W3C home > Mailing lists > Public > public-webapps@w3.org > October to December 2012

Re: [quota-api] Need for session storage type

From: Tobie Langel <tobie@fb.com>
Date: Mon, 5 Nov 2012 14:15:10 +0000
To: Eric U <ericu@google.com>, Brady Eidson <beidson@apple.com>
CC: Kinuko Yasuda <kinuko@chromium.org>, "public-webapps@w3.org WG" <public-webapps@w3.org>
Message-ID: <F9981AFB970564408FEB7DFCF62D440843697F76@SC-MBX01-4.TheFacebook.com>
On 10/31/12 6:03 PM, "Eric U" <ericu@google.com> wrote:

>I think the bigger question is "What's a session"?
>Does it end if I:
>
>	* close the window?
>	* close the last window in this origin?
>	* close the last window in this browser profile?
>	* quit the browser?
>		- With or without "continue where I left off"/"load my same windows
>from last time"?
>		- Due to an update that caused a restart?
>		- Due to a crash, with automatic crash recovery?
>	* switch to another app on my phone/tablet?
>	* use enough other apps on my phone/tablet that the browser gets
>purged from memory?
>
>I doubt browsers are consistent in all these situations, given that
>current Chrome doesn't behave the same as the Chrome of a year ago.
>So saying "it should act like session cookies" doesn't work.

It seems there would/could be value in determining precisely what a
session is, and/or coming up with an API to allow application developers
to close sessions on a per origin basis and benefit from related
security/privacy guarantees (wiping-out session storage, cookies, etc.).

--tobie
Received on Monday, 5 November 2012 14:20:32 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:55 GMT