[html5] r1201 - /
whatwg at whatwg.org
whatwg at whatwg.org
Sat Feb 9 01:13:12 PST 2008
Author: ianh
Date: 2008-02-09 01:13:09 -0800 (Sat, 09 Feb 2008)
New Revision: 1201
Modified:
index
source
Log:
[g] (2) To help Mozilla transition to the new API, renaming globalStorage to localStorage. The irony is not lost on me.
Modified: index
===================================================================
--- index 2008-02-09 08:39:25 UTC (rev 1200)
+++ index 2008-02-09 09:13:09 UTC (rev 1201)
@@ -1170,8 +1170,8 @@
<li><a href="#the-sessionstorage"><span class=secno>4.10.3 </span>The
<code title=dom-sessionStorage>sessionStorage</code> attribute</a>
- <li><a href="#the-globalstorage"><span class=secno>4.10.4 </span>The
- <code title=dom-globalStorage>globalStorage</code> attribute</a>
+ <li><a href="#the-localstorage"><span class=secno>4.10.4 </span>The
+ <code title=dom-localStorage>localStorage</code> attribute</a>
<li><a href="#the-storage0"><span class=secno>4.10.5 </span>The <code
title=event-storage>storage</code> event</a>
@@ -25397,7 +25397,7 @@
// the user agent
readonly attribute <a href="#clientinformation">ClientInformation</a> <a href="#navigator" title=dom-navigator>navigator</a>; <!-- XXX IE6 also has window.clientInformation pointing to this same object -->
readonly attribute <a href="#storage0">Storage</a> <a href="#sessionstorage" title=dom-sessionStorage>sessionStorage</a>;
- readonly attribute <a href="#storage0">Storage</a> <a href="#globalstorage" title=dom-globalStorage>globalStorage</a>;
+ readonly attribute <a href="#storage0">Storage</a> <a href="#localstorage" title=dom-localStorage>localStorage</a>;
<a href="#database0">Database</a> <a href="#opendatabase" title=dom-opendatabase>openDatabase</a>(in DOMString name, in DOMString version, in DOMString displayName, in unsigned long estimatedSize);
// modal user prompts
@@ -30207,9 +30207,9 @@
<p>Again, cookies do not handle this case well, because they are
transmitted with every request.
- <p>The <code title=dom-globalStorage><a
- href="#globalstorage">globalStorage</a></code> DOM attribute is used to
- access a page's global storage area.
+ <p>The <code title=dom-localStorage><a
+ href="#localstorage">localStorage</a></code> DOM attribute is used to
+ access a page's local storage area.
<div class=example>
<p>The site at example.com can display a count of how many times the user
@@ -30221,17 +30221,17 @@
time(s).
</p>
<script>
- if (!globalStorage.pageLoadCount)
- globalStorage.pageLoadCount = 0;
- globalStorage.pageLoadCount = parseInt(globalStorage.pageLoadCount, 10) + 1;
- document.getElementById('count').textContent = globalStorage.pageLoadCount;
+ if (!localStorage.pageLoadCount)
+ localStorage.pageLoadCount = 0;
+ localStorage.pageLoadCount = parseInt(localStorage.pageLoadCount, 10) + 1;
+ document.getElementById('count').textContent = localStorage.pageLoadCount;
</script></pre>
</div>
<p>Each <a href="#origin0">origin</a> has its own separate storage area.
- <p>Storage areas (both session storage and global storage) store strings.
- To store structured data in a storage area, you must first convert it to a
+ <p>Storage areas (both session storage and local storage) store strings. To
+ store structured data in a storage area, you must first convert it to a
string.
<h4 id=the-storage><span class=secno>4.10.2 </span>The <code><a
@@ -30266,7 +30266,7 @@
with a list of key/value pairs when it is created, as defined in the
sections on the <code title=dom-sessionStorage><a
href="#sessionstorage">sessionStorage</a></code> and <code
- title=dom-globalStorage><a href="#globalstorage">globalStorage</a></code>
+ title=dom-localStorage><a href="#localstorage">localStorage</a></code>
attributes. Multiple separate objects implementing the <code><a
href="#storage0">Storage</a></code> interface can all be associated with
the same list of key/value pairs simultaneously.
