- From: Tab Atkins Jr. <jackalmage@gmail.com>
- Date: Thu, 3 Sep 2009 18:08:55 -0500
On Thu, Sep 3, 2009 at 5:59 PM, Peter Kasting<pkasting at google.com> wrote: > On Thu, Sep 3, 2009 at 3:55 PM, Tab Atkins Jr. <jackalmage at gmail.com> wrote: >> You may have missed the part where Ian said that, to protect their >> user's privacy, browsers *must* clear cookies and LocalStorage at the >> same time. > > Wrong. ?This is precisely what I argued that the spec didn't say, and (in > agreement) Ian changed the spec so people wouldn't misinterpret it by > thinking it said this. ?This is the precise reason why I don't understand > what you're arguing about. 10 hours ago, Hixie said: > The fact that local storage can be used for cookie resurrection means we > have to make sure that clearing one clears the other. Anything else would > be a huge privacy issue (just as Flash has been). There are a few other remarks in line with this from that email and a subsequent one. If this doesn't imply that LocalStorage in practice will thus become an ephemeral storage mechanism that is easy for users to accidentally blow away, and thus will be too unreliable for anything beyond a supercookie, then I'd like clear statements to that effect. As it is, theoretical assurances that it's all going to be okay aren't adequate - if any browser *actually* made cookie-clearing *automatically* also clear LocalStorage, we authors can't rely on it. Providing the *option* to blow away everything at once is fine, if notated properly in the UI. *Automatically* doing so, as Hixie strongly appears to be suggesting browsers should do, is not. ~TJ
Received on Thursday, 3 September 2009 16:08:55 UTC