[whatwg] Private browsing vs. Storage and Databases
Jonas Sicking
jonas at sicking.cc
Tue Apr 7 18:58:38 PDT 2009
2009/4/7 Ian Fette (イアンフェッティ) <ifette at google.com>:
> 2009/4/7 Jonas Sicking <jonas at sicking.cc>
>>
>> 2009/4/7 Ian Fette (イアンフェッティ) <ifette at google.com>:
>> > In Chrome/Chromium, "incognito" mode is basically a new profile that is
>> > in
>> > memory (plus or minus... the cache will never get written out to disk,
>> > although of course the memory pages could get swapped out and hit the
>> > disk
>> > that way...). The implication is that, for many of these features,
>> > things
>> > could just naturally get handled. That is, whilst the session is active,
>> > pages can still use a database / local storage / ... / and at the end of
>> > the
>> > session, when that profile is deleted, things will go away. I personally
>> > like that approach, as there may be legitimate reasons to want to use a
>> > database even for just a single session. (Perhaps someone wants to edit
>> > a
>> > spreadsheet and the spreadsheet app wants to use a database on the
>> > client as
>> > a backing store for fast edits, I don't know...). I just don't like the
>> > idea
>> > of saying "Sorry, incognito/private/... means a class of pages won't
>> > work"
>> > if there's no reason it has to be that way.
>> > In short, I would prefer something closest to Option 3. It lets pages
>> > just
>> > work, but respects the privacy wishes of the user. (AppCache /
>> > persistent
>> > workers are the one exception where I think Option3 doesn't apply and we
>> > need to figure something out.)
>>
>> I do agree that there's still need for storing data while in private
>> browsing mode. So I do think it makes a lot of sense for
>> .sessionStorage to keep working.
>>
>> But I do have concerned about essentially telling a website that we'll
>> store the requested data, only to drop it on the floor as soon as the
>> user exits private browsing mode (or crashes).
>>
>> / Jonas
>
> Doesn't the website have to handle that anyways? I mean, I assume that all
> the browsers are going to allow users some way to "manage" this stuff, much
> like cache/cookies - e.g. you have to assume that at some point in time the
> user is going to blow you away. (Especially on mobile devices where space is
> more of a premium...)
It's different in that the user managing his data is an explicit
action on the users part. I.e. the user has to go to a place in the UA
and click a 'clear data' button. Users are more likely to expect that
this results in a half composed message disappearing than if the same
thing happens when exiting private browsing mode.
I think :)
/ Jonas
More information about the whatwg
mailing list