W3C home > Mailing lists > Public > whatwg@whatwg.org > December 2008

[whatwg] When closing the browser

From: Ian Hickson <ian@hixie.ch>
Date: Fri, 12 Dec 2008 23:11:55 +0000 (UTC)
Message-ID: <Pine.LNX.4.62.0812122242470.30197@hixie.dreamhostps.com>
On Fri, 12 Dec 2008, Bil Corry wrote:
> >
> > Why do session cookies not address this already?
> 
> They do to some extent.  You can choose to make the session life 
> shorter, increasing security but potentially logging the user out before 
> they're ready OR you can choose to make the session life longer, 
> decreasing security but allowing the user more time.

I don't mean short cookie times, I mean literally session cookies, that 
expire at the end of the session.

sessionStorage (from HTML5) might also help with this; it's limited to 
the lifetime of the tab that it was used in.


> Or maybe it'd be better if non-persistent cookies are removed once the 
> user no longer has an open tab to the site, instead of using a 
> JavaScript-based solution.

This could be done now; I recommend bringing this up with browser vendors 
as a feature request.

-- 
Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'
Received on Friday, 12 December 2008 15:11:55 UTC

This archive was generated by hypermail 2.3.1 : Monday, 13 April 2015 23:08:46 UTC