webstorage; hixie: New topics: DOM APIs, and Security. (Note that by default, people are _not_ subscribed to new topics.) Also, some tweaks to the previous annotations. (whatwg r6836) from poot on 2011-12-14 (public-html-diffs@w3.org from December 2011)

From: poot <cvsmail@w3.org>
Date: Tue, 13 Dec 2011 21:00:53 -0500
To: public-html-diffs@w3.org
Message-Id: <E1Rae9M-0008NH-U2@jay.w3.org>
webstorage; hixie: New topics: DOM APIs, and Security. (Note that by
default, people are _not_ subscribed to new topics.) Also, some tweaks
to the previous annotations. (whatwg r6836)

http://dev.w3.org/cvsweb/html5/webstorage/Overview.html?r1=1.184&r2=1.185&f=h
http://html5.org/tools/web-apps-tracker?from=6835&to=6836

===================================================================
RCS file: /sources/public/html5/webstorage/Overview.html,v
retrieving revision 1.184
retrieving revision 1.185
diff -u -d -r1.184 -r1.185
--- Overview.html 4 Oct 2011 17:01:23 -0000 1.184
+++ Overview.html 23 Nov 2011 20:02:07 -0000 1.185
@@ -214,7 +214,7 @@
    <p><a href="http://www.w3.org/"><img alt="W3C" height="48" src="http://www.w3.org/Icons/w3c_home" width="72"></a></p>
 
    <h1>Web Storage</h1>
-   <h2 class="no-num no-toc" id="editor-s-draft-4-october-2011">Editor's Draft 4 October 2011</h2>
+   <h2 class="no-num no-toc" id="editor-s-draft-23-november-2011">Editor's Draft 23 November 2011</h2>
    <dl><dt>Latest Published Version:</dt>
     <dd><a href="http://www.w3.org/TR/webstorage/">http://www.w3.org/TR/webstorage/</a></dd>
     <dt>Latest Editor's Draft:</dt>
@@ -319,7 +319,7 @@
   </dl><p>The W3C <a href="http://www.w3.org/2008/webapps/">Web Applications
   Working Group</a> is the W3C working group responsible for this
   specification's progress along the W3C Recommendation track.
-  This specification is the 4 October 2011 Editor's Draft.
+  This specification is the 23 November 2011 Editor's Draft.
   </p><p>This document was produced by a group operating under the <a href="http://www.w3.org/Consortium/Patent-Policy-20040205/">5
   February 2004 W3C Patent Policy</a>. W3C maintains a <a href="http://www.w3.org/2004/01/pp-impl/42538/status" rel="disclosure">public list of
   any patent disclosures</a> made in connection with the deliverables
@@ -628,7 +628,7 @@
   determining the number of properties present, or as part of the
   execution of any of the methods or attributes defined on the
   <code><a href="#storage-0">Storage</a></code> interface, the user agent must first
-  <span>obtain the storage mutex</span>.<h4 id="security-localStorage"><span class="secno">4.3.1 </span>Security</h4><p>User agents must throw a <code>SecurityError</code> exception
+  <span>obtain the storage mutex</span>.</p><h4 id="security-localStorage"><span class="secno">4.3.1 </span>Security</h4><p>User agents must throw a <code>SecurityError</code> exception
   whenever any of the members of a <code><a href="#storage-0">Storage</a></code> object
   originally returned by the <code title="dom-localStorage"><a href="#dom-localstorage">localStorage</a></code> attribute are accessed
   by scripts whose <span>effective script origin</span> is not the
@@ -637,7 +637,7 @@
   the <code title="dom-localStorage"><a href="#dom-localstorage">localStorage</a></code> attribute was
   accessed.<p class="note">This means <code><a href="#storage-0">Storage</a></code> objects are neutered
   when the <code title="dom-document-domain">document.domain</code>
-  attribute is used.<h3 id="the-storage-event"><span class="secno">4.4 </span>The <code title="event-storage"><a href="#event-storage">storage</a></code> event</h3><p>The <dfn id="event-storage" title="event-storage"><code>storage</code></dfn> event
+  attribute is used.</p><h3 id="the-storage-event"><span class="secno">4.4 </span>The <code title="event-storage"><a href="#event-storage">storage</a></code> event</h3><p>The <dfn id="event-storage" title="event-storage"><code>storage</code></dfn> event
   is fired when a storage area changes, as described in the previous
   two sections (<a href="#sessionStorageEvent">for session
   storage</a>, <a href="#localStorageEvent">for local
@@ -827,7 +827,7 @@
   sensitive; it's quite possible for e-mails, calendar appointments,
   health records, or other confidential documents to be stored in this
   mechanism.<p>To this end, user agents should ensure that when deleting data,
-  it is promptly deleted from the underlying storage.<h2 id="security-storage"><span class="secno">7 </span>Security</h2><h3 id="dns-spoofing-attacks"><span class="secno">7.1 </span>DNS spoofing attacks</h3><p>Because of the potential for DNS spoofing attacks, one cannot
+  it is promptly deleted from the underlying storage.</p><h2 id="security-storage"><span class="secno">7 </span>Security</h2><h3 id="dns-spoofing-attacks"><span class="secno">7.1 </span>DNS spoofing attacks</h3><p>Because of the potential for DNS spoofing attacks, one cannot
   guarantee that a host claiming to be in a certain domain really is
   from that domain. To mitigate this, pages can use TLS. Pages using
   TLS can be sure that only the user, software working on behalf of
@@ -855,7 +855,7 @@
   user's wishlist; or a hostile site could set a user's session
   identifier to a known ID that the hostile site can then use to track
   the user's actions on the victim site.<p>Thus, strictly following the <span>origin</span> model described
-  in this specification is important for user security.<h2 class="no-num" id="references">References</h2><p>All references are normative unless marked "Non-normative".</p><dl><dt id="refsCOOKIES">[COOKIES]</dt>
+  in this specification is important for user security.</p><h2 class="no-num" id="references">References</h2><p>All references are normative unless marked "Non-normative".</p><dl><dt id="refsCOOKIES">[COOKIES]</dt>
       <dd><cite><a href="http://tools.ietf.org/html/rfc6265">HTTP State Management Mechanism</a></cite>, A. Barth. IETF.</dd>
 
    <dt id="refsDOMCORE">[DOMCORE]</dt>
Received on Wednesday, 14 December 2011 02:00:59 UTC