HTML5 has come up with several APIs and one of them is File System API (http://www.w3.org/TR/file-system-api/). Browsers are implementing it and it is covering both directories and files under this API. Hence, now web application can create a mini file system and dump files inside the browser. These files can be accessed at any point in time by the browser with the same domain context. These files can be permanent or temporary. The browser is acting like a mini OS and exposing the surface. If XSS is found it is easy to extract full file system created by the application.
For example, if an application has created a token file on the file system using the API. We can see files by following URI on chrome.
In above figure we can see files are being created in the browser. Now assuming XSS is found, it is easy to exploit by hooking into the file system and extracting the content. Following code can be part of the access routine.