- From: Joshua Bell <notifications@github.com>
- Date: Thu, 02 Jun 2022 09:36:39 -0700
- To: w3c/IndexedDB <IndexedDB@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
- Message-ID: <w3c/IndexedDB/pull/383/review/993830867@github.com>
@inexorabletash commented on this pull request.
>
-1. If |origin| is an [=opaque origin=], [=throw=] a
+1. If |storageKey|'s origin is an opaque, [=throw=] a
Change "an opaque" to "opaque" ? Also, can we [link the term](https://html.spec.whatwg.org/multipage/origin.html#concept-origin-opaque) while we're here?
>
-1. If |origin| is an [=opaque origin=], [=throw=] a
+1. If |storageKey|'s origin is an opaque, [=throw=] a
Same here ("an opaque" → "opaque", and linkify)
>
-1. If |origin| is an [=opaque origin=],
+1. If |storageKey|'s origin is an opaque,
ditto
> ::
- User agents may record the [=/origins=] of sites that contained content
- from third-party origins that caused data to be stored.
+ User agents may record the [=/storage key=]s of sites that contained content
You should be able to put the 's' inside the link; bikeshed is smart enough to handle (some) plural forms.
> ::
- User agents may record the [=/origins=] of sites that contained content
- from third-party origins that caused data to be stored.
+ User agents may record the [=/storage key=]s of sites that contained content
+ from third-party [=/storage key=]s that caused data to be stored.
Does this section describing "third-party origins" still make sense when storage keys are involved?
I'd leave this section alone (i.e. revert these changes) and perhaps add a paragraph about storage keys partitioning third-party storage? Or leave a TODO somewhere (new issue?) to add it.
> this specification is important for user security.
-If origins or database names are used to construct paths for
+If [=/storage key=]s or database names are used to construct paths for
Maybe we should replace this with "host names" instead?
> persistence to a file system they must be appropriately escaped to
-prevent an adversary from accessing information from other origins
+prevent an adversary from accessing information from other [=/storage key=]s
s can go inside the link
> @@ -34,6 +34,7 @@ spec: html; urlPrefix: https://html.spec.whatwg.org/multipage/
urlPrefix: dom.html
type: interface
text: Document; url: document
+ type:event; text:close
What's this for?
> @@ -65,6 +66,8 @@ spec: ecma262; urlPrefix: https://tc39.github.io/ecma262/
spec: storage; urlPrefix: https://storage.spec.whatwg.org/
type: dfn
text: storage bucket; url: storage-bucket
+ text: storage key; url: storage-key
Do we want to call this out as temporary anywhere? Or is there a plan for these to be exported from storage?
--
Reply to this email directly or view it on GitHub:
https://github.com/w3c/IndexedDB/pull/383#pullrequestreview-993830867
You are receiving this because you are subscribed to this thread.
Message ID: <w3c/IndexedDB/pull/383/review/993830867@github.com>
Received on Thursday, 2 June 2022 16:36:51 UTC