@@ -30319,7 +30319,7 @@
that can access the newly stored data, as defined in the sections on the
<code title=dom-sessionStorage><a
href="#sessionstorage">sessionStorage</a></code> and <code
- title=dom-globalStorage><a href="#globalstorage">globalStorage</a></code>
+ title=dom-localStorage><a href="#localstorage">localStorage</a></code>
attributes.</p>
<!--
not normative, see the sections below for the normative statement
@@ -30423,43 +30423,43 @@
title=event-storage><a href="#storage1">storage</a></code> event must be
fired, as <a href="#storage1" title=event-storage>described below</a>.
- <h4 id=the-globalstorage><span class=secno>4.10.4 </span>The <code
- title=dom-globalStorage><a href="#globalstorage">globalStorage</a></code>
+ <h4 id=the-localstorage><span class=secno>4.10.4 </span>The <code
+ title=dom-localStorage><a href="#localstorage">localStorage</a></code>
attribute</h4>
- <p>The <dfn id=globalstorage
- title=dom-globalStorage><code>globalStorage</code></dfn> object provides a
+ <p>The <dfn id=localstorage
+ title=dom-localStorage><code>localStorage</code></dfn> object provides a
<code><a href="#storage0">Storage</a></code> object for <a
href="#origin0">origin</a>.
- <p>User agents must have a set of global storage areas, one for each <a
+ <p>User agents must have a set of local storage areas, one for each <a
href="#origin0">origin</a>.
- <p>User agents should only expire data from the global storage areas for
+ <p>User agents should only expire data from the local storage areas for
security reasons or when requested to do so by the user. User agents
should always avoid deleting data while a script that could access that
- data is running. Data stored in global storage areas should be considered
+ data is running. Data stored in local storage areas should be considered
potentially user-critical. It is expected that Web applications will use
- the global storage areas for storing user-written documents.
+ the local storage areas for storing user-written documents.
- <p>When the <code title=dom-globalStorage><a
- href="#globalstorage">globalStorage</a></code> attribute is accessed, the
- user agent must check to see if it has allocated global storage area for
+ <p>When the <code title=dom-localStorage><a
+ href="#localstorage">localStorage</a></code> attribute is accessed, the
+ user agent must check to see if it has allocated local storage area for
the <a href="#origin0">origin</a> of the <a href="#browsing0">browsing
context</a> within which the script is running. If it has not, a new
storage area for that origin must be created.
<p>The user agent must then create a <code><a
href="#storage0">Storage</a></code> object associated with that origin's
- global storage area, and return it.
+ local storage area, and return it.
- <p id=globalStorageEvent>When the <code title=dom-Storage-setItem><a
+ <p id=localStorageEvent>When the <code title=dom-Storage-setItem><a
href="#setitem">setItem()</a></code> method is called on a <code><a
href="#storage0">Storage</a></code> object <var title="">x</var> that is
- associated with a global storage area, then in every <code><a
+ associated with a local storage area, then in every <code><a
href="#htmldocument">HTMLDocument</a></code> object whose <code><a
- href="#window">Window</a></code> object's <code title=dom-globalStorage><a
- href="#globalstorage">globalStorage</a></code> attribute's <code><a
+ href="#window">Window</a></code> object's <code title=dom-localStorage><a
+ href="#localstorage">localStorage</a></code> attribute's <code><a
href="#storage0">Storage</a></code> object is associated with the same
storage area, other than <var title="">x</var>, a <code
title=event-storage><a href="#storage1">storage</a></code> event must be
@@ -30472,7 +30472,7 @@
event is fired in an <code><a href="#htmldocument">HTMLDocument</a></code>
when a storage area changes, as described in the previous two sections (<a
href="#sessionStorageEvent">for session storage</a>, <a
- href="#globalStorageEvent">for global storage</a>).
