[whatwg] Client-side database and origins

Ian Hickson ian at hixie.ch
Wed Oct 3 12:48:56 PDT 2007


On Wed, 3 Oct 2007, Brady Eidson wrote:
> 
> However, what if the developer at "http://www.foo.com:80/user1" creates 
> a database called "Photos", and the user at 
> "http://www.foo.com:80/user2" does the same.  They both expect to be 
> able to create their own database and not have outside interference, yet 
> for the user who visits one page before the other, things will 
> inexplicably fail.

Indeed, on multiuser systems, it would be prudent to have database names 
prefixed with user IDs, e.g. "user1/photos" and "user2/photos". This could 
end up being quite common if, e.g., blogging software starts using these 
databases and many users on a host all install the same blogging software.


> I suppose it's an issue that is allowed by the spec and therefore 
> developers should be aware of it and able to workaround it.  However, it 
> seems like it would be very polite (and probably reasonably simple) to 
> design the spec in a manner that would not allow this conflict.

Well, part of the problem is that we want databases to be accessible 
regardless of path. For example:

   http://example.com/game1/...
   http://example.com/game2/...
   http://example.com/game3/...

...should all be able to access the "user profile" database, regardless 
of which one created it.

It's not entire clear to me how to resolve the issue.

-- 
Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'



More information about the whatwg mailing list