Re: [w3c/IndexedDB] Support Storage Partitioning (PR #383) from Joshua Bell on 2022-06-08 (public-webapps-github@w3.org from June 2022)

From: Joshua Bell <notifications@github.com>
Date: Wed, 08 Jun 2022 10:01:14 -0700
To: w3c/IndexedDB <IndexedDB@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3c/IndexedDB/pull/383/review/1000122770@github.com>

@inexorabletash commented on this pull request.

Some last comments/suggestions, then we can probably merge. 

> @@ -2217,17 +2218,15 @@ The <dfn method for=IDBFactory>open(|name|, |version|)</dfn> method steps are:
 
 1. Let |environment| be [=/this=]'s [=/relevant settings object=].
 
-1. Let |origin| be |environment|'s [=environment settings object/origin=].
-
-1. If |origin| is an [=opaque origin=], [=throw=] a
-    "{{SecurityError}}" {{DOMException}} and abort these steps.
+1. Let |storageKey| be the result of running [=obtain a storage key=] given |environment|.
+   If a failure is returned then [=throw=] a "{{SecurityError}}" {{DOMException}} and abort these steps.

```suggestion
   If failure is returned, then [=throw=] a "{{SecurityError}}" {{DOMException}} and abort these steps.
```

> @@ -2288,17 +2287,15 @@ The <dfn method for=IDBFactory>deleteDatabase(|name|)</dfn> method steps are:
 
 1. Let |environment| be [=/this=]'s [=/relevant settings object=].
 
-1. Let |origin| be |environment|'s [=environment settings object/origin=].
-
-1. If |origin| is an [=opaque origin=], [=throw=] a
-    "{{SecurityError}}" {{DOMException}} and abort these steps.
+1. Let |storageKey| be the result of running [=obtain a storage key=] given |environment|.
+   If a failure is returned then [=throw=] a "{{SecurityError}}" {{DOMException}} and abort these steps.

```suggestion
   If failure is returned, then [=throw=] a "{{SecurityError}}" {{DOMException}} and abort these steps.
```

> @@ -6717,12 +6712,12 @@ user's wish list; or a hostile site could set a user's session
 identifier to a known ID that the hostile site can then use to track
 the user's actions on the victim site.
 
-Thus, strictly following the <span>origin</span> model described in
+Thus, strictly following the <span>storage key</span> model described in

```suggestion
Thus, strictly following the storage key partitioning model described in
```

> @@ -6717,12 +6712,12 @@ user's wish list; or a hostile site could set a user's session
 identifier to a known ID that the hostile site can then use to track
 the user's actions on the victim site.
 
-Thus, strictly following the <span>origin</span> model described in
+Thus, strictly following the <span>storage key</span> model described in

(I'm not sure why there were spans there to begin with)

-- 
Reply to this email directly or view it on GitHub:
https://github.com/w3c/IndexedDB/pull/383#pullrequestreview-1000122770
You are receiving this because you are subscribed to this thread.

Message ID: <w3c/IndexedDB/pull/383/review/1000122770@github.com>

Received on Wednesday, 8 June 2022 17:01:26 UTC