[Bug 18866] New: Make it clear that localStorage can be cleared by UA at will

https://www.w3.org/Bugs/Public/show_bug.cgi?id=18866

           Summary: Make it clear that localStorage can be cleared by UA
                    at will
           Product: WebAppsWG
           Version: unspecified
          Platform: PC
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Web Storage (editor: Ian Hickson)
        AssignedTo: ian@hixie.ch
        ReportedBy: jonas@sicking.cc
         QAContact: public-webapps-bugzilla@w3.org
                CC: ian@hixie.ch, mike@w3.org, public-webapps@w3.org


While I think it was originally intended that localStorage was to store such
small amounts of data that was ok to keep the data around forever, this hasn't
really seemed to work out in practice.

Users can easily accumulate large amounts of data for sites that he/she has
only ever visited once. This because simply visiting a site can silently cause
MB of data to be written to the users HD.

Our stance at mozilla has for a while now been that we don't want to write
permanent data to the user's HD without consent from the user. "Consent from
the user" in practice means either going through some explicit step indicating
that the website is special (an "install" step, or simply bookmarking the
website), or by asking the user if it's ok if we let the website store
permanent data.

Authors are at this point depending on us not bringing up a prompt any time
that localStorage is used, so that's not an option. And for most websites the
user does not go through an explicit step to indicate that the website is
special.

Hence our plan is to not make localStorage a permanent storage area by default.
Instead we plan to clear out localStorage in an LRU-type fashion.

I *believe* that chrome is planning on doing something similar, but obviously
needs to be confirmed by them.

It also appears that iOS 5.1 has made a similar decision.

http://www.moneytoolkit.com/2012/04/apple-ios-html5-localstorage-is-broken/

-- 
Configure bugmail: https://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

Received on Thursday, 13 September 2012 06:09:17 UTC