ISO IEC 23736-3:2020 download.Information technology – Digital publishing – EPUB 3.0.1 Part 3 Content documents.
ISO IEC 23736-3:2020 download.Information technology – Digital publishing – EPUB 3.0.1 Part 3 Content documents.
2.2.3 Reading System Conformance
A conformant EPUB Reading System MUST meet all of the following criteria for processing EPUB Navigation Documents:
When requested by a User, Reading Systems MUST provide access to the links and link labelz In the n elements of the EPUB Navigation Document In a fashion that allows the User to
activate the links provided. When a link is activated, the Reading System MUST relocate the application’s current reading position to the destination identified by that link.
Reading Systems MUST honor the above requirement irrespective of whether the EPUB Navigation Document provided in a Rendition is part of the spine.
2.2.4 EPUB Navigation Document Definition
i224.1 Element: Restrictions
When a ,iav element carries the pthy attribute in an EPUB Navigation Document, this specification restricts the content model of the element and Its descendants as follows:
Each element v contain an optional heading indicating the title of the navigation list. Th heading MUST be an HTML5 heading content element.
The optional heading MUST be followed by a single ordered list: no other elements are
permitted as direct children of the ale element. This ordered list represents the pnmary level 01 content navigation.
Each list item ( j. ) of the ordered list represents a primary heading, structure or other point Interest within the EPUB Publication and MUST contain either a child1 element or a child element. The a element describes the target within the Content Document that the link points ti The .pn element serves as a heading for breaking down lists into distinct groups (for example a large list of illustrations can be segmented into several lists, one for each chapter).
Each child a or spaD element of a list item wv contain any valid HTML5 phrasing content, but MUST provide a non zero-length text label after concatenation of all child content and apphcatioi of whitespace normalization rules. Although non-textual descendant elements v be renderec directly to Users, text content included in uti. or an attributes MUST be used when deterrninir compliance with this requirement.
If an a or .paa element contains instances of HTML 5 embedded content that do not provlde intrinsic text alternatives, it MUST also include a tati. attribute with an alternate text rendering c the link label.
The relative IRI reference provided in the brat attribute of the a element MUST resolve to an EPUB Content Document or fragment therein.
The a element MAY optionally be followed by an 01 ordered list representing a subeldiary content level below that heading (e.g.. all the subsection headings of a section). The .pa element MUST be followed by an .1 ordered list: it cannot be used in “lear ii elements.
Regardless of whether an a or span element precedes it, this sublist MUST adhere to all the content requirements defined in this section for constructing the primary navigation list, and
This specification restricts the content model of SVG Content Documents and SVG embedded in XHTML Content Documents as follows:
The (SVGJ Animation Eiaments and Animation event attributes MUST OCCW
The LSVGI y: for.Ajç element MUST contain either IHTML5I flow content or exactly one [HTML5J element. This content MUST represent a valid document fragment of the XHTML Content Document model defined in XHTML Content Documents — Content Conformance. The .,, for ig1Io.ct elemenrs r.qw1r.xt.a.ioa. attribute, if given. MUST be set tD http:I/www.idpf.oI2OO7/op..
The [SVG) element MUST contain only valid XHTML Content Document Phrasing content.
2.3.4 Reading System Conformance
A conformant EPUB Reading System MUST meet a of the following criteria for processing SVG Content Documents and SVG embedded in XHTML Content Documents:
It MUST support the language features of SVG that correspond to the feature string
bttp: //www.w3.org/TR/IVGII/fe.tur.PIVG-dyna.ic minus the bttp:/Iwww.w3.org/?RIBVGII/f.stur.IAni.ation and bttp: /www.w3 . orq/TRISYG1 1 / f..tur.IAsi.at ioov.atsAttribut. features (see Feature strings)
[SVG].
‘It IIUST meet the Reading System conformance criteria defined in ip.ted Content Documents
— Readingystem Conformance.
‘If it has an SVG Viewport. it MUST support the visual rendering of SVG using CSS as defined in Secion 6 of ISVGI, and it SHOULD support all properties defined in ppendlx N of that specification. In the case of embedded SVG. It MUST also conform to the constraints defined In Embedded SVG and CSS.
It siiouio support User selection and searching of text within SVG elements.
ItIUST recognize the velue bttp://.idpI.o/2OO7/op. of the r.qu1r.dZxe.i.tos. attribute when appearing on the s: .tch and seg: for. i gnobj.ct elements as representing the occi.rrence of XHTML Content Document fragments.
It MUST regard the yg (Publicatlons3Ol I property of the Package Document manifest it element as the authoritative definition of whether an EPUB XHTML Content Document includes embedded SVG.
2.3.5 Semantic Inflection
The synatc and semantics defined In XHTML Semantic Inflection are inherited for use of the ,pMk4jyRLand pthprs11z attributes in SVG Content Docu ments.
The use of the .pub:pr.f lx attribute Is valid on the root seq element In SVG Content Documents. Prefixes used In embedded SVG must be dedared on the [HTML5J root htal element, as defined in XHTML Semantic Inflection,
This section is informative
All EPUB Authors and Reading System developers need to be aware of the security issues that arise when scripted content is executed by a Reading System. As the underlying scripting model employed by Reading Systems and browsers is the same, the same kinds of issues encountered in Web contexts must be taken into consideration.
Each Reading System should establish if the scripts in a particular document are to be trusted or not, It is recommended that aft scripts be treated as untrusted (and potentially malicious), and that all vectors of attack be examined and protected against. In particular, the following should be considered:
• an attack against the runtime environment (e.g. stealing files from a User’s hard drive);
• an attack against the Reading System itself (e.g., stealing a list of a User’s books or causing unexpected behavior);
• an attack of one Content Document against another (e.g., stealing data that originated In a different document);
• an attack of an unencrypted script against an encrypted portion of a document (e.g., an Injected malicious script extracting protected content);
• an attack against the local network (e.g., stealing data from a server behind a firewall).
The following recommendations are provided as a guide to handling untrusted scripts:
• Reading Systems should behave as if a unique domain were allocated to each Content Document, as browser-based secuflty relies heavily on document URIs and domains. Adopting this approach will isolate documents from each other and from other Internet domains, thereby limiting access to external URLs. cookies. DOM storage, etc.