+ href="#localStorageEvent">for local storage</a>).
<p>When this happens, the user agent must dispatch an event with the name
<code><a href="#storage0">storage</a></code>, with no namespace, which
@@ -30577,7 +30577,7 @@
<p>There are various ways of implementing this requirement. One is that if
a script running in one browsing context accesses a global storage area,
the UA blocks scripts in other browsing contexts when they try to access
- the global storage area for the same origin until the first script has
+ the local storage area for the same origin until the first script has
executed to completion. (Similarly, when a script in one browsing context
accesses its session storage area, any scripts that have the same top
level browsing context and the same origin would block when accessing
@@ -30593,7 +30593,7 @@
<p>A third-party advertiser (or any entity capable of getting content
distributed to multiple sites) could use a unique identifier stored in its
- global storage area to track a user across multiple sessions, building a
+ local storage area to track a user across multiple sessions, building a
profile of the user's interests to allow for highly targeted advertising.
In conjunction with a site that is aware of the user's real identity (for
example an e-commerce site that requires authenticated credentials), this
@@ -30606,8 +30606,8 @@
<ul>
<li>
<p>Blocking third-party storage: user agents may restrict access to the
- <code title=dom-globalStorage><a
- href="#globalstorage">globalStorage</a></code> object to scripts
+ <code title=dom-localStorage><a
+ href="#localstorage">localStorage</a></code> object to scripts
originating at the domain of the top-level document of the <a
href="#browsing0">browsing context</a>, for instance denying access to
the API for pages from other domains running in <code><a
@@ -30629,7 +30629,7 @@
<p>However, this also puts the user's data at risk.</p>
<!-- XXX should there be an explicit way for sites to state when
data should expire? as in
- globalStorage.expireData(365); ? -->
+ localStorage.expireData(365); ? -->
<li>
@@ -30642,9 +30642,9 @@
suspicion.</p>
<li>
- <p>Site-specific white-listing of access to global storage areas: user
+ <p>Site-specific white-listing of access to local storage areas: user
agents may allow sites to access session storage areas in an
- unrestricted manner, but require the user to authorise access to global
+ unrestricted manner, but require the user to authorise access to local
storage areas.</p>
<li>
@@ -30697,7 +30697,7 @@
that a host claiming to be in a certain domain really is from that domain.
To mitigate this, pages can use SSL. Pages using SSL can be sure that only
pages using SSL that have certificates identifying them as being from the
- same domain can access their global storage areas.
+ same domain can access their local storage areas.
<h5 id=cross-directory><span class=secno>4.10.7.4. </span>Cross-directory
attacks</h5>
@@ -31276,14 +31276,14 @@
<h4 id=privacy><span class=secno>4.11.7 </span>Privacy</h4>
- <p>In contrast with the <code title=dom-globalStorage><a
- href="#globalstorage">globalStorage</a></code> feature, which
- intentionally allows data to be accessed across multiple domains,
- protocols, and ports (albeit in a controlled fashion), this database
- feature is limited to scripts running with the same <a
- href="#origin0">origin</a> as the database. Thus, it is expected that the
- privacy implications be equivalent to those already present in allowing
- scripts to communicate with their originating host.
+ <p>In contrast with the <code title=dom-localStorage><a
+ href="#localstorage">localStorage</a></code> feature, which intentionally
+ allows data to be accessed across multiple domains, protocols, and ports
+ (albeit in a controlled fashion), this database feature is limited to
+ scripts running with the same <a href="#origin0">origin</a> as the
+ database. Thus, it is expected that the privacy implications be equivalent
+ to those already present in allowing scripts to communicate with their
+ originating host.
