[html5] r1199 - /

whatwg at whatwg.org whatwg at whatwg.org
Fri Feb 8 20:52:30 PST 2008 

Author: ianh
Date: 2008-02-08 20:52:26 -0800 (Fri, 08 Feb 2008)
New Revision: 1199

Modified:
   index
   source
Log:
[g] (2) Make failure of setting an item on a Storage object return false, instead of raising an exception. Also, clarify one of the security risks to do with third-party storage access.

Modified: index
===================================================================
--- index	2008-02-09 01:31:30 UTC (rev 1198)
+++ index	2008-02-09 04:52:26 UTC (rev 1199)
@@ -30238,7 +30238,7 @@
   readonly attribute unsigned long <a href="#length8" title=dom-Storage-length>length</a>;
   DOMString <a href="#keyn" title=dom-Storage-key>key</a>(in unsigned long index);
   DOMString <a href="#getitem" title=dom-Storage-getItem>getItem</a>(in DOMString key);
-  void <a href="#setitem" title=dom-Storage-setItem>setItem</a>(in DOMString key, in DOMString data);
+  boolean <a href="#setitem" title=dom-Storage-setItem>setItem</a>(in DOMString key, in DOMString data);
   void <a href="#removeitem" title=dom-Storage-removeItem>removeItem</a>(in DOMString key);
 };</pre>
 
@@ -30297,6 +30297,10 @@
    then it must have its value updated to the value given in the <var
    title="">value</var> argument.
 
+  <p>The method must return true if setting the value was successful, and
+   false otherwise. (Setting could fail if, e.g., the user has disabled
+   storage for the domain, or if the quota has been exceeded.)
+
   <p>When the <code title=dom-Storage-setItem><a
    href="#setitem">setItem()</a></code> method is invoked, events are fired
    on other <code><a href="#htmldocument">HTMLDocument</a></code> objects
@@ -30503,7 +30507,7 @@
 
   <p>If the storage area space limit is reached during a <code
    title=dom-Storage-setItem><a href="#setitem">setItem()</a></code> call,
-   the user agent must raise an <code>INVALID_ACCESS_ERR</code> exception.
+   the method will return false.
 
   <p>A mostly arbitrary limit of five megabytes per domain is recommended.
    Implementation feedback is welcome and will be used to update this
@@ -30555,7 +30559,9 @@
      <code title=dom-globalStorage><a
      href="#globalstorage">globalStorage</a></code> object to scripts
      originating at the domain of the top-level document of the <a
-     href="#browsing0">browsing context</a>.</p>
+     href="#browsing0">browsing context</a>, for instance denying access to
+     the API for pages from other domains running in <code><a
+     href="#iframe">iframe</a></code>s.</p>
 
    <li>
     <p>Expiring stored data: user agents may automatically delete stored data

Modified: source
===================================================================
--- source	2008-02-09 01:31:30 UTC (rev 1198)
+++ source	2008-02-09 04:52:26 UTC (rev 1199)
@@ -27731,7 +27731,7 @@
   readonly attribute unsigned long <span title="dom-Storage-length">length</span>;
   DOMString <span title="dom-Storage-key">key</span>(in unsigned long index);
   DOMString <span title="dom-Storage-getItem">getItem</span>(in DOMString key);
-  void <span title="dom-Storage-setItem">setItem</span>(in DOMString key, in DOMString data);
+  boolean <span title="dom-Storage-setItem">setItem</span>(in DOMString key, in DOMString data);
   void <span title="dom-Storage-removeItem">removeItem</span>(in DOMString key);
 };</pre>
 
@@ -27790,6 +27790,11 @@
   list, then it must have its value updated to the value given in the
   <var title="">value</var> argument.</p>
 
+  <p>The method must return true if setting the value was successful,
+  and false otherwise. (Setting could fail if, e.g., the user has
+  disabled storage for the domain, or if the quota has been
+  exceeded.)</p>
+
   <p>When the <code title="dom-Storage-setItem">setItem()</code>
   method is invoked, events are fired on other
   <code>HTMLDocument</code> objects that can access the newly stored
@@ -27982,8 +27987,8 @@
   is using.</p>
 
   <p>If the storage area space limit is reached during a <code
-  title="dom-Storage-setItem">setItem()</code> call, the user agent
-  must raise an <code>INVALID_ACCESS_ERR</code> exception.</p>
+  title="dom-Storage-setItem">setItem()</code> call, the method will
+  return false.</p>
 
   <p>A mostly arbitrary limit of five megabytes per domain is
   recommended. Implementation feedback is welcome and will be used to
@@ -28042,7 +28047,9 @@
     <p>Blocking third-party storage: user agents may restrict access
     to the <code title="dom-globalStorage">globalStorage</code> object
     to scripts originating at the domain of the top-level document of
-    the <span>browsing context</span>.</p>
+    the <span>browsing context</span>, for instance denying access to
+    the API for pages from other domains running in
+    <code>iframe</code>s.</p>
 
    </li>

More information about the Commit-Watchers mailing list