[html5] r8090 - [giow] (3) Remove the weird stuff around document.domain and localStorage. It do [...]

whatwg at whatwg.org whatwg at whatwg.org
Thu Jul 25 17:13:03 PDT 2013


Author: ianh
Date: 2013-07-25 17:13:01 -0700 (Thu, 25 Jul 2013)
New Revision: 8090

Modified:
   complete.html
   index
   source
Log:
[giow] (3) Remove the weird stuff around document.domain and localStorage. It doesn't really do anything anyway.
Fixing https://www.w3.org/Bugs/Public/show_bug.cgi?id=22481
Affected topics: DOM APIs, Security

Modified: complete.html
===================================================================
--- complete.html	2013-07-25 23:54:24 UTC (rev 8089)
+++ complete.html	2013-07-26 00:13:01 UTC (rev 8090)
@@ -256,7 +256,7 @@
 
   <header class=head id=head><p><a href=http://www.whatwg.org/ class=logo><img width=101 src=/images/logo alt=WHATWG height=101></a></p>
    <hgroup><h1 class=allcaps>HTML</h1>
-    <h2 class="no-num no-toc">Living Standard — Last Updated 25 July 2013</h2>
+    <h2 class="no-num no-toc">Living Standard — Last Updated 26 July 2013</h2>
    </hgroup><dl><dt><strong>Web developer edition:</strong></dt>
     <dd><strong><a href=http://developers.whatwg.org/>http://developers.whatwg.org/</a></strong></dd>
     <dt>Multiple-page version:</dt>
@@ -1139,9 +1139,7 @@
     <ol>
      <li><a href=#the-storage-interface><span class=secno>11.2.1 </span>The <code>Storage</code> interface</a></li>
      <li><a href=#the-sessionstorage-attribute><span class=secno>11.2.2 </span>The <code title=dom-sessionStorage>sessionStorage</code> attribute</a></li>
-     <li><a href=#the-localstorage-attribute><span class=secno>11.2.3 </span>The <code title=dom-localStorage>localStorage</code> attribute</a>
-      <ol>
-       <li><a href=#security-localStorage><span class=secno>11.2.3.1 </span>Security</a></ol></li>
+     <li><a href=#the-localstorage-attribute><span class=secno>11.2.3 </span>The <code title=dom-localStorage>localStorage</code> attribute</a></li>
      <li><a href=#the-storage-event><span class=secno>11.2.4 </span>The <code title=event-storage>storage</code> event</a>
       <ol>
        <li><a href=#event-definition-0><span class=secno>11.2.4.1 </span>Event definition</a></ol></li>
@@ -84507,35 +84505,6 @@
   <a href=#obtain-the-storage-mutex>obtain the storage mutex</a>.</p>
 
 
-<!--ADD-TOPIC:Security-->
-  <h5 id=security-localStorage><span class=secno>11.2.3.1 </span>Security</h5>
-
-  <p>For the purposes of this section, a <code><a href=#storage-0>Storage</a></code> object originally returned by a <code title=dom-localStorage><a href=#dom-localstorage>localStorage</a></code> attribute is a <dfn id=protected-storage-object>protected <code>Storage</code>
-  object</dfn>.</p>
-
-  <p>For the purposes of this section, the <dfn id=original-origin>original origin</dfn> of a <a href=#protected-storage-object>protected
-  <code>Storage</code> object</a> is the <a href=#origin>origin</a> of the <code><a href=#document>Document</a></code> of the
-  <code><a href=#window>Window</a></code> object on which the <code title=dom-localStorage><a href=#dom-localstorage>localStorage</a></code>
-  attribute that returned the <code><a href=#storage-0>Storage</a></code> object was accessed.</p>
-
-  <p>User agents must throw a <code><a href=#securityerror>SecurityError</a></code> exception whenever any properties of a
-  <a href=#protected-storage-object>protected <code>Storage</code> object</a> are accessed when the <a href=#incumbent-script>incumbent
-  script</a> has an <a href=#effective-script-origin>effective script origin</a> that is not the <a href=#same-origin title="same
-  origin">same</a> as the <a href=#original-origin>original origin</a> of that <code><a href=#storage-0>Storage</a></code> object.</p>
-
-  <p>When the <a href=#incumbent-script>incumbent script</a>'s <a href=#effective-script-origin>effective script origin</a> is different than
-  a <a href=#protected-storage-object>protected <code>Storage</code> object</a>'s <a href=#original-origin>original origin</a>, the user
-  agent must act as if any changes to that <code><a href=#storage-0>Storage</a></code> object's properties, getters,
-  setters, etc, were not present, and as if all the properties of that <code><a href=#storage-0>Storage</a></code> object
-  had their [[Enumerable]] attribute set to false.</p>
-
-  <p class=note>This means <code><a href=#storage-0>Storage</a></code> objects are neutered
-  when the <code title=dom-document-domain><a href=#dom-document-domain>document.domain</a></code>
-  attribute is used.</p>
-<!--REMOVE-TOPIC:Security-->
-
-
-
   <h4 id=the-storage-event><span class=secno>11.2.4 </span>The <code title=event-storage><a href=#event-storage>storage</a></code> event</h4>
 
