--- html5/webdatabase/Overview.html 2009/10/27 08:15:05 1.42 +++ html5/webdatabase/Overview.html 2010/05/12 01:17:21 1.87 @@ -1,4 +1,4 @@ -Web Database
+ body.dfnEnabled dfn { cursor: pointer; } + .dfnPanel { + display: inline; + position: absolute; + z-index: 10; + height: auto; + width: auto; + padding: 0.5em 0.75em; + font: small sans-serif, Droid Sans Fallback; + background: #DDDDDD; + color: black; + border: outset 0.2em; + } + .dfnPanel * { margin: 0; padding: 0; font: inherit; text-indent: 0; } + .dfnPanel :link, .dfnPanel :visited { color: black; } + .dfnPanel p { font-weight: bolder; } + .dfnPanel * + p { margin-top: 0.25em; } + .dfnPanel li { list-style-position: inside; } + + #configUI { position: absolute; z-index: 20; top: 10em; right: 1em; width: 11em; font-size: small; } + #configUI p { margin: 0.5em 0; padding: 0.3em; background: #EEEEEE; color: black; border: inset thin; } + #configUI p label { display: block; } + #configUI #updateUI, #configUI .loginUI { text-align: center; } + #configUI input[type=button] { display: block; margin: auto; } +

W3C

-

Web Database

-

W3C Working Draft 27 October 2009

+

Web SQL Database

-
This Version:
-
http://www.w3.org/TR/2009/WD-webdatabase-20091027/
-
Latest Published Version:
+

Editor's Draft 12 May 2010

+
Latest Published Version:
http://www.w3.org/TR/webdatabase/
Latest Editor's Draft:
http://dev.w3.org/html5/webdatabase/
-
Previous Versions:
-
http://www.w3.org/TR/2009/WD-webdatabase-20090423/ - :ZZZ --> +
http://www.w3.org/TR/2009/WD-webstorage-20090423/ +
http://www.w3.org/TR/2009/WD-webdatabase-20091029/
+
Editors:
Ian Hickson, Google, Inc.

Copyright - © 2009 W3C® (MIT, ERCIM, Keio), All Rights Reserved. W3C @@ -192,7 +205,7 @@ and document use rules apply.

Abstract

This specification defines an API for storing data in databases - that can be queried using a variant of SQL.

Status of this document

This section describes the status of this document at the + that can be queried using a variant of SQL.

Status of This document

This section describes the status of this document at the time of its publication. Other documents may supersede this document. A list of current W3C publications and the most recently formally published revision of this technical report can be found in @@ -207,7 +220,7 @@ archives), - or submit them using our + or submit them using our public bug database. All feedback is welcome.

Implementors should be aware that this specification is not @@ -216,7 +229,16 @@ under them in incompatible ways. Vendors interested in implementing this specification before it eventually reaches the Candidate Recommendation stage should join the aforementioned - mailing lists and take part in the discussions.

The latest stable version of the editor's draft of this + mailing lists and take part in the discussions.

This specification has reached an impasse: all + interested implementors have used the same SQL backend (Sqlite), but + we need multiple independent implementations to proceed along a + standardisation path. Until another implementor is interested in + implementing this spec, the description of the SQL dialect has been + left as simply a reference to Sqlite, which isn't acceptable for a + standard. Should you be an implementor interested in implementing an + independent SQL backend, please contact the editor so that he can + write a specification for the dialect, thus allowing this + specification to move forward.

The latest stable version of the editor's draft of this specification is always available on the W3C CVS server. Change tracking for this document is available at the following location:

The W3C Web Apps Working Group is the W3C working group responsible for this specification's progress along the W3C Recommendation track. - This specification is the 10 September 2009 First Public Working Draft. + This specification is the 12 May 2010 Editor's Draft.

This document was produced by a group operating under the 5 February 2004 W3C Patent Policy. W3C maintains a public list of any patent disclosures made in connection with the deliverables @@ -241,7 +263,7 @@ patent. An individual who has actual knowledge of a patent which the individual believes contains Essential Claim(s) must disclose the information in accordance with section - 6 of the W3C Patent Policy.

Table of contents

+ 6 of the W3C Patent Policy.

