websites to native applications.
341336 While this ability is not unique to Web Share, it does come with a
342- number of potential security issues that may vary in severity
337+ number of potential security issues that can vary in severity
343338 (depending on the underlying platform).
344339 </ p >
345340 < ul >
@@ -349,11 +344,11 @@ <h2>
349344 used for fingerprinting, as well as leaking details about the user's
350345 device.
351346 </ li >
352- < li > Implementors should carefully consider what information is revealed
353- in the error message when < a > < code > navigator.share</ code > </ a > is
354- rejected. Even distinguishing between the case where no targets are
355- available and user cancellation may reveal information about which apps
356- are installed on the user's device.
347+ < li > Implementors will want to carefully consider what information is
348+ revealed in the error message when < a > < code > navigator.share</ code > </ a >
349+ is rejected. Even distinguishing between the case where no targets are
350+ available and user cancellation could reveal information about which
351+ apps are installed on the user's device.
357352 </ li >
358353 < li > There is a requirement that < a > < code > navigator.share</ code > </ a >
359354 presents the user with a dialog asking them to select a target
@@ -368,16 +363,16 @@ <h2>
368363 </ li >
369364 < li > Use of < a > < code > navigator.share</ code > </ a > from a < a href =
370365 "https://en.wikipedia.org/wiki/Privacy_mode "> private browsing mode</ a >
371- may leak private data to a third-party application that does not
372- respect the user's privacy setting. User agents should consider
373- presenting additional warnings or disabling the feature entirely when
374- in a private browsing mode.
366+ might leak private data to a third-party application that does not
367+ respect the user's privacy setting. User agents could present
368+ additional warnings or disable the feature entirely when in a private
369+ browsing mode.
375370 </ li >
376- < li > The data passed to < a > < code > navigator.share</ code > </ a > may be used
377- to exploit buffer overflow or other remote code execution
371+ < li > The data passed to < a > < code > navigator.share</ code > </ a > might be
372+ used to exploit buffer overflow or other remote code execution
378373 vulnerabilities in native applications that receive shares. There is no
379- general way to guard against this, but implementors should be aware
380- that it is a possibility.
374+ general way to guard against this, but implementors will want to be
375+ aware that it is a possibility.
381376 </ li >
382377 </ ul >
383378 </ section >
0 commit comments