W3C home > Mailing lists > Public > whatwg@whatwg.org > December 2008

[whatwg] When closing the browser

From: Bil Corry <bil@corry.biz>
Date: Fri, 12 Dec 2008 17:30:05 -0600
Message-ID: <4942F3FD.1070704@corry.biz>
Ian Hickson wrote on 12/12/2008 5:11 PM: 
> On Fri, 12 Dec 2008, Bil Corry wrote:
>>> Why do session cookies not address this already?
>> They do to some extent.  You can choose to make the session life 
>> shorter, increasing security but potentially logging the user out before 
>> they're ready OR you can choose to make the session life longer, 
>> decreasing security but allowing the user more time.
> I don't mean short cookie times, I mean literally session cookies, that 
> expire at the end of the session.

But don't they persist until the entire browser is closed?  They'd be perfect if they were removed once all tabs/windows to the site were closed.

> sessionStorage (from HTML5) might also help with this; it's limited to 
> the lifetime of the tab that it was used in.

That could work too.

>> Or maybe it'd be better if non-persistent cookies are removed once the 
>> user no longer has an open tab to the site, instead of using a 
>> JavaScript-based solution.
> This could be done now; I recommend bringing this up with browser vendors 
> as a feature request.

Thanks, it may be something to pursue.

- Bil
Received on Friday, 12 December 2008 15:30:05 UTC

This archive was generated by hypermail 2.3.1 : Monday, 13 April 2015 23:08:46 UTC