- From: Ian Hickson <ian@hixie.ch>
- Date: Fri, 10 Jun 2011 19:19:30 +0000 (UTC)
- To: Marcos Caceres <marcosscaceres@gmail.com>
- cc: public-webapps <public-webapps@w3.org>
On Fri, 10 Jun 2011, Marcos Caceres wrote: > > I tried to create a generic HTML test for this using localStorage, but > could not figure out a way to trigger the SECURITY_ERR. I asked a few > people (Lachy, Snedders, and even the guy that implemented Web Storage > at Opera!) to help me come up with a test. No one was not able to come > up with a test for this, as there seems to be a general lack of > understanding how the whole effective script origin is set (we looked at > the spec, read it backwards, then forwards, then scratched our heads for > a bit). > > Can you explain (with maybe some javascript) how one would cause the > SECURITY_ERR exception to be thrown by setItem() and getItem()? var foo = localStorage; foo.test = ''; document.domain = document.domain; // changes effective origin foo.test; // throws localStorage; // would also throw -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
Received on Friday, 10 June 2011 19:19:53 UTC