[whatwg] Web Storage: apparent contradiction in spec

Thu Aug 27 10:43:41 PDT 2009

On Wed, Aug 26, 2009 at 8:23 PM, Linus Upson<linus at google.com> wrote:
> I simply want clicking on links to be safe. In a previous thread I wrote
> "safe and stateless" but I'm coming to the opinion that stateless is
> a corollary of safe. Clicking on links shouldn't, either by filling my disk
> or hitting my global quota, someday lead to a dialog which reads, "Please
> choose what to delete so that web sites will continue to work." The
> candidate delete list will be thousands long and hidden in that haystack
> will be a few precious needles.

I see what you're saying. If the web is able to use local storage and
UAs aren't allowed to prune it, then the storage used by web browsers
tends to grow forever.  If you want the web to continue to be
completely stateless, there is no way around this.

On Thu, Aug 27, 2009 at 10:18 AM, Erik Kay<erikkay at google.com> wrote:
> I also think this thread is jumping to hyperbole about how the UA
> would be deleting data arbitrarily.  Reasonable cache eviction
> algorithms won't cause much of a problem here.  Do you use offline
> email all of the time?  Guess what?  It won't be evicted.  Did you
> recently make change to an offline document that you didn't sync?  It
> won't be evicted.  The things that are problematic are the things
> which are accessed infrequently yet only exist in this local storage.
> See my argument above for why I think local storage isn't a great
> solution to offline only data anyway.

I agree you could get 95% of the way there. But I can prove that this
problem will happen in the real world. All I have to do is have a user
with a small enough disk (an iPhone) and enough applications storing
precious data. No amount of heuristics will stop the UA from either
accidentally deleting something the user wanted, or asking the user to
choose something to delete in this case.

On Thu, Aug 27, 2009 at 10:18 AM, Erik Kay<erikkay at google.com> wrote:
> What kinds of applications do people write against non-prompted Flash
> storage?  As far as I can tell, it's used as a way to store cookies
> that are less likely to be deleted.  It's not for data that the user
> would define as precious.  How do I get data out of Flash storage?
> How do I back it up?  Nobody does because they don't care and there
> isn't a use case driving this need today.  The data isn't precious.

Sure, but we're only having this conversation at all because we
believe that the existing technology isn't meeting some use cases.
People want to build offline applications based on web technology, and
those apps tend to want to store data persistently and have it be
treated as precious.

If you accept this use case exists, and you accept that it is not
possible for a UA to automatically make this decision, then we're just
left with how to get the user involved.

I think we are seeing, again, that there needs to be a difference
between "installed" apps built on the web platform and the web as it
is today. The web we know and love is stateless and should stay that
way. Installed apps have state, and have to be actively managed by
users.

In that world, I think that the spec should be silent on what promises
the UA makes wrt the data. It will be client-type-dependent.

- a