Miscellaneous editorial feedback

[inexorabletash]

1. Terminology

• "site" definition here is used only used in UI Guidelines but presence here implies normative parts of the spec may use this concept. Can this be defined inline in UI Guidelines instead?

1. Infrastructure

• Call out that cookies are not considered part of site storage?
• If we include a Privacy section it should note that site storage should be cleared along with cookies to prevent user tracking.
• As written, nothing prevents us from having multiple origin storage units associated with the same origin, but we're starting off with 1:1 mapping. Could we clarify the text given this? I confess I think of things in terms of UA→origin→storage→box not UA→storage→(origin, box) which doesn't match how specs are framed.
• Do we want to clarify that phrases like "clear a origin's site storage" imply clearing the box associated with an origin via the origin storage unit? I suppose that should wait until we need that hook.

1. Persistent permission

• It seems like we should say something informative about what this permission means is, even if it is entirely up to the UA and uses "MAY". Maybe just a "see 6.1 Storage Pressure reference"

1. Quota

• See also Rework definitions in "Quota" section / API steps for estimate #22
• See if we can define usage/quota in an inclusive way to cover Edge's current behavior (which has quota per-origin/per-source rather than just per-origin)

1. User Interface Guidelines

• Define "source" somewhere

[annevk]

What does quota per-origin/per-source mean?

[inexorabletash]

What does quota per-origin/per-source mean?

I was using the (now deleted) implied definition of source as the API used, e.g. IDB, Cache, localStorage, etc.

For example, origin A's IDB gets up to 25MB, origin A's Cache gets up to 50MB, etc. (made up numbers) So you could estimate that as 75MB quota, but IDB is not allowed to use more than 25MB.

[annevk]

Oooh, "source" there mostly meant "site storage" or "network storage" (as clarified), not the API in question.

I can see user agents wanting to keep a low limit for localStorage, but I think everything else should really get the same quota. Is there a good reason to give IDB less?

[inexorabletash]

Those numbers are totally made up for the purposes of explaining Edge's model. The real numbers are device type specific and I have no idea what they are for specific type. Apparently the logic is documented on MSDN but I haven't found it yet. @aliams ?

[aliams]

The documented quotas for IndexedDB are here: https://developer.microsoft.com/en-us/microsoft-edge/platform/documentation/dev-guide/storage/indexeddb/

The quotas for AppCache are here: https://developer.microsoft.com/en-us/microsoft-edge/platform/documentation/dev-guide/networking-and-connectivity/application-cache/

[annevk]

@aliams, is there rationale for them having different limits? Is an API that provides one quota for an origin acceptable?

[aliams]

@annevk, are you asking why there are different limits based on device size or type (IndexedDB vs. AppCache)? If the former, it's because Edge runs on smaller capacity devices such as phones and we wanted the limits to take the device's volume size into account. If you were asking about the latter, it's because we built it that way back when it was first shipped and it hasn't been changed since then. To answer your second question, I'd like to move to a model where there is one quota per origin in Edge. For example, the new Caches would share their quota with IndexedDB.

[annevk]

Thank you, that sounds great and aligns with the model in the standard.

[annevk]

Just to make sure everything is addressed I went through your comments again. I filed one follow up and I'll add one note to close out this issue:

• "site" definition here is used only used in UI Guidelines but presence here implies normative parts of the spec may use this concept. Can this be defined inline in UI Guidelines instead?

I've noted that we might need to uplift that at some point. See also #34.

• Call out that cookies are not considered part of site storage?

Done.

• If we include a Privacy section it should note that site storage should be cleared along with cookies to prevent user tracking.

This is already in the guidelines. Filed #35 for an explicit section.

• As written, nothing prevents us from having multiple origin storage units associated with the same origin, but we're starting off with 1:1 mapping. Could we clarify the text given this? I confess I think of things in terms of UA→origin→storage→box not UA→storage→(origin, box) which doesn't match how specs are framed.

Done.

• Do we want to clarify that phrases like "clear a origin's site storage" imply clearing the box associated with an origin via the origin storage unit? I suppose that should wait until we need that hook.

This is #4 and #18.

• It seems like we should say something informative about what this permission means is, even if it is entirely up to the UA and uses "MAY". Maybe just a "see 6.1 Storage Pressure reference"

Yeah, I should add a note explaining intent.

• See if we can define usage/quota in an inclusive way to cover Edge's current behavior (which has quota per-origin/per-source rather than just per-origin)

Addressed per discussion above.

• Define "source" somewhere

This should be clearer now.