[whatwg] When closing the browser

Ian Hickson wrote on 12/12/2008 5:11 PM: 
> On Fri, 12 Dec 2008, Bil Corry wrote:
>>> Why do session cookies not address this already?
>> They do to some extent.  You can choose to make the session life 
>> shorter, increasing security but potentially logging the user out before 
>> they're ready OR you can choose to make the session life longer, 
>> decreasing security but allowing the user more time.
> 
> I don't mean short cookie times, I mean literally session cookies, that 
> expire at the end of the session.

But don't they persist until the entire browser is closed?  They'd be perfect if they were removed once all tabs/windows to the site were closed.



> sessionStorage (from HTML5) might also help with this; it's limited to 
> the lifetime of the tab that it was used in.

That could work too.


>> Or maybe it'd be better if non-persistent cookies are removed once the 
>> user no longer has an open tab to the site, instead of using a 
>> JavaScript-based solution.
> 
> This could be done now; I recommend bringing this up with browser vendors 
> as a feature request.

Thanks, it may be something to pursue.


- Bil

Received on Friday, 12 December 2008 15:30:05 UTC