canmove, Confirmed users
639
edits
Firefox3.1/localStorage Security Review: Difference between revisions
Firefox3.1/localStorage Security Review (view source)
Revision as of 21:29, 24 March 2009
, 24 March 2009→Review comments
| Line 83: | Line 83: | ||
* use of globalStorage[] should put a deprecation warning on the error console. Probably just the first use per window to avoid perf problems (object creation). | * use of globalStorage[] should put a deprecation warning on the error console. Probably just the first use per window to avoid perf problems (object creation). | ||
* add default prefs to all.js for missing values (e.g. quota). | * add default prefs to all.js for missing values (e.g. quota). | ||
* Should we put a length limit on keys? It's counted in the quota so we think we're OK. | |||
* test both keys and values with embedded nulls | |||
* test both keys and values with invalid UTF-8 sequences and invalid UTF-16, including ending on partial sequences. | |||
* we feed UTF-16 to sqlite, make sure it handles this OK and converts to utf-8 OK. | |||