   <p>The <dfn id=event-storage title=event-storage><code>storage</code></dfn> event is fired on a

Modified: index
===================================================================
--- index	2013-07-25 23:54:24 UTC (rev 8089)
+++ index	2013-07-26 00:13:01 UTC (rev 8090)
@@ -256,7 +256,7 @@
 
   <header class=head id=head><p><a href=http://www.whatwg.org/ class=logo><img width=101 src=/images/logo alt=WHATWG height=101></a></p>
    <hgroup><h1 class=allcaps>HTML</h1>
-    <h2 class="no-num no-toc">Living Standard — Last Updated 25 July 2013</h2>
+    <h2 class="no-num no-toc">Living Standard — Last Updated 26 July 2013</h2>
    </hgroup><dl><dt><strong>Web developer edition:</strong></dt>
     <dd><strong><a href=http://developers.whatwg.org/>http://developers.whatwg.org/</a></strong></dd>
     <dt>Multiple-page version:</dt>
@@ -1139,9 +1139,7 @@
     <ol>
      <li><a href=#the-storage-interface><span class=secno>11.2.1 </span>The <code>Storage</code> interface</a></li>
      <li><a href=#the-sessionstorage-attribute><span class=secno>11.2.2 </span>The <code title=dom-sessionStorage>sessionStorage</code> attribute</a></li>
-     <li><a href=#the-localstorage-attribute><span class=secno>11.2.3 </span>The <code title=dom-localStorage>localStorage</code> attribute</a>
-      <ol>
-       <li><a href=#security-localStorage><span class=secno>11.2.3.1 </span>Security</a></ol></li>
+     <li><a href=#the-localstorage-attribute><span class=secno>11.2.3 </span>The <code title=dom-localStorage>localStorage</code> attribute</a></li>
      <li><a href=#the-storage-event><span class=secno>11.2.4 </span>The <code title=event-storage>storage</code> event</a>
       <ol>
        <li><a href=#event-definition-0><span class=secno>11.2.4.1 </span>Event definition</a></ol></li>
@@ -84507,35 +84505,6 @@
   <a href=#obtain-the-storage-mutex>obtain the storage mutex</a>.</p>
 
