Jerason Banes wrote:
That effectively restricts the storage to a single domain and is in line
with how cookies work today.
Yes, it does. But I don't think I have been insufficiently clear.
My issue is not with the idea of DOM Storage as a whole, but with the
idea of sharing information across sites - which requires this global
storage.
I wasn't able to find any docs that describe the Storage security model
used in Gecko, so I ran a few tests. What I found was that any attempt
to access globalStorage[''] or globalStorage['com'] from the context of
a website resulted in a security error. You can try the test for
yourself here:
http://java.dnsalias.com/temp/storage.html
I suspect it might use, or be planning to use, the Effective TLD
service, which provides information necessary to implement the scheme
you referenced above.
Is there a document somewhere outlining the actual benefits of this
feature, even as potentially restricted?
The specification has this explanation: "Web applications may wish to
store megabytes of user data, such as entire user-authored documents or
a user's mailbox, on the clientside for performance reasons."
To restate more clearly: "Is there a document somewhere outlining the
actual benefits of being able to share data across domains?"
Gerv
