[Bug 15700] New: appcache: Prevent sensitive data from being cached from bugzilla@jessica.w3.org on 2012-01-24 (public-html-bugzilla@w3.org from January 2012)

From: <bugzilla@jessica.w3.org>
Date: Tue, 24 Jan 2012 22:23:12 +0000
To: public-html-bugzilla@w3.org
Message-ID: <bug-15700-2486@http.www.w3.org/Bugs/Public/>

https://www.w3.org/Bugs/Public/show_bug.cgi?id=15700

           Summary: appcache: Prevent sensitive data from being cached
           Product: HTML WG
           Version: unspecified
          Platform: PC
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: HTML5 spec (editor: Ian Hickson)
        AssignedTo: ian@hixie.ch
        ReportedBy: tobie.langel@gmail.com
         QAContact: public-html-bugzilla@w3.org
                CC: mike@w3.org, public-html-wg-issue-tracking@w3.org,
                    public-html@w3.org


Currently, the editor's draft allows preventing content from being cached by
using the no-store http header. Often, developers cannot or do not know how to
modify http headers to block sensitive parts of a website from being cached
(when visited) by AppCache. e.g.:

A website containing both public and sensitive HTML pages needs to be made
available offline. The sensitive data must not be stored on the device. The
website is hosted on a virtual host and HTTP headers cannot be modified. The
web developer can prevent such pages from being cached by specifying them
directly in the manifest.

-- 
Configure bugmail: https://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.

Received on Tuesday, 24 January 2012 22:23:14 UTC