[whatwg] RFC: Alternatives to storage mutex for cookies and localStorage

On Tue, Sep 8, 2009 at 8:38 PM, Jeremy Orlow <jorlow at chromium.org> wrote:

> To be clear, Chrome is not going to implement the storage mutex with
> respect to cookies, but we are going to implement it for LocalStorage.
>  Because of this, we can handle the localStorage mutex on a per-origin basis
> (which I'm implementing right now).

Looking back over previous threads on the storage mutex, I can't seem to
remember or find the reason that implementing the storage mutex for cookies
can't easily be done with a mutex per domain. Ian pointed out this approach
breaks if you can make synchronous script calls across origins (e.g. across
IFRAME boundaries), but can you actually make such calls? Or if you can
(NPAPI?), can we just declare that those APIs release the storage mutex?

I know that setting document.domain makes this tricky because it
synchronously enables new cross-domain interactions, but can't we handle
that by declaring that setting document.domain releases the storage mutex?

"He was pierced for our transgressions, he was crushed for our iniquities;
the punishment that brought us peace was upon him, and by his wounds we are
healed. We all, like sheep, have gone astray, each of us has turned to his
own way; and the LORD has laid on him the iniquity of us all." [Isaiah
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.whatwg.org/pipermail/whatwg-whatwg.org/attachments/20090908/a6fc8196/attachment.htm>

Received on Tuesday, 8 September 2009 02:02:44 UTC