 
-<!--ADD-TOPIC:Security-->
-  <h5 id=security-localStorage><span class=secno>11.2.3.1 </span>Security</h5>
-
-  <p>For the purposes of this section, a <code><a href=#storage-0>Storage</a></code> object originally returned by a <code title=dom-localStorage><a href=#dom-localstorage>localStorage</a></code> attribute is a <dfn id=protected-storage-object>protected <code>Storage</code>
-  object</dfn>.</p>
-
-  <p>For the purposes of this section, the <dfn id=original-origin>original origin</dfn> of a <a href=#protected-storage-object>protected
-  <code>Storage</code> object</a> is the <a href=#origin>origin</a> of the <code><a href=#document>Document</a></code> of the
-  <code><a href=#window>Window</a></code> object on which the <code title=dom-localStorage><a href=#dom-localstorage>localStorage</a></code>
-  attribute that returned the <code><a href=#storage-0>Storage</a></code> object was accessed.</p>
-
-  <p>User agents must throw a <code><a href=#securityerror>SecurityError</a></code> exception whenever any properties of a
-  <a href=#protected-storage-object>protected <code>Storage</code> object</a> are accessed when the <a href=#incumbent-script>incumbent
-  script</a> has an <a href=#effective-script-origin>effective script origin</a> that is not the <a href=#same-origin title="same
-  origin">same</a> as the <a href=#original-origin>original origin</a> of that <code><a href=#storage-0>Storage</a></code> object.</p>
-
-  <p>When the <a href=#incumbent-script>incumbent script</a>'s <a href=#effective-script-origin>effective script origin</a> is different than
-  a <a href=#protected-storage-object>protected <code>Storage</code> object</a>'s <a href=#original-origin>original origin</a>, the user
-  agent must act as if any changes to that <code><a href=#storage-0>Storage</a></code> object's properties, getters,
-  setters, etc, were not present, and as if all the properties of that <code><a href=#storage-0>Storage</a></code> object
-  had their [[Enumerable]] attribute set to false.</p>
-
-  <p class=note>This means <code><a href=#storage-0>Storage</a></code> objects are neutered
-  when the <code title=dom-document-domain><a href=#dom-document-domain>document.domain</a></code>
-  attribute is used.</p>
-<!--REMOVE-TOPIC:Security-->
-
-
-
   <h4 id=the-storage-event><span class=secno>11.2.4 </span>The <code title=event-storage><a href=#event-storage>storage</a></code> event</h4>
 
   <p>The <dfn id=event-storage title=event-storage><code>storage</code></dfn> event is fired on a

Modified: source
===================================================================
--- source	2013-07-25 23:54:24 UTC (rev 8089)
+++ source	2013-07-26 00:13:01 UTC (rev 8090)
@@ -94298,36 +94298,6 @@
   <span>obtain the storage mutex</span>.</p>
 
 
-<!--ADD-TOPIC:Security-->
-  <h6 id="security-localStorage">Security</h6>
-
-  <p>For the purposes of this section, a <code>Storage</code> object originally returned by a <code
-  title="dom-localStorage">localStorage</code> attribute is a <dfn>protected <code>Storage</code>
-  object</dfn>.</p>
-
-  <p>For the purposes of this section, the <dfn>original origin</dfn> of a <span>protected
-  <code>Storage</code> object</span> is the <span>origin</span> of the <code>Document</code> of the
-  <code>Window</code> object on which the <code title="dom-localStorage">localStorage</code>
-  attribute that returned the <code>Storage</code> object was accessed.</p>
-
-  <p>User agents must throw a <code>SecurityError</code> exception whenever any properties of a
-  <span>protected <code>Storage</code> object</span> are accessed when the <span>incumbent
-  script</span> has an <span>effective script origin</span> that is not the <span title="same
-  origin">same</span> as the <span>original origin</span> of that <code>Storage</code> object.</p>
-
-  <p>When the <span>incumbent script</span>'s <span>effective script origin</span> is different than
-  a <span>protected <code>Storage</code> object</span>'s <span>original origin</span>, the user
-  agent must act as if any changes to that <code>Storage</code> object's properties, getters,
-  setters, etc, were not present, and as if all the properties of that <code>Storage</code> object
-  had their [[Enumerable]] attribute set to false.</p>
-
-  <p class="note">This means <code>Storage</code> objects are neutered
-  when the <code title="dom-document-domain">document.domain</code>
-  attribute is used.</p>
-<!--REMOVE-TOPIC:Security-->
-
-
-
   <h5>The <code title="event-storage">storage</code> event</h5>
 
   <p>The <dfn title="event-storage"><code>storage</code></dfn> event is fired on a




More information about the Commit-Watchers mailing list