- From: Gervase Markham <gerv@mozilla.org>
- Date: Mon, 04 Jun 2007 12:51:55 +0100
Jerason Banes wrote: > That effectively restricts the storage to a single domain and is in line > with how cookies work today. Yes, it does. But I don't think I have been insufficiently clear. My issue is not with the idea of DOM Storage as a whole, but with the idea of sharing information across sites - which requires this global storage. > I wasn't able to find any docs that describe the Storage security model > used in Gecko, so I ran a few tests. What I found was that any attempt > to access globalStorage[''] or globalStorage['com'] from the context of > a website resulted in a security error. You can try the test for > yourself here: > > http://java.dnsalias.com/temp/storage.html I suspect it might use, or be planning to use, the Effective TLD service, which provides information necessary to implement the scheme you referenced above. > Is there a document somewhere outlining the actual benefits of this > feature, even as potentially restricted? > > The specification has this explanation: "Web applications may wish to > store megabytes of user data, such as entire user-authored documents or > a user's mailbox, on the clientside for performance reasons." To restate more clearly: "Is there a document somewhere outlining the actual benefits of being able to share data across domains?" Gerv
Received on Monday, 4 June 2007 04:51:55 UTC