NPAPI:ClearSiteData: Difference between revisions
No edit summary |
No edit summary |
||
| Line 101: | Line 101: | ||
=== Type of Data === | === Type of Data === | ||
* things the user enters, except for credentials (form data) | * things the user enters, except for credentials (form data) | ||
* credentials | * credentials | ||
* things cached by the UA (pages, preview images, icons) | * things cached by the UA (pages, preview images, icons) | ||
* local data stored by the server / web application (cookies, HTML5 local storage, Flash/Silverlight local storage) | * local data stored by the server / web application (cookies, HTML5 local storage, Flash/Silverlight local storage) | ||
* history information (bookmarks, visited URIs) | * history information (bookmarks, visited URIs) | ||
* settings specific to a site (for instance, preferences with respect to privacy, script disabling...) | * settings specific to a site (for instance, preferences with respect to privacy, script disabling...) | ||
| Line 119: | Line 112: | ||
Several UAs offer to restrict the clear operation to a time range such as "today" or "last week". | Several UAs offer to restrict the clear operation to a time range such as "today" or "last week". | ||
=== Site/URI === | === Site/URI === | ||
Revision as of 15:49, 7 December 2010
Status
Under consideration.
Problem Summary
Allow browsers to request that plugins clear locally stored private data.
Proposal
- Last modified: Nov 19, 2010
- Authors: Julian Reschke (greenbytes), Dan Witte <dwitte@mozilla.com>, Bernhard Bauer <bauerb@chromium.org>, Rajesh Gwalani <rgwalani@adobe.com>
The current proposal is to add a new method, providing the new functionality:
NPError NPP_ClearSiteData( PRUint64 flags, // what type of data to clear const char* origin, // limit to origin PRUInt64 maxAge // max. age of information in seconds );
New NPError codes:
// can't clear by time range #define NPERR_TIMERANGE_NOT_SUPPORTED (NPERR_BASE + 14) // can't clear by origin #define NPERR_LIMITBYORIGIN_NOT_SUPPORTED (NPERR_BASE + 15) // malformed 'origin' string #define NPERR_MALFORMED_ORIGIN (NPERR_BASE + 16)
Semantics:
flagsis a bitset representing which type(s) of data to clear.
#define NP_CLEAR_ALL 0 /* Clear All data */ #define NP_CLEAR_COOKIES 1 << 0 /* Clear cookies */ #define NP_CLEAR_SITE_PREFS 1 << 1 /* Clear site preferences */ #define NP_CLEAR_BROWSING_HISTORY 1 << 2 /* Clear browsing history */ #define NP_CLEAR_DOWNLOAD_HISTORY 1 << 3 /* Clear download history */ #define NP_CLEAR_FORM_HISTORY 1 << 4 /* Clear form and search history */ #define NP_CLEAR_CACHE 1 << 5 /* Clear cache */ #define NP_CLEAR_PASSWORDS 1 << 6 /* Clear saved passwords */ #define NP_CLEAR_LOGINS 1 << 7 /* Clear active logins */ #define NP_CLEAR_PLUGIN_STORAGE 1 << 8 /* Clear plugin local storage */
- The
originargument is interpreted as follows:- if a hostname of the form "foo.com", data in the "foo.com" domain and all subdomains should be cleared. In this form,
domainmust be a normalized ACE-encoded hostname, lowercased; must not contain a trailing dot; must not contain scheme, port, or other such fields; and must contain at least one embedded dot; - if an IP address (either IPv4 or IPv6), data for that IP should be cleared;
- if
NULL, all site-specific data and more generic data on browsing history (for instance, number of sites visited) should be cleared.
- if a hostname of the form "foo.com", data in the "foo.com" domain and all subdomains should be cleared. In this form,
maxAgeis the maximum age of data to clear, inclusive, in seconds. IfmaxAgeis0, no data is cleared. IfmaxAgeis the maximum unsigned 64-bit integer, all data is cleared.
Open Issues
- Make sure this API is available when no instances exist.
- Do we need a discovery method?
- What is the syntax for an IPv6 address in site? As per RFC 3986 "IP-literal" ([1])?
Notes
Overview of current UIs
| Type | Firefox | IE | Opera | Safari | Chrome |
|---|---|---|---|---|---|
| Browsing History | yes | yes | yes | yes | yes |
| Download History | yes | yes | yes | yes | yes |
| Form History | yes | yes | ? | yes | yes |
| Search History | yes | ? | ? | ? | ? |
| Cookies | yes | yes | temporary/all | yes | yes |
| Cache | yes | yes | yes | yes | yes |
| Active Logins | yes | yes | "password manager" | yes | yes |
| Site Preferences | yes | ? | ? | ? | ? |
In addition, IE has "InPrivate Filtering Data" (what is this?)
In addition, Opera has "delete password protected pages and data" and "bookmark visited times".
In addition, Safari has "webpage preview images", "website icons" and "top sites"
| Parameters | Firefox | IE | Opera | Safari | Chrome |
|---|---|---|---|---|---|
| Time Range | yes | no | no | no | yes |
| By Site | yes (context menu in history) | ?? | ?? | ?? | ?? |
Type of Data
- things the user enters, except for credentials (form data)
- credentials
- things cached by the UA (pages, preview images, icons)
- local data stored by the server / web application (cookies, HTML5 local storage, Flash/Silverlight local storage)
- history information (bookmarks, visited URIs)
- settings specific to a site (for instance, preferences with respect to privacy, script disabling...)
Time range
Several UAs offer to restrict the clear operation to a time range such as "today" or "last week".
Site/URI
Firefox supports "forget about this site". Other UAs do not appear to support this.
Should it be part of the API? If so, what format?
Existing Discussion and Documentation
Mail thread on plugin-futures: https://mail.mozilla.org/private/plugin-futures/2010-January/001150.html
In particular, Lloyd Hilaiel proposed an alternate approach where plugins would store everything in a standard filesystem based layout, so the UA itself can do the clearing. See https://mail.mozilla.org/private/plugin-futures/2010-January/001156.html
Flash Local Storage: http://www.macromedia.com/support/documentation/en/flashplayer/help/help02.html
Firefox issue - clearing local storage with time range: https://bugzilla.mozilla.org/show_bug.cgi?id=527667