[whatwg] Web Storage: apparent contradiction in spec

Brady Eidson beidson at apple.com
Wed Aug 26 21:13:14 PDT 2009

I understand you want the web to be safe.  I do too, and I think we  
all do.

It never has been, it currently isn't, but it's better.  The situation  
has been improving for many years.

I'm not convinced that the idea of guaranteed persistent storage  
inherently takes us backwards.

I think the current language in the spec (and whatever language we  
eventually settle on) allows user agents the flexibility to implement  
their own extra restrictions to accommodate its idea of "safe" while  
still guaranteeing the persistence of data it has claimed to store  

I am convinced that if we change the language to solidify that  
LocalStorage is just a cache, we're discounting its use in offline web  
applications and the other examples of applications that desire local,  
persistent state and do not want a server/cloud component.  We'd be  
driving these applications back to plug-ins, and I personally find  
that unacceptable.

If that's what we're doing, then we haven't actually gained much with  
LocalStorage and might as well drop it.


On Aug 26, 2009, at 8:23 PM, Linus Upson wrote:

> I simply want clicking on links to be safe. In a previous thread I  
> wrote "safe and stateless" but I'm coming to the opinion that  
> stateless is a corollary of safe. Clicking on links shouldn't,  
> either by filling my disk or hitting my global quota, someday lead  
> to a dialog which reads, "Please choose what to delete so that web  
> sites will continue to work." The candidate delete list will be  
> thousands long and hidden in that haystack will be a few precious  
> needles.
> I also want to avoid any [Yes] [No] dialogs. Can I do something  
> scary [Yes] [No]? Can I do something innocuous [Yes] [No]? Users  
> shouldn't be forced to make those kinds of safety judgements. I'm  
> guilty of instigating at least one of those dialogs. As shamed  
> politicians do I'll retreat to the passive voice: Mistakes were made.
> I'm not opposed to web apps manipulating files on the user's  
> computer, but the user should be in explicit control. I'd support  
> <input type="open"> and <input type="save"> that worked similarly to  
> <input type="file">. User agents are already registering for file  
> types so that double clicking a file with a certain extension can be  
> automatically sent to an URL, perhaps residing in an AppCache.
> In addition, I'd like to see the pop-up dialogs for the location API  
> removed. I find the "Can I know where you are?" dialogs on the  
> iPhone very annoying. Mistakes were made. Perhaps we can find a way  
> to make <input type="location"> work well instead.
> Linus
> On Wed, Aug 26, 2009 at 5:14 PM, Brady Eidson <beidson at apple.com>  
> wrote:
> I started writing a detailed rebuttal to Linus's reply, but by the  
> time I was finished, many others had already delivered more  
> targetted replies.
> So I'll cut the rebuttal format and make a few specific points.
>  - Many apps act as a "shoebox" for managing specific types of data,  
> and users are used to using these apps to manage that data  
> directly.  See iTunes, Windows Media Player, iPhoto, and desktop  
> mail clients as examples.  This trend is growing, not waning.   
> Browsers are already a "shoebox" for history, bookmarks, and other  
> types of data.
> Claiming that this data is "hidden" from users who are used to  
> handling obscure file management scenarios  and therefore we  
> shouldn't fully respect it is trying to fit in with the past, not  
> trying to make the future better.
>  - No one is suggesting that UAs not have whatever freedom they want  
> in deciding *what* or *how much* to store.  We're only suggesting  
> that once the UA has committed to storing it, it *not* be allowed to  
> arbitrarily purge it.
>  - One use of LocalStorage is as a cache for data that is transient  
> and non-critical in nature, or that will live on a server.  But  
> another, just-as-valid use of LocalStorage is for persistent,  
> predictable storage in the client UA that will never rely on  
> anything in the cloud.
>  - And on that note, if developers don't have faith that data in  
> LocalStorage is actually persistent and safe, they won't use it.
> I've given talks on this point 4 times in the last year, and I am  
> stating this as a fact, based on real-world feedback from actual,  
> real-world web developers:  If LocalStorage is defined in the  
> standard to be a purgable cache, developers will continue to use  
> what they're already comfortable with, which is Flash's LocalStorage.
> When a developer is willing to instantiate a plug-in just to  
> reliably store simple nuggets of data - like user preferences and  
> settings - because they don't trust the browser, then I think we've  
> failed in moving the web forward.
> I truly hope we can sway the "LocalStorage is a cache crowd."  But  
> if we can't, then I would have to suggest something crazy - that we  
> add a third Storage object.
> (Note that Jens - from Google - has already loosely suggested this)
> So we'd have something like:
> -SessionStorage - That fills the "per browsing context" role and  
> whose optionally transient nature is already well spec'ed
> -CachedStorage - That fills Google's interpretation of the  
> "LocalStorage" role in that it's global, and "will probably be  
> around on the disk in the future, maybe"
> -FileStorage - That fills Apple's interpretation of the  
> "LocalStorage" role in that it's global, and is as sacred as a file  
> on the disk (or a song in your media library, or a photo in your  
> photo library, or a bookmark, or...)
> The names are just suggestions at this point.
> ~Brady

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.whatwg.org/pipermail/whatwg-whatwg.org/attachments/20090826/141f6147/attachment-0002.htm>

More information about the whatwg mailing list