<p>User agents are encouraged to treat data stored in databases in the same
way as cookies for the purposes of user interfaces, to reduce the risk of
Modified: source
===================================================================
--- source 2008-02-09 08:39:25 UTC (rev 1200)
+++ source 2008-02-09 09:13:09 UTC (rev 1201)
@@ -22886,7 +22886,7 @@
// the user agent
readonly attribute <span>ClientInformation</span> <span title="dom-navigator">navigator</span>; <!-- XXX IE6 also has window.clientInformation pointing to this same object -->
readonly attribute <span>Storage</span> <span title="dom-sessionStorage">sessionStorage</span>;
- readonly attribute <span>Storage</span> <span title="dom-globalStorage">globalStorage</span>;
+ readonly attribute <span>Storage</span> <span title="dom-localStorage">localStorage</span>;
<span>Database</span> <span title="dom-opendatabase">openDatabase</span>(in DOMString name, in DOMString version, in DOMString displayName, in unsigned long estimatedSize);
// modal user prompts
@@ -27694,8 +27694,8 @@
<p>Again, cookies do not handle this case well, because they are
transmitted with every request.</p>
- <p>The <code title="dom-globalStorage">globalStorage</code> DOM
- attribute is used to access a page's global storage area.</p>
+ <p>The <code title="dom-localStorage">localStorage</code> DOM
+ attribute is used to access a page's local storage area.</p>
<div class="example">
@@ -27709,17 +27709,17 @@
time(s).
</p>
<script>
- if (!globalStorage.pageLoadCount)
- globalStorage.pageLoadCount = 0;
- globalStorage.pageLoadCount = parseInt(globalStorage.pageLoadCount, 10) + 1;
- document.getElementById('count').textContent = globalStorage.pageLoadCount;
+ if (!localStorage.pageLoadCount)
+ localStorage.pageLoadCount = 0;
+ localStorage.pageLoadCount = parseInt(localStorage.pageLoadCount, 10) + 1;
+ document.getElementById('count').textContent = localStorage.pageLoadCount;
</script></pre>
</div>
<p>Each <span>origin</span> has its own separate storage area.</p>
- <p>Storage areas (both session storage and global storage) store
+ <p>Storage areas (both session storage and local storage) store
strings. To store structured data in a storage area, you must first
convert it to a string.</p>
@@ -27755,7 +27755,7 @@
<p>Each <code>Storage</code> object is associated with a list of
key/value pairs when it is created, as defined in the sections on
the <code title="dom-sessionStorage">sessionStorage</code> and <code
- title="dom-globalStorage">globalStorage</code> attributes. Multiple
+ title="dom-localStorage">localStorage</code> attributes. Multiple
separate objects implementing the <code>Storage</code> interface can
all be associated with the same list of key/value pairs
simultaneously.</p>
@@ -27809,7 +27809,7 @@
<code>HTMLDocument</code> objects that can access the newly stored
data, as defined in the sections on the <code
title="dom-sessionStorage">sessionStorage</code> and <code
- title="dom-globalStorage">globalStorage</code> attributes.</p> <!--
+ title="dom-localStorage">localStorage</code> attributes.</p> <!--
not normative, see the sections below for the normative statement
-->
@@ -27904,39 +27904,39 @@
title="event-storage">described below</span>.</p>
- <h4>The <code title="dom-globalStorage">globalStorage</code> attribute</h4>
+ <h4>The <code title="dom-localStorage">localStorage</code> attribute</h4>
<p>The <dfn
- title="dom-globalStorage"><code>globalStorage</code></dfn> object
+ title="dom-localStorage"><code>localStorage</code></dfn> object
provides a <code>Storage</code> object for <span>origin</span>.</p>
- <p>User agents must have a set of global storage areas, one for each
+ <p>User agents must have a set of local storage areas, one for each
<span>origin</span>.</p>
- <p>User agents should only expire data from the global storage areas
+ <p>User agents should only expire data from the local storage areas
for security reasons or when requested to do so by the user. User
agents should always avoid deleting data while a script that could
- access that data is running. Data stored in global storage areas
+ access that data is running. Data stored in local storage areas
should be considered potentially user-critical. It is expected that
- Web applications will use the global storage areas for storing
+ Web applications will use the local storage areas for storing
user-written documents.</p>
- <p>When the <code title="dom-globalStorage">globalStorage</code>
