[whatwg] Web Storage: apparent contradiction in spec

Aryeh Gregor Simetrical+w3c at gmail.com
Thu Aug 27 08:41:14 PDT 2009


On Thu, Aug 27, 2009 at 10:47 AM, Maciej Stachowiak<mjs at apple.com> wrote:
> That makes sense to me. There might even be more than two categories:
> - Cached for convenience - discarding this will affect performance but not
> functionality.
> - Useful for offline use - discarding this will prevent some data from being
> accessed when offline.
> - Critical for offline use - discarding this will prevent the app storing
> this data from working offline at all.
> - Critical user data - discarding this will lead to permanent user data
> loss.

I don't see the utility in this level of granularity.  Two levels seem
fine: delete at will as long as the app isn't actually running, and
never delete once stored without explicit user action.

On Thu, Aug 27, 2009 at 10:52 AM, Adrian Sutton<adrian.sutton at ephox.com> wrote:
> The only catch being that if the web app decides this for itself, a
> malicious script or tracking cookie will be marked as critical user data
> when in fact the user would disagree.

"Dispose when you feel like it" storage doesn't provide any better
protection for the user -- the site can always reset it regularly when
the user visits.  Cookies are already widely used for tracking, and
work fine.  Flash localStorage is used for tracking mainly because
users don't know how to clear it, I suspect, not because it's more
persistent than cookies in practice.  (One of the many reasons HTML 5
needs to kill Flash.)

On Thu, Aug 27, 2009 at 11:10 AM, Chris
Taylor<Chris.Taylor at figureout.com> wrote:
> This seems to me a better idea than having multiple storage areas (SessionStorage, CachedStorage and FileStorage as suggested by Brady). However this could lead to even more evil dialogs: "Do you want to save this data? Is it important? How important is it?" The user - and for that matter, the app or UA - doesn't necessarily know how critical a piece of data is.

The decision needs to be made by the app.  The app knows whether it's
just doing caching, or needs persistence.  The UA doesn't know, and
nor does the user.

I expect that as with cookies, the default in most browsers would be
to let the app decide how long it wants to store the data with no user
interaction, but privacy-aware users would be able to get more
control.  I also think it's clear that localStorage would not persist
after things like exiting privacy mode, or logging out of a public
terminal (if correctly configured), or clicking a "clear private data"
button (if that also cleared bookmarks/history/etc.).  Nobody's saying
"store forever", just "don't delete except by explicit user request".

> So, to what extent do people think that automatic decisions could be made by the UA and app regarding the criticality of a particular piece of data?

I think "criticality" is the wrong word to use.  "Persistence" is
better.  Persistent data may be unimportant, and transient data may be
critical.



More information about the whatwg mailing list