Skip to content

Commit

Permalink
[giow] (3) Remove the weird stuff around document.domain and localSto…
Browse files Browse the repository at this point in the history 
…rage. It doesn't really do anything anyway.

Fixing https://www.w3.org/Bugs/Public/show_bug.cgi?id=22481
Affected topics: DOM APIs, Security

git-svn-id: http://svn.whatwg.org/webapps@8090 340c8d12-0b0e-0410-8428-c7bf67bfef74
  • Loading branch information
@Hixie
Hixie committed Jul 26, 2013
1 parent 0c00826 commit 45d8c49
Show file tree
Hide file tree
Showing 3 changed files with 4 additions and 96 deletions.
35 changes: 2 additions & 33 deletions complete.html
View file
Expand Up @@ -256,7 +256,7 @@

<header class=head id=head><p><a href=http://www.whatwg.org/ class=logo><img width=101 src=/images/logo alt=WHATWG height=101></a></p>
<hgroup><h1 class=allcaps>HTML</h1>
<h2 class="no-num no-toc">Living Standard &mdash; Last Updated 25 July 2013</h2>
<h2 class="no-num no-toc">Living Standard &mdash; Last Updated 26 July 2013</h2>
</hgroup><dl><dt><strong>Web developer edition:</strong></dt>
<dd><strong><a href=http://developers.whatwg.org/>http://developers.whatwg.org/</a></strong></dd>
<dt>Multiple-page version:</dt>
Expand Down Expand Up @@ -1139,9 +1139,7 @@ <h2 class="no-num no-toc">Living Standard &mdash; Last Updated 25 July 2013</h2>
<ol>
<li><a href=#the-storage-interface><span class=secno>11.2.1 </span>The <code>Storage</code> interface</a></li>
<li><a href=#the-sessionstorage-attribute><span class=secno>11.2.2 </span>The <code title=dom-sessionStorage>sessionStorage</code> attribute</a></li>
<li><a href=#the-localstorage-attribute><span class=secno>11.2.3 </span>The <code title=dom-localStorage>localStorage</code> attribute</a>
<ol>
<li><a href=#security-localStorage><span class=secno>11.2.3.1 </span>Security</a></ol></li>
<li><a href=#the-localstorage-attribute><span class=secno>11.2.3 </span>The <code title=dom-localStorage>localStorage</code> attribute</a></li>
<li><a href=#the-storage-event><span class=secno>11.2.4 </span>The <code title=event-storage>storage</code> event</a>
<ol>
<li><a href=#event-definition-0><span class=secno>11.2.4.1 </span>Event definition</a></ol></li>
Expand Down Expand Up @@ -84507,35 +84505,6 @@ <h4 id=the-localstorage-attribute><span class=secno>11.2.3 </span>The <code titl
<a href=#obtain-the-storage-mutex>obtain the storage mutex</a>.</p>


<!--ADD-TOPIC:Security-->
<h5 id=security-localStorage><span class=secno>11.2.3.1 </span>Security</h5>

<p>For the purposes of this section, a <code><a href=#storage-0>Storage</a></code> object originally returned by a <code title=dom-localStorage><a href=#dom-localstorage>localStorage</a></code> attribute is a <dfn id=protected-storage-object>protected <code>Storage</code>
object</dfn>.</p>

<p>For the purposes of this section, the <dfn id=original-origin>original origin</dfn> of a <a href=#protected-storage-object>protected
<code>Storage</code> object</a> is the <a href=#origin>origin</a> of the <code><a href=#document>Document</a></code> of the
<code><a href=#window>Window</a></code> object on which the <code title=dom-localStorage><a href=#dom-localstorage>localStorage</a></code>
attribute that returned the <code><a href=#storage-0>Storage</a></code> object was accessed.</p>

