- From: Michael Nordman <michaeln@google.com>
- Date: Thu, 27 Aug 2009 08:32:13 -0700
And to confound the problem further, UAs dont have meta-data on hand with which to relate various pieces of local data together and attribute them to a specific user-identifiable 'application'. Everything is bound to a security-origin, but that doesn't clearly identify or label an 'application'. On Thu, Aug 27, 2009 at 8:10 AM, Chris Taylor <Chris.Taylor at figureout.com>wrote: > Adrian Sutton said: > > On 27/08/2009 15:47, "Maciej Stachowiak" <mjs at apple.com> wrote: > >> > >> - Cached for convenience - discarding this will affect performance but > not functionality. > >> - Useful for offline use - discarding this will prevent some data from > being accessed when offline. > >> - Critical for offline use - discarding this will prevent the app > storing this data from working offline at all. > >> - Critical user data - discarding this will lead to permanent user data > loss. > > > > The only catch being that if the web app decides this for itself, a > malicious script or tracking cookie will be marked as critical user data > when in fact the user would disagree. > > > > On the plus side, it would mean a browser could default to not allowing > storage in the critical user data by default and then let users whitelist > just the sites they want. This could be through an evil dialog, or just a > less intrusive indicator somewhere - the website itself would be able to > detect that it couldn't save and warn the user in whatever way is most > appropriate. > > This seems to me a better idea than having multiple storage areas > (SessionStorage, CachedStorage and FileStorage as suggested by Brady). > However this could lead to even more evil dialogs: "Do you want to save this > data? Is it important? How important is it?" The user - and for that matter, > the app or UA - doesn't necessarily know how critical a piece of data is. > > The user doesn't know because without some form of notification they won't > know what the lifetime of that data is (and even if they do they will have > to know how that lifetime impacts on app functionality). The UA doesn't know > because it doesn't understand the nature of the data without the user > telling it. The app doesn't necessarily know because it can't see the wider > implications of saving the data - storage space on the machine etc. Catch > 22. > > So, to what extent do people think that automatic decisions could be made > by the UA and app regarding the criticality of a particular piece of data? > The more the saving of data can be automated - with the right level of > importance attached to it - the better, saving obtrusive and potentially > confusing dialogs, and (hopefully) saving the right data in the right way. > Perhaps UAs could notify apps of the storage space available and user > preferences on the saving of data up front, helping the app and UA to make > reasonable decisions, only asking for user confirmation where an reasonable > automatic decision can't be made. > > It's a head-twister, this one. > > Chris > > > This message has been scanned for malware by SurfControl plc. > www.surfcontrol.com > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.whatwg.org/pipermail/whatwg-whatwg.org/attachments/20090827/080e0066/attachment-0001.htm>
Received on Thursday, 27 August 2009 08:32:13 UTC