- From: Michael Nordman <michaeln@google.com>
- Date: Tue, 25 Aug 2009 15:31:40 -0700
The statement in section 4.3 doesn't appear to specify any behavior... its just an informational statement. The statement in section 6.1 suggests to prohibit the development of a UI that mentions local storage as a distinct repository seperate from cookies. This doesn't belong in the spec imho. I think both of these statements should be dropped from the spec. Ultimately I think UAs will have to prop up out-of-band permissioning schemes to make stronger guarantees about how long lived 'local data' that accumulates really is. On Tue, Aug 25, 2009 at 3:19 PM, Aaron Boodman <aa at google.com> wrote: > On Tue, Aug 25, 2009 at 2:44 PM, Jeremy Orlow<jorlow at chromium.org> wrote: > > Ok, well I guess we should go ahead and have this discussion now. :-) > Does > > anyone outside of Apple and Google have an opinion on the matter (since I > > think it's pretty clear where we both stand). > > FWIW, I tend to agree more with the Apple argument :). I agree that > the multiple malicious subdomains thing is unfortunate. Maybe the > quotas should be per eTLD instead of -- or in addition to -- > per-origin? Malicious developers could then use multiple eTLDs, but at > that point there is a real cost. > > Extensions are an example of an application that is less cloud-based. > It would be unfortunate and weird for extension developers to have to > worry about their storage getting tossed because the UA is running out > of disk space. > > It seems more like if that happens the UA should direct the user to UI > to free up some storage. If quotas were enforced at the eTLD level, > wouldn't this be really rare? > > - a > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.whatwg.org/pipermail/whatwg-whatwg.org/attachments/20090825/7486cdb2/attachment.htm>
Received on Tuesday, 25 August 2009 15:31:40 UTC