Fix reloads to not wipe out future session history

Fixes #1578. When performing a reload via location.reload() or a user
interface element, it seems more correct to go down the "entry update"
path, instead of going down the normal path and turning on "replacement
enabled". The normal path wipes out all session history entries after
the current one, which is not what browsers do when reloading.

source

@@ -80509,7 +80509,7 @@ interface <dfn>History</dfn> {
   invoking must instead throw a <span>"<code>SecurityError</code>"</span>
   <code>DOMException</code>.</p>
 
-  <p>When the <dfn><code data-x="dom-history-forward">forward()</code></dfn>method is invoked, the
+  <p>When the <dfn><code data-x="dom-history-forward">forward()</code></dfn> method is invoked, the
   user agent must <span>traverse the history by a delta</span> +1. If this <code>History</code>
   object is associated with a <code>Document</code> that is not <span>fully active</span>,
   invoking must instead throw a <span>"<code>SecurityError</code>"</span>
@@ -81610,11 +81610,16 @@ State: &lt;OUTPUT NAME=I>1&lt;/OUTPUT> &lt;INPUT VALUE="Increment" TYPE=BUTTON O
    <dt>Otherwise</dt>
 
    <dd><p><span>Navigate</span><!--DONAV location.reload()--> the <span>browsing context</span> to
-   the document's <span data-x="concept-document-url">URL</span> with the <var><span>exceptions
-   enabled flag</span></var> set and <span>replacement enabled</span>. The <span>source browsing
-   context</span> must be the <span>browsing context</span> being navigated. This is a
-   <span>reload-triggered navigation</span>. Rethrow any exceptions.</p></dd>
-   <!-- it appears that document.reload() always uses GET and does not, e.g., re-POST. -->
+   this <code>Location</code> object's <span>relevant <code>Document</code></span>'s <span
+   data-x="concept-document-url">URL</span> to perform an <span>entry update</span> of the
+   <span>browsing context</span>'s <span>current entry</span>, with the <var><span>exceptions
+   enabled flag</span></var> set. The <span>source browsing context</span> must be the
+   <span>browsing context</span> being navigated. This is a <span>reload-triggered
+   navigation</span>. Rethrow any exceptions.</p></dd>
+
+   <!-- It appears that document.reload() always uses GET and does not, e.g., re-POST. Thus the
+   difference between using the document's URL here, and "the same resource as that Document" below
+   in the user-triggered reload section. -->
 
    <!-- http://software.hixie.ch/utilities/js/live-dom-viewer/saved/141 defends the source browsing context claim; submit, eval document.referrer, reload, eval document.referrer. -->
 
@@ -81623,14 +81628,15 @@ State: &lt;OUTPUT NAME=I>1&lt;/OUTPUT> &lt;INPUT VALUE="Increment" TYPE=BUTTON O
   <p>When a user requests that the <span>active document</span> of a <span>browsing context</span>
   be reloaded through a user interface element, the user agent should <span>navigate</span><!--DONAV
   user reload--> the <span>browsing context</span> to the same resource as that
-  <code>Document</code>, with <span>replacement enabled</span>. In the case of non-idempotent
-  methods (e.g. HTTP POST), the user agent should prompt the user to confirm the operation first,
-  since otherwise transactions (e.g. purchases or database modifications) could be repeated. User
-  agents may allow the user to explicitly override any caches when reloading. If <span>browsing
-  context</span>'s <span>active document</span>'s <span>reload override flag</span> is set, then the
-  user agent may instead perform <span>an overridden reload</span> rather than the navigation
-  described in this paragraph (with the <span>browsing context</span> being reloaded as the
-  <span>source browsing context</span>).</p>
+  <code>Document</code>, to perform an <span>entry update</span> of the <span>browsing
+  context</span>'s <span>current entry</span>. This is a <span>reload-triggered navigation</span>.
+  In the case of non-idempotent methods (e.g. HTTP POST), the user agent should prompt the user to
+  confirm the operation first, since otherwise transactions (e.g. purchases or database
+  modifications) could be repeated. User agents may allow the user to explicitly override any caches
+  when reloading. If <span>browsing context</span>'s <span>active document</span>'s <span>reload
+  override flag</span> is set, then the user agent may instead perform <span>an overridden
+  reload</span> rather than the navigation described in this paragraph (with the <span>browsing
+  context</span> being reloaded as the <span>source browsing context</span>).</p>
 
   <hr>
 
@@ -82513,11 +82519,6 @@ State: &lt;OUTPUT NAME=I>1&lt;/OUTPUT> &lt;INPUT VALUE="Increment" TYPE=BUTTON O
 
       </ol>
 
-      <p class="note">This can only happen if the entry being updated is not the <span>current
-      entry</span>, and can never happen with <span>replacement enabled</span>. (It happens when the
-      user tried to traverse to a session history entry that no longer had a <code>Document</code>
-      object.)</p>
-
      </dd>