W3C home > Mailing lists > Public > whatwg@whatwg.org > March 2015

Re: [whatwg] Persistent and temporary storage

From: Biju <bijumaillist@gmail.com>
Date: Sun, 15 Mar 2015 23:12:22 -0400
Message-ID: <CAA0NmmSXZ172sWDR720neQLuraJssyzTSJfjyxRGV-ZTDLKDYg@mail.gmail.com>
Cc: whatwg <whatwg@lists.whatwg.org>
At present data stored in indexDB is written some where deep in the
profile folder, which is difficult to find.

Instead, if the web application files are stored in
\Users\{windows_userid}\WebApps\www.mycompany.com\ it will be easy to
navigate and be managed by user.

UA should only allow web app to write/read after getting user consent.
If UA find the \WebApps\www.mycompany.com\ folder missing, user should
be asked consent again.
A subdomain should be able to write to a parent domain after changing
its document domain, according security rules.


Additionally if we can restrict these kind of file/storage access to
just https site (or some sort of signing mechanism for installed
app),, it will help reduce annoyance of asking for permission by ever
other site we visit.

Cheers
GC
Received on Monday, 16 March 2015 03:12:49 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 17:00:29 UTC