W3C home > Mailing lists > Public > public-html-commits@w3.org > October 2009

html5/webdatabase Overview.html,1.38,1.39

From: Ian Hickson via cvs-syncmail <cvsmail@w3.org>
Date: Tue, 13 Oct 2009 01:34:56 +0000
To: public-html-commits@w3.org
Message-Id: <E1MxWHw-0003wd-TD@lionel-hutz.w3.org>
Update of /sources/public/html5/webdatabase
In directory hutz:/tmp/cvs-serv15149

Modified Files:
Log Message:
Update the WHATWG complete spec to handle the bits where local storage and database specs had common text. (whatwg r4119)

Index: Overview.html
RCS file: /sources/public/html5/webdatabase/Overview.html,v
retrieving revision 1.38
retrieving revision 1.39
diff -u -d -r1.38 -r1.39
--- Overview.html	9 Oct 2009 06:43:40 -0000	1.38
+++ Overview.html	13 Oct 2009 01:34:54 -0000	1.39
@@ -1070,6 +1070,7 @@
      reasonable time.
   </table><h2 id="web-sql"><span class="secno">5 </span>Web SQL</h2><p class="XXX">Need to define the SQL dialect.<h2 id="disk-space"><span class="secno">6 </span>Disk space</h2><p>User agents should limit the total amount of space allowed for
   <p>User agents should guard against sites storing data under the
@@ -1085,7 +1086,7 @@
   future.<h2 id="privacy"><span class="secno">7 </span>Privacy</h2><h3 id="user-tracking"><span class="secno">7.1 </span>User tracking</h3><p>A third-party advertiser (or any entity capable of getting
   content distributed to multiple sites) could use a unique identifier
   stored in its
-  client-side database
+  client-side databases
   to track a user across multiple sessions, building a profile of the
   user's interests to allow for highly targeted advertising. In
@@ -1121,8 +1122,6 @@
     <p>However, this also puts the user's data at risk.</p>
-    <!--v2 consider adding an explicit way for sites to state when
-    data should expire, as in  localStorage.expireData(365); -->
@@ -1131,12 +1130,11 @@
     <p>If users attempt to protect their privacy by clearing cookies
     without also clearing data stored in the
-    database
-    feature, sites can defeat those attempts by using the two features
-    as redundant backup for each other. User agents should present the
+    relevant databases,
+    sites can defeat those attempts by using the two features as
+    redundant backup for each other. User agents should present the
     interfaces for clearing these in a way that helps users to
     understand this possibility and enables them to delete data in all
     persistent storage features simultaneously. <a href="#refsCOOKIES">[COOKIES]</a></p>
@@ -1205,10 +1203,12 @@
   from that domain. To mitigate this, pages can use SSL. Pages using
   SSL can be sure that only pages using SSL that have certificates
   identifying them as being from the same domain can access their
   <h3 id="cross-directory-attacks"><span class="secno">8.2 </span>Cross-directory attacks</h3><p>Different authors sharing one host name, for example users
   hosting content on <code>geocities.com</code>, all share one
   set of databases.
   There is no feature to restrict the access by pathname. Authors on
Received on Tuesday, 13 October 2009 01:35:00 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 15:09:34 UTC