W3C home > Mailing lists > Public > public-html@w3.org > January 2012

[Bug 15700] New: appcache: Prevent sensitive data from being cached

From: <bugzilla@jessica.w3.org>
Date: Tue, 24 Jan 2012 22:23:16 +0000
To: public-html@w3.org
Message-ID: <bug-15700-2495@http.www.w3.org/Bugs/Public/>
https://www.w3.org/Bugs/Public/show_bug.cgi?id=15700

           Summary: appcache: Prevent sensitive data from being cached
           Product: HTML WG
           Version: unspecified
          Platform: PC
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: HTML5 spec (editor: Ian Hickson)
        AssignedTo: ian@hixie.ch
        ReportedBy: tobie.langel@gmail.com
         QAContact: public-html-bugzilla@w3.org
                CC: mike@w3.org, public-html-wg-issue-tracking@w3.org,
                    public-html@w3.org


Currently, the editor's draft allows preventing content from being cached by
using the no-store http header. Often, developers cannot or do not know how to
modify http headers to block sensitive parts of a website from being cached
(when visited) by AppCache. e.g.:

A website containing both public and sensitive HTML pages needs to be made
available offline. The sensitive data must not be stored on the device. The
website is hosted on a virtual host and HTTP headers cannot be modified. The
web developer can prevent such pages from being cached by specifying them
directly in the manifest.

-- 
Configure bugmail: https://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
Received on Wednesday, 25 January 2012 02:18:39 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 9 May 2012 00:17:43 GMT