[whatwg] Web Storage: apparent contradiction in spec

[Tab Atkins Jr.]

On Thu, Sep 3, 2009 at 5:59 PM, Peter Kasting<pkasting at google.com> wrote:
> On Thu, Sep 3, 2009 at 3:55 PM, Tab Atkins Jr. <jackalmage at gmail.com> wrote:
>> You may have missed the part where Ian said that, to protect their
>> user's privacy, browsers *must* clear cookies and LocalStorage at the
>> same time.
>
> Wrong.  This is precisely what I argued that the spec didn't say, and (in
> agreement) Ian changed the spec so people wouldn't misinterpret it by
> thinking it said this.  This is the precise reason why I don't understand
> what you're arguing about.

10 hours ago, Hixie said:
> The fact that local storage can be used for cookie resurrection means we
> have to make sure that clearing one clears the other. Anything else would
> be a huge privacy issue (just as Flash has been).

There are a few other remarks in line with this from that email and a
subsequent one.

If this doesn't imply that LocalStorage in practice will thus become
an ephemeral storage mechanism that is easy for users to accidentally
blow away, and thus will be too unreliable for anything beyond a
supercookie, then I'd like clear statements to that effect.  As it is,
theoretical assurances that it's all going to be okay aren't adequate
- if any browser *actually* made cookie-clearing *automatically* also
clear LocalStorage, we authors can't rely on it.

Providing the *option* to blow away everything at once is fine, if
notated properly in the UI.  *Automatically* doing so, as Hixie
strongly appears to be suggesting browsers should do, is not.

~TJ