+ <p>When the <code title="dom-localStorage">localStorage</code>
attribute is accessed, the user agent must check to see if it has
- allocated global storage area for the <span>origin</span> of the
+ allocated local storage area for the <span>origin</span> of the
<span>browsing context</span> within which the script is running. If
it has not, a new storage area for that origin must be created.</p>
<p>The user agent must then create a <code>Storage</code> object
- associated with that origin's global storage area, and return
+ associated with that origin's local storage area, and return
it.</p>
- <p id="globalStorageEvent">When the <code
+ <p id="localStorageEvent">When the <code
title="dom-Storage-setItem">setItem()</code> method is called on a
<code>Storage</code> object <var title="">x</var> that is associated
- with a global storage area, then in every <code>HTMLDocument</code>
+ with a local storage area, then in every <code>HTMLDocument</code>
object whose <code>Window</code> object's <code
- title="dom-globalStorage">globalStorage</code> attribute's
+ title="dom-localStorage">localStorage</code> attribute's
<code>Storage</code> object is associated with the same storage
area, other than <var title="">x</var>, a <code
title="event-storage">storage</code> event must be fired, as <span
@@ -27949,7 +27949,7 @@
is fired in an <code>HTMLDocument</code> when a storage area
changes, as described in the previous two sections (<a
href="#sessionStorageEvent">for session storage</a>, <a
- href="#globalStorageEvent">for global storage</a>).</p>
+ href="#localStorageEvent">for local storage</a>).</p>
<p>When this happens, the user agent must dispatch an event with the
name <code>storage</code>, with no namespace, which does not bubble
@@ -28059,7 +28059,7 @@
<p>There are various ways of implementing this requirement. One is
that if a script running in one browsing context accesses a global
storage area, the UA blocks scripts in other browsing contexts when
- they try to access the global storage area for the same origin until
+ they try to access the local storage area for the same origin until
the first script has executed to completion. (Similarly, when a
script in one browsing context accesses its session storage area,
any scripts that have the same top level browsing context and the
@@ -28078,7 +28078,7 @@
<p>A third-party advertiser (or any entity capable of getting
content distributed to multiple sites) could use a unique identifier
- stored in its global storage area to track a user across multiple
+ stored in its local storage area to track a user across multiple
sessions, building a profile of the user's interests to allow for
highly targeted advertising. In conjunction with a site that is
aware of the user's real identity (for example an e-commerce site
@@ -28094,7 +28094,7 @@
<li>
<p>Blocking third-party storage: user agents may restrict access
- to the <code title="dom-globalStorage">globalStorage</code> object
+ to the <code title="dom-localStorage">localStorage</code> object
to scripts originating at the domain of the top-level document of
the <span>browsing context</span>, for instance denying access to
the API for pages from other domains running in
@@ -28121,7 +28121,7 @@
<!-- XXX should there be an explicit way for sites to state when
data should expire? as in
- globalStorage.expireData(365); ? -->
+ localStorage.expireData(365); ? -->
</li>
@@ -28139,10 +28139,10 @@
<li>
- <p>Site-specific white-listing of access to global storage areas:
+ <p>Site-specific white-listing of access to local storage areas:
user agents may allow sites to access session storage areas in an
unrestricted manner, but require the user to authorise access to
- global storage areas.</p>
+ local storage areas.</p>
</li>
@@ -28209,7 +28209,7 @@
from that domain. To mitigate this, pages can use SSL. Pages using
SSL can be sure that only pages using SSL that have certificates
identifying them as being from the same domain can access their
- global storage areas.</p>
+ local storage areas.</p>
<h5>Cross-directory attacks</h5>
@@ -28792,7 +28792,7 @@
<h4>Privacy</h4>
<p>In contrast with the <code
- title="dom-globalStorage">globalStorage</code> feature, which
+ title="dom-localStorage">localStorage</code> feature, which
intentionally allows data to be accessed across multiple domains,
protocols, and ports (albeit in a controlled fashion), this database
feature is limited to scripts running with the same
More information about the Commit-Watchers
mailing list