<p>User agents must throw a <code><a href=#securityerror>SecurityError</a></code> exception whenever any properties of a
<a href=#protected-storage-object>protected <code>Storage</code> object</a> are accessed when the <a href=#incumbent-script>incumbent
script</a> has an <a href=#effective-script-origin>effective script origin</a> that is not the <a href=#same-origin title="same
origin">same</a> as the <a href=#original-origin>original origin</a> of that <code><a href=#storage-0>Storage</a></code> object.</p>

<p>When the <a href=#incumbent-script>incumbent script</a>'s <a href=#effective-script-origin>effective script origin</a> is different than
a <a href=#protected-storage-object>protected <code>Storage</code> object</a>'s <a href=#original-origin>original origin</a>, the user
agent must act as if any changes to that <code><a href=#storage-0>Storage</a></code> object's properties, getters,
setters, etc, were not present, and as if all the properties of that <code><a href=#storage-0>Storage</a></code> object
had their [[Enumerable]] attribute set to false.</p>

<p class=note>This means <code><a href=#storage-0>Storage</a></code> objects are neutered
when the <code title=dom-document-domain><a href=#dom-document-domain>document.domain</a></code>
attribute is used.</p>
<!--REMOVE-TOPIC:Security-->



<h4 id=the-storage-event><span class=secno>11.2.4 </span>The <code title=event-storage><a href=#event-storage>storage</a></code> event</h4>

<p>The <dfn id=event-storage title=event-storage><code>storage</code></dfn> event is fired on a
Expand Down
35 changes: 2 additions & 33 deletions index
View file
Expand Up @@ -256,7 +256,7 @@

<header class=head id=head><p><a href=http://www.whatwg.org/ class=logo><img width=101 src=/images/logo alt=WHATWG height=101></a></p>
<hgroup><h1 class=allcaps>HTML</h1>
<h2 class="no-num no-toc">Living Standard &mdash; Last Updated 25 July 2013</h2>
<h2 class="no-num no-toc">Living Standard &mdash; Last Updated 26 July 2013</h2>
</hgroup><dl><dt><strong>Web developer edition:</strong></dt>
<dd><strong><a href=http://developers.whatwg.org/>http://developers.whatwg.org/</a></strong></dd>
<dt>Multiple-page version:</dt>
Expand Down Expand Up @@ -1139,9 +1139,7 @@
<ol>
<li><a href=#the-storage-interface><span class=secno>11.2.1 </span>The <code>Storage</code> interface</a></li>
<li><a href=#the-sessionstorage-attribute><span class=secno>11.2.2 </span>The <code title=dom-sessionStorage>sessionStorage</code> attribute</a></li>
<li><a href=#the-localstorage-attribute><span class=secno>11.2.3 </span>The <code title=dom-localStorage>localStorage</code> attribute</a>
<ol>
<li><a href=#security-localStorage><span class=secno>11.2.3.1 </span>Security</a></ol></li>
<li><a href=#the-localstorage-attribute><span class=secno>11.2.3 </span>The <code title=dom-localStorage>localStorage</code> attribute</a></li>
<li><a href=#the-storage-event><span class=secno>11.2.4 </span>The <code title=event-storage>storage</code> event</a>
<ol>
<li><a href=#event-definition-0><span class=secno>11.2.4.1 </span>Event definition</a></ol></li>
Expand Down Expand Up @@ -84507,35 +84505,6 @@ interface <dfn id=windowlocalstorage>WindowLocalStorage</dfn> {
<a href=#obtain-the-storage-mutex>obtain the storage mutex</a>.</p>


<!--ADD-TOPIC:Security-->
<h5 id=security-localStorage><span class=secno>11.2.3.1 </span>Security</h5>

<p>For the purposes of this section, a <code><a href=#storage-0>Storage</a></code> object originally returned by a <code title=dom-localStorage><a href=#dom-localstorage>localStorage</a></code> attribute is a <dfn id=protected-storage-object>protected <code>Storage</code>
object</dfn>.</p>