Table of Contents

  1. 1 Introduction
    2. @@ -268,7 +290,7 @@
    1. 7.1 User tracking
    2. 7.2 Sensitivity of data
    -
  2. 8 Security +
  3. 8 Security
    1. 8.1 DNS spoofing attacks
    2. 8.2 Cross-directory attacks
      3. @@ -353,13 +375,21 @@ prepareDatabase(function(db) { agents.

      User agents may impose implementation-specific limits on otherwise unconstrained inputs, e.g. to prevent denial of service attacks, to guard against running out of memory, or to work around - platform-specific limitations.

      2.1 Dependencies

      This specification relies on several other underlying - specifications.

      HTML5
      + platform-specific limitations.

      When support for a feature is disabled (e.g. as an emergency + measure to mitigate a security problem, or to aid in development, or + for performance reasons), user agents must act as if they had no + support for the feature whatsoever, and as if the feature was not + mentioned in this specification. For example, if a particular + feature is accessed via an attribute in a Web IDL interface, the + attribute itself would be omitted from the objects that implement + that interface — leaving the attribute on the object but + making it return null or throw an exception is insufficient.

      2.1 Dependencies

      This specification relies on several other underlying + specifications.

      HTML
      -

      Many fundamental concepts from HTML5 are used by this - specification. [HTML5]

      +

      Many fundamental concepts from HTML are used by this + specification. [HTML]

      @@ -442,6 +472,10 @@ interface Dat +

    3. If origin is not a scheme/host/port + tuple, then throw a SECURITY_ERR exception and abort + these steps.

      4. +

    4. If the database version provided is not the empty string, and there is already a database with the given name from the origin origin, but the database has a different @@ -519,17 +553,17 @@ interface Dat

    5. -

      Replace each ? placeholder with the value - of the argument in the arguments array with - the same position. (So the first ? - placeholder gets replaced by the first value in the arguments array, and generally the nth ? placeholder gets - replaced by the nth value in the arguments array.)

      - -

      Substitutions for ? - placeholders are done at the literal level, not as string - concatenations, so this provides a way to dynamically insert - parameters into a statement without risk of a SQL injection - attack.

      +

      Bind each ? placeholder with the value of + the argument in the arguments array with the + same position. (So the first ? placeholder + gets bound to the first value in the arguments + array, and generally the nth ? placeholder gets bound to the nth value in the arguments + array.)

      + +

      Binding the ? placeholders + is done at the literal level, not as string concatenations, so + this provides a way to dynamically insert parameters into a + statement without risk of a SQL injection attack.

      The result is the statement.

      @@ -772,14 +806,13 @@ interface changeVersion() + the transaction and, if that succeeds, run the postflight + operation. If the commit fails, then instead jump to the last + step. (This is basically a hook for the changeVersion() method.)

      -

      Otherwise: commit the transaction and run the postflight - operation. If an error occurred in the committing of the - transaction, jump to the last step.

      +

      Otherwise: commit the transaction. If an error occurred in the + committing of the transaction, jump to the last step.

      6. @@ -789,8 +822,8 @@ interface SQLError object that represents the last error to have occurred in this transaction. Rollback the transaction. Any still-pending statements in the transaction are discarded. @@ -954,14 +987,18 @@ interface S zero (querying the database doesn't affect any rows).

      The rows attribute must return a SQLResultSetRowList representing the rows returned, in the order returned by the - database. If no rows were returned, then the object will be empty - (its length will - be zero).

      interface SQLResultSetRowList {
+  database. The same object must be returned each time. If no rows
+  were returned, then the object will be empty (its length will be
+  zero).
      interface SQLResultSetRowList {
   readonly attribute unsigned long length;
   getter any item(in unsigned long index);
-};
      Implementors are encouraged to implement
-  SQLResultSetRowList objects lazily, or at least
-  asynchronously, for better performance.
      SQLResultSetRowList objects have a length
+};

      For the asynchronous API, implementors are + encouraged to prefetch all the data for + SQLResultSetRowList objects when the object is + constructed (before the result set callback is invoked), rather than + on-demand, for better responsiveness. For the synchronous API, an + on-demand lazy evaluation implementation strategy is encouraged + instead, for better performance.

