Tab expressed my thoughts on this issue much better than I ever could. I did want to follow up with a couple of notes.<br><br>I think the #1 goal for incognito mode has to be "maximum compatibility" - let sites continue to work, which kills options #1 & 2.<br>
A secondary goal for incognito mode would be "don't let sites know the user is in incognito mode" - this kills approach #1 and #5, and possibly #2 (depending on whether there are significant non-incognito use cases that also have 0 local storage quota).<br>
<br>Given those goals, it seems like it leaves items #3 and #4 as the only reasonable solutions. Yes, you can construct tortured scenarios where the user enters data *while in incognito mode* which he expects to continue to persist beyond incognito mode - I just don't see this as a serious problem.<br>
<br>-atw<br><br><div class="gmail_quote">On Tue, Apr 7, 2009 at 7:28 PM, Tab Atkins Jr. <span dir="ltr"><<a href="mailto:jackalmage@gmail.com">jackalmage@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div><div></div><div class="h5"><br>
</div></div>Having read the thread, as both a user and an amateur author, I think<br>
#3 or #4 are the most reasonable. All of the others are going to<br>
break sites and provide bad user experiences.<br>
<br>
There's really no way to argue this. Most authors are idiots (just<br>
like most users are idiots). They'll use exactly as much of a feature<br>
as they need, and nothing more. They won't read standards, and they<br>
won't check for errors. #1 will *obviously* break things, especially<br>
if accesses to LocalStorage throw during private browsing. #5 will<br>
put applications in an inconsistent state pretty quickly, as they<br>
assume their writes were successful. #2 is probably the most<br>
pernicious, as it will bite users hardest when the author is *just*<br>
smart enough to do some basic error checking (such as testing for<br>
quota size) before they start to use LocalStorage.<br>
<br>
Those three, each in their own way, feel more technically correct than<br>
#3 and #4, and so I perfectly understand why they seem attractive to<br>
implementors. But they *will* cause serious problems for users, and<br>
they *will* prevent people from using private browsing on<br>
badly-designed LocalStorage/Database-using sites (which will be a<br>
large percentage of them).<br>
<br>
#3 and #4 are the realistic solutions here, both of which address the<br>
problem while acknowledging the limitations of common author<br>
abilities. Which one is chosen is largely a matter of preference, and<br>
aren't that significant.<br>
<font color="#888888"><br>
~TJ<br>
</font></blockquote></div><br>