- From: Marcos Caceres <marcosscaceres@gmail.com>
- Date: Mon, 13 Jun 2011 11:38:40 +0100
- To: Ian Hickson <ian@hixie.ch>
- Cc: public-webapps <public-webapps@w3.org>
On Fri, Jun 10, 2011 at 8:19 PM, Ian Hickson <ian@hixie.ch> wrote: > On Fri, 10 Jun 2011, Marcos Caceres wrote: >> >> I tried to create a generic HTML test for this using localStorage, but >> could not figure out a way to trigger the SECURITY_ERR. I asked a few >> people (Lachy, Snedders, and even the guy that implemented Web Storage >> at Opera!) to help me come up with a test. No one was not able to come >> up with a test for this, as there seems to be a general lack of >> understanding how the whole effective script origin is set (we looked at >> the spec, read it backwards, then forwards, then scratched our heads for >> a bit). >> >> Can you explain (with maybe some javascript) how one would cause the >> SECURITY_ERR exception to be thrown by setItem() and getItem()? > > var foo = localStorage; > foo.test = ''; > document.domain = document.domain; // changes effective origin > foo.test; // throws > localStorage; // would also throw Thanks for this. Got it now :) -- Marcos Caceres http://datadriven.com.au
Received on Monday, 13 June 2011 10:39:36 UTC