W3C home > Mailing lists > Public > public-webapps@w3.org > April to June 2009

Re: [webstorage] disk space

From: Adam Barth <w3c@adambarth.com>
Date: Tue, 28 Apr 2009 13:31:37 -0700
Message-ID: <7789133a0904281331v75dffc03p4b9896aa08588384@mail.gmail.com>
To: Anne van Kesteren <annevk@opera.com>
Cc: WebApps WG <public-webapps@w3.org>
Yeah, this requirement doesn't make very much sense:

"User agents should guard against sites storing data in the storage
areas or databases of subdomains, e.g. storing up to the limit in
a1.example.com, a2.example.com, a3.example.com, etc, circumventing the
main example.com storage limit."

Someone who wants to use up a lot of storage can just register as many
domain names as he/she likes for $5 a piece.

I suggest removing the requirement.


On Tue, Apr 28, 2009 at 5:41 AM, Anne van Kesteren <annevk@opera.com> wrote:
> The specification currently suggests to guard against subdomains. I was
> wondering why subdomains are called out and not different ports or even
> completely different domains now that postMessage() is available.
> Since this particular section keeps talking about domains I was wondering if
> it has actually been updated to reflect the switch from a domain-based
> policy to a origin-based policy for storage. It seems that some of the
> recommendations need to be reworded.
> --
> Anne van Kesteren
> http://annevankesteren.nl/
Received on Tuesday, 28 April 2009 20:32:32 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:12:53 UTC