<p>For the purposes of this section, the <dfn id=original-origin>original origin</dfn> of a <a href=#protected-storage-object>protected
<code>Storage</code> object</a> is the <a href=#origin>origin</a> of the <code><a href=#document>Document</a></code> of the
<code><a href=#window>Window</a></code> object on which the <code title=dom-localStorage><a href=#dom-localstorage>localStorage</a></code>
attribute that returned the <code><a href=#storage-0>Storage</a></code> object was accessed.</p>

<p>User agents must throw a <code><a href=#securityerror>SecurityError</a></code> exception whenever any properties of a
<a href=#protected-storage-object>protected <code>Storage</code> object</a> are accessed when the <a href=#incumbent-script>incumbent
script</a> has an <a href=#effective-script-origin>effective script origin</a> that is not the <a href=#same-origin title="same
origin">same</a> as the <a href=#original-origin>original origin</a> of that <code><a href=#storage-0>Storage</a></code> object.</p>

<p>When the <a href=#incumbent-script>incumbent script</a>'s <a href=#effective-script-origin>effective script origin</a> is different than
a <a href=#protected-storage-object>protected <code>Storage</code> object</a>'s <a href=#original-origin>original origin</a>, the user
agent must act as if any changes to that <code><a href=#storage-0>Storage</a></code> object's properties, getters,
setters, etc, were not present, and as if all the properties of that <code><a href=#storage-0>Storage</a></code> object
had their [[Enumerable]] attribute set to false.</p>

<p class=note>This means <code><a href=#storage-0>Storage</a></code> objects are neutered
when the <code title=dom-document-domain><a href=#dom-document-domain>document.domain</a></code>
attribute is used.</p>
<!--REMOVE-TOPIC:Security-->



<h4 id=the-storage-event><span class=secno>11.2.4 </span>The <code title=event-storage><a href=#event-storage>storage</a></code> event</h4>

<p>The <dfn id=event-storage title=event-storage><code>storage</code></dfn> event is fired on a
Expand Down
30 changes: 0 additions & 30 deletions source
View file
Expand Up @@ -94298,36 +94298,6 @@ interface <dfn>WindowLocalStorage</dfn> {
<span>obtain the storage mutex</span>.</p>


<!--ADD-TOPIC:Security-->
<h6 id="security-localStorage">Security</h6>

<p>For the purposes of this section, a <code>Storage</code> object originally returned by a <code
title="dom-localStorage">localStorage</code> attribute is a <dfn>protected <code>Storage</code>
object</dfn>.</p>

<p>For the purposes of this section, the <dfn>original origin</dfn> of a <span>protected
<code>Storage</code> object</span> is the <span>origin</span> of the <code>Document</code> of the
<code>Window</code> object on which the <code title="dom-localStorage">localStorage</code>
attribute that returned the <code>Storage</code> object was accessed.</p>

<p>User agents must throw a <code>SecurityError</code> exception whenever any properties of a
<span>protected <code>Storage</code> object</span> are accessed when the <span>incumbent
script</span> has an <span>effective script origin</span> that is not the <span title="same
origin">same</span> as the <span>original origin</span> of that <code>Storage</code> object.</p>

<p>When the <span>incumbent script</span>'s <span>effective script origin</span> is different than
a <span>protected <code>Storage</code> object</span>'s <span>original origin</span>, the user
agent must act as if any changes to that <code>Storage</code> object's properties, getters,
setters, etc, were not present, and as if all the properties of that <code>Storage</code> object
had their [[Enumerable]] attribute set to false.</p>

<p class="note">This means <code>Storage</code> objects are neutered
when the <code title="dom-document-domain">document.domain</code>
attribute is used.</p>
<!--REMOVE-TOPIC:Security-->



<h5>The <code title="event-storage">storage</code> event</h5>

<p>The <dfn title="event-storage"><code>storage</code></dfn> event is fired on a
Expand Down

0 comments on commit 45d8c49

Please sign in to comment.