html5/webstorage Overview.html,1.83,1.84 from Ian Hickson via cvs-syncmail on 2009-10-13 (public-html-commits@w3.org from October 2009)

From: Ian Hickson via cvs-syncmail <cvsmail@w3.org>
Date: Tue, 13 Oct 2009 01:34:52 +0000
To: public-html-commits@w3.org
Message-Id: <E1MxWHs-0003wB-V1@lionel-hutz.w3.org>

Update of /sources/public/html5/webstorage
In directory hutz:/tmp/cvs-serv15119

Modified Files:
	Overview.html 
Log Message:
Update the WHATWG complete spec to handle the bits where local storage and database specs had common text. (whatwg r4119)

Index: Overview.html
===================================================================
RCS file: /sources/public/html5/webstorage/Overview.html,v
retrieving revision 1.83
retrieving revision 1.84
diff -u -d -r1.83 -r1.84
--- Overview.html	9 Oct 2009 06:43:35 -0000	1.83
+++ Overview.html	13 Oct 2009 01:34:50 -0000	1.84
@@ -608,6 +608,7 @@
   executing, other than in a way that is predictable by the script
   itself.<h2 id="disk-space"><span class="secno">5 </span>Disk space</h2><p>User agents should limit the total amount of space allowed for
   
+  
   storage areas.
   <p>User agents should guard against sites storing data under the
   origins other affiliated sites, e.g. storing up to the limit in
@@ -666,8 +667,10 @@
 
     <p>However, this also puts the user's data at risk.</p>
 
+    
     <!--v2 consider adding an explicit way for sites to state when
     data should expire, as in  localStorage.expireData(365); -->
+    
 
    </dd>
 
@@ -676,12 +679,11 @@
 
     <p>If users attempt to protect their privacy by clearing cookies
     without also clearing data stored in the
-
     
-    persistent storage
-
-    feature, sites can defeat those attempts by using the two features
-    as redundant backup for each other. User agents should present the
+    
+    local storage area,
+    sites can defeat those attempts by using the two features as
+    redundant backup for each other. User agents should present the
     interfaces for clearing these in a way that helps users to
     understand this possibility and enables them to delete data in all
     persistent storage features simultaneously. <a href="#refsCOOKIES">[COOKIES]</a></p>
@@ -752,11 +754,13 @@
   SSL can be sure that only pages using SSL that have certificates
   identifying them as being from the same domain can access their
   
+  
   storage areas.
   <h3 id="cross-directory-attacks"><span class="secno">7.2 </span>Cross-directory attacks</h3><p>Different authors sharing one host name, for example users
   hosting content on <code>geocities.com</code>, all share one
   
-  persistent storage object.
+  
+  local storage object.
   There is no feature to restrict the access by pathname. Authors on
   shared hosts are therefore recommended to avoid using these
   features, as it would be trivial for other authors to read the data

Received on Tuesday, 13 October 2009 01:34:57 UTC