W3C home > Mailing lists > Public > public-webapps@w3.org > October to December 2012

Re: [quota-api] Need for session storage type

From: Tobie Langel <tobie@fb.com>
Date: Mon, 5 Nov 2012 18:09:34 +0000
To: Brady Eidson <beidson@apple.com>
CC: Eric U <ericu@google.com>, Kinuko Yasuda <kinuko@chromium.org>, "public-webapps@w3.org WG" <public-webapps@w3.org>
Message-ID: <F9981AFB970564408FEB7DFCF62D4408436981FB@SC-MBX01-4.TheFacebook.com>
On 11/5/12 6:47 PM, "Brady Eidson" <beidson@apple.com> wrote:

>
>> And/or coming up with an API to allow application developers
>> to close sessions on a per origin basis and benefit from related
>> security/privacy guarantees (wiping-out session storage, cookies, etc.).
>
>Sites can already clean up individual session-ey nuggets on a
>case-by-case basis.
>
>I'm not sure I like the idea of giving them the nuclear option as they'll
>just start using that liberally instead of thinking things through.  This
>could cause excess i/o and/or lock contention where such semantics are
>defined.

Nuclear options have privacy guarantees which other options don't have.
That's also something to consider.

--tobie
Received on Monday, 5 November 2012 18:09:59 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:55 GMT