W3C home > Mailing lists > Public > public-webapps@w3.org > April to June 2011

Re: [webstorage] origin security check

From: Marcos Caceres <marcosscaceres@gmail.com>
Date: Fri, 10 Jun 2011 09:26:08 +0100
Message-ID: <BANLkTikVA3yG8iOFgs1OmonYRx5=VbWp+A@mail.gmail.com>
To: Ian Hickson <ian@hixie.ch>
Cc: public-webapps <public-webapps@w3.org>
On Thu, Jun 9, 2011 at 6:07 PM, Ian Hickson <ian@hixie.ch> wrote:
> On Thu, 9 Jun 2011, Marcos Caceres wrote:
>>
>> tiny quick editorial request, where the spec says:
>>
>> "When the localStorage attribute is accessed, the user agent must run
>> the following steps:"
>>
>> Can you please change that to:
>>
>> "When the localStorage attribute is accessed, the user agent must run
>> the origin security check."
>>
>> And then independently define just label the algorithm "origin
>> security check" (or name it something better).
>>
>> I need to use the same text in another spec and would prefer to link
>> instead of copy/paste.
>
> Done.

Thanks! :)

> Just out of interest, what's the context for this? These steps are pretty
> specific to localStorage (and are not the complete security story -- see
> the later section on security), so I'm surprised to hear these particular
> steps would be reused.

Context is the widget.preference attribute, which implements Storage
(but supports some widgety things, like read-only keys/values):

http://dev.w3.org/2006/waf/widgets-api/#the-preferences-attribute

I'm want to replace the following section with the link to the Storage spec:
http://dev.w3.org/2006/waf/widgets-api/#preference-origin-security-check0

Kind regards,
Marcos

-- 
Marcos Caceres
http://datadriven.com.au
Received on Friday, 10 June 2011 08:26:55 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:45 GMT