[whatwg] Private browsing vs. Storage and Databases
jonas at sicking.cc
Tue Apr 7 17:57:29 PDT 2009
2009/4/7 Ian Fette (イアンフェッティ) <ifette at google.com>:
> In Chrome/Chromium, "incognito" mode is basically a new profile that is in
> memory (plus or minus... the cache will never get written out to disk,
> although of course the memory pages could get swapped out and hit the disk
> that way...). The implication is that, for many of these features, things
> could just naturally get handled. That is, whilst the session is active,
> pages can still use a database / local storage / ... / and at the end of the
> session, when that profile is deleted, things will go away. I personally
> like that approach, as there may be legitimate reasons to want to use a
> database even for just a single session. (Perhaps someone wants to edit a
> spreadsheet and the spreadsheet app wants to use a database on the client as
> a backing store for fast edits, I don't know...). I just don't like the idea
> of saying "Sorry, incognito/private/... means a class of pages won't work"
> if there's no reason it has to be that way.
> In short, I would prefer something closest to Option 3. It lets pages just
> work, but respects the privacy wishes of the user. (AppCache / persistent
> workers are the one exception where I think Option3 doesn't apply and we
> need to figure something out.)
I do agree that there's still need for storing data while in private
browsing mode. So I do think it makes a lot of sense for
.sessionStorage to keep working.
But I do have concerned about essentially telling a website that we'll
store the requested data, only to drop it on the floor as soon as the
user exits private browsing mode (or crashes).
More information about the whatwg