      SQLResultSetRowList objects have a length attribute that must return the number of rows it represents (the number of rows returned by the database). This is the length.

      Fetching the length might be expensive, and authors are thus encouraged to avoid using it (or @@ -1069,8 +1106,9 @@ interface S A lock for the transaction could not be obtained in a reasonable time. -

      5 Web SQL

      Need to define the SQL dialect.

      6 Disk space

      User agents should limit the total amount of space allowed for - +

      5 Web SQL

      User agents must implement the SQL dialect supported by Sqlite 3.6.19.

      When converting bound arguments to SQL data types, the JavaScript + ToPrimitive abstract operation must be applied to obtain the raw + value to be processed. [ECMA262].

      6 Disk space

      User agents should limit the total amount of space allowed for databases.

      User agents should guard against sites storing data under the @@ -1088,6 +1126,7 @@ interface S stored in its client-side databases + to track a user across multiple sessions, building a profile of the user's interests to allow for highly targeted advertising. In conjunction with a site that is aware of the user's real identity @@ -1101,6 +1140,7 @@ interface S

      User agents may restrict access to the database objects + to scripts originating at the domain of the top-level document of the browsing context, for instance denying access to the API for pages from other domains running in @@ -1133,7 +1173,6 @@ interface S

      If users attempt to protect their privacy by clearing cookies without also clearing data stored in the - relevant databases, sites can defeat those attempts by using the two features as @@ -1147,12 +1186,14 @@ interface S

      Site-specific white-listing of access to databases +

      User agents may require the user to authorize access to databases before a site can use the feature.

      +
      @@ -1201,17 +1242,15 @@ interface S sensitive; it's quite possible for e-mails, calendar appointments, health records, or other confidential documents to be stored in this mechanism.

      To this end, user agents should ensure that when deleting data, - it is promptly deleted from the underlying storage.

      8 Security

      8.1 DNS spoofing attacks

      Because of the potential for DNS spoofing attacks, one cannot + it is promptly deleted from the underlying storage.

      8 Security

      8.1 DNS spoofing attacks

      Because of the potential for DNS spoofing attacks, one cannot guarantee that a host claiming to be in a certain domain really is from that domain. To mitigate this, pages can use SSL. Pages using SSL can be sure that only pages using SSL that have certificates identifying them as being from the same domain can access their - databases.

      8.2 Cross-directory attacks

      Different authors sharing one host name, for example users hosting content on geocities.com, all share one - set of databases. There is no feature to restrict the access by pathname. Authors on @@ -1242,46 +1281,37 @@ interface S there is little reason to allow Web authors to control the character encoding used in the disk representation of the data, as all data in JavaScript is implicitly UTF-16.

      8.5 SQL injection

      Authors are strongly recommended to make use of the ? placeholder feature of the executeSql() method, - and to never construct SQL statements on the fly.

      References

      All references are normative unless marked "Non-normative".

      [COOKIES]
      + and to never construct SQL statements on the fly.

      References

      All references are normative unless marked "Non-normative".

      [COOKIES]
      -
      HTTP State - Management Mechanism, A. Barth. IETF, August 2009.
      +
      HTTP State + Management Mechanism, A. Barth. IETF.
      [DOMCORE]
      Document Object Model (DOM) Level 3 Core Specification, A. Le Hors, P. Le Hegaret, L. Wood, G. Nicol, J. Robie, M. Champion, - S. Byrnes. W3C, April 2004.
      + S. Byrnes. W3C.
      [ECMA262]
      ECMAScript - Language Specification. ECMA, December 1999.
      + Language Specification. ECMA. -
      [HTML5]
      - -
      HTML5, - I. Hickson. WHATWG, August 2009.
      +
      [HTML]
      +
      HTML, + I. Hickson. WHATWG.
      [RFC2119]
      Key words for use in - RFCs to Indicate Requirement Levels, S. Bradner. IETF, March - 1997.
      + RFCs to Indicate Requirement Levels, S. Bradner. IETF.
      [SQL]
      The precise dialect has not yet been specified.
      @@ -1289,9 +1319,9 @@ interface S
      [WEBIDL]
      Web - IDL, C. McCormack. W3C, July 2009.
      + IDL, C. McCormack. W3C. -
      +