- From: Ben Kelly <notifications@github.com>
- Date: Fri, 04 Nov 2022 12:45:10 -0700
- To: whatwg/storage <storage@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Friday, 4 November 2022 19:45:30 UTC
In [obtain a storage key for non-storage purposes](https://storage.spec.whatwg.org/#obtain-a-storage-key-for-non-storage-purposes) the origin is obtained from the environment settings object. In [set up a window environment settings object](https://html.spec.whatwg.org/multipage/nav-history-apis.html#set-up-a-window-environment-settings-object), however, the origin attribute is defined to return "the origin of window's associated document". @annevk points out over here that modifications to an origin (like from document.domain) will be reflected by all those referencing the same origin object. See: https://github.com/whatwg/html/issues/8302#issuecomment-1294734035 So as it currently stands it appears the origin we use to construct the storage key will reflect document.domain changes. This is not the intended behavior, AFAIK. Can this be fixed by simply cloning the origin when constructing the storage key? That would only work if we construct the storage key prior to the site having the opportunity to set document.domain. Its not clear to me that invariant holds. -- Reply to this email directly or view it on GitHub: https://github.com/whatwg/storage/issues/150 You are receiving this because you are subscribed to this thread. Message ID: <whatwg/storage/issues/150@github.com>
Received on Friday, 4 November 2022 19:45:30 UTC