[Webkit-unassigned] [Bug 63257] When blocking localStorage, Firefox throws a security exception on access, and maybe so should we
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Sep 14 01:09:23 PDT 2012
https://bugs.webkit.org/show_bug.cgi?id=63257
--- Comment #16 from Dan Carney <dcarney at google.com> 2012-09-14 01:09:50 PST ---
(In reply to comment #15)
> > > Source/WebCore/storage/StorageAreaImpl.cpp:111
> > > + if (frame->page()->settings()->privateBrowsingEnabled())
> >
> > It looks like local and session storage are no longer accessible when 'private browsing' under any circumstances.
>
> Actually, they already aren't available under "private browsing" in any circumstance.
>
> I'm okay with this patch with regards to 3rd-party storage blocking resulting in these exceptions to match Firefox.
>
> But I think it would be unwise to start throwing the exceptions when in private browsing... as that announces to the website that the user is in private browsing!!!
Yes, that makes sense. I'll leave the private browsing check exactly as is, and add an additional check called canAccessStorage which will allow implementation specific security exceptions to be thrown.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list