|
|
|
|
|
|
by sgbeal
1184 days ago
|
|
|
> So it is a sandboxed, abstract filesystem, not rw access to my actual filesystem? It's sandboxed storage which lives in your filesystem but is only available via the browser and is sandboxed on a per-HTTP-origin basis. That makes it impossible[^1], e.g., for x.y.com to sideload data into, or exfiltrate from, y.z.com. How the files are actually stored on your filesystem is not defined by the in-progress standards doc, but they are not stored as-is because doing so would open them up to security issues from out-of-browser sources, as well as potential file-locking problems from out-of-browser apps. [^1]: Edit: as a responder points out: "impossible" for a given value of "impossible" |
|
|
It actually barely does. Spec does not require the OPFS to be browsable in the OS's filesystem. I believe all three browsers implement OPFS as a single opaque blob on disk per origin, kind of like a zip archive.
> While browsers typically implement this by persisting the contents of the OPFS to disk somewhere, it is not intended that the contents be easily user-accessible. While the browser might make it seem that there are files, they might be stored in a database or any other data structure. You cannot expect to find the created files matched one-to-one somewhere on the hard disk.
I would guess this makes it much harder to escape the sandbox filesystem if you're not actually in the filesystem in the first place.