- From: Jeremy Orlow <jorlow@chromium.org>
- Date: Mon, 31 Aug 2009 11:12:42 -0700
On Mon, Aug 31, 2009 at 11:01 AM, Jens Alfke <snej at google.com> wrote: > > On Aug 31, 2009, at 3:11 AM, Ian Hickson wrote: > > We can't treat cookies and persistent storage differently, because >> otherwise we'll expose users to cookie resurrection attacks. Maintaining >> the user's expectations of privacy is critical. >> > > The fact that local storage can be used as a type of super-cookie doesn't > mean the two are the same thing. Yes, obviously if I give a website > permission to put 50MB of stuff on my disk, it can use 1k of that as a type > of cookie if it wants. That's just one of many reasons why user agents > should require user approval for letting a domain access local storage. > > That does not mean that the "Delete Cookies" menu command should also > delete local storage. Users often delete cookies to resolve login issues > (I've had to do this with Google websites several times). Conflating the two > can lead to disasters like "I told you to delete my COOKIES! Not my EMAIL > DRAFTS that I was trying to log in to send!" Agreed. > So I've removed the text that says that local storage could be >> user-critical. >> > > That's going to come as a shock to developers who were planning to use it > for user-created data (whether drafts of content to be pushed to the cloud, > or strictly-local documents.) Without this, the safe usage of local storage > diminishes to a download cache. > Yes, this is pretty disconcerting since there's been OVERWHELMING support for LocalStorage being treated as user-critical on this thread. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.whatwg.org/pipermail/whatwg-whatwg.org/attachments/20090831/2cd61352/attachment.htm>
Received on Monday, 31 August 2009 11:12:42 UTC