[whatwg] Private browsing vs. Storage and Databases
Ian Fette (イアンフェッティ)
ifette at google.com
Tue Apr 7 18:19:19 PDT 2009
Yeah, but my argument is more that Incognito / Private / whatever is like
starting from a boot cdrom with a filesystem that's in memory. The OS isn't
pretending, nobody's lying to the app, that's just the way it is.
I think Michael summarized it well -
Copying it over and making it read-only violates privacy concerns.
Turning it off entirely removes functionality when it could perhaps be
I think that doing option 3, and perhaps providing a way for the app to know
that we're in this mode so it can do whatever is appropriate (saving to the
cloud more frequently, just not using localstorage all together, whatever is
right for that app) solves those problems.
On Tue, Apr 7, 2009 at 6:16 PM, Brady Eidson <beidson at apple.com> wrote:
> A user can, at any time, delete application resources from their file
> system while the application is in use, or before the application's next
> launch. They will suffer the consequences of their own action.
> The operating system probably shouldn't chose to do so on its own, the same
> way the OS shouldn't chose to pretend a file is safely on disk when it's
> On Apr 7, 2009, at 6:12 PM, Ian Fette (イアンフェッティ) wrote:
> And as of right now, afaict, a user / user agent can prune a database and
> not be in violation of the database spec :)
> On Tue, Apr 7, 2009 at 6:11 PM, Brady Eidson <beidson at apple.com> wrote:
>> On Apr 7, 2009, at 6:09 PM, Ian Fette (イアンフェッティ) wrote:
>>> I strongly share Jonas' concern that we'd tell web applications that
>>> we're storing there data when we already know we're going to dump it later.
>>> For 3 and 4 both, we're basically lying to the application and therefore
>>> the user. Imagine a scenario where a user has no network connection and
>>> unknowingly left their browser in private browsing mode. Email, documents,
>>> financial transactions, etc could all be "saved" locally then later thrown
>>> away before they've had a chance to sync to a server.
>> The same argument could be made for retaining cookies set during private
>> browsing ;-)
>> I disagree, as cookies are already specified to be of unspecified
>> persistence. I believe a user agent can - at any time - prune cookies from
>> it's cookie store and not be in violation of the cookies spec.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the whatwg