- From: Biju <bijumaillist@gmail.com>
- Date: Sun, 15 Mar 2015 23:12:22 -0400
- Cc: whatwg <whatwg@lists.whatwg.org>
At present data stored in indexDB is written some where deep in the
profile folder, which is difficult to find.
Instead, if the web application files are stored in
\Users\{windows_userid}\WebApps\www.mycompany.com\ it will be easy to
navigate and be managed by user.
UA should only allow web app to write/read after getting user consent.
If UA find the \WebApps\www.mycompany.com\ folder missing, user should
be asked consent again.
A subdomain should be able to write to a parent domain after changing
its document domain, according security rules.
Additionally if we can restrict these kind of file/storage access to
just https site (or some sort of signing mechanism for installed
app),, it will help reduce annoyance of asking for permission by ever
other site we visit.
Cheers
GC
Received on Monday, 16 March 2015 03:12:49 UTC