- From: Dennis Cheung <notifications@github.com>
- Date: Thu, 20 Apr 2017 10:15:59 -0700
- To: w3c/IndexedDB <IndexedDB@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Thursday, 20 April 2017 17:16:56 UTC
Nice to learn about async-cookies-api, never heard of it before. BTW, I do believe nobody should explicitly encrypt their content manually in indexedDB, neither cookie, json, jpeg, html or any text content serve over HTTPS. But if anyone, or any existing browser, believe ending an HTTPS session should void the cached resources of those URLs. The dividing/generated content from these URL should be voided too. As far as I know, most browsers (correct me if it is IE only or old decade) will delete those cached HTTPS resources, or just ignore them on next relaunch. Many internet bankings still suggest you to close the browser after logout to avoid history / cache leak. On second thought, we need a different API to teach browser what to flush on session end, and another API to fire the event. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/IndexedDB/issues/191#issuecomment-295821656
Received on Thursday, 20 April 2017 17:16:56 UTC