Comment by kccqzy
18 hours ago
> Without even asking whether the site can use local storage?
Where did you see this in the article? I had some recollection that Firefox at least did require asking the user.
18 hours ago
> Without even asking whether the site can use local storage?
Where did you see this in the article? I had some recollection that Firefox at least did require asking the user.
Firefox doesn't ask permission just to use localstorage, no modern browser does this. The closest thing you get is when a site wants to persist storage with "navigator.storage.persist()", which should prompt you for permission. But localstorage data usually persists anyway, and only gets deleted if the browser's storage is "under pressure", so I've never personally worked on a site or web app that had to use that API.
I don't think LocalStorage allows you to store gigs of data though, and IIRC this method depended on the Origin-Private File System API.
You mean by default or it cannot be configured that way? I believe, I had Chrome configured to not allow storage by default, only for sites I added to an exclusion list. I cant remember now, but isnt there also an option to change the default on Firefox to deny or always ask for permission?
Just by default - I didn't know you could configure your browser to disallow storage by default.
Btw. as per EU law (GDPR) website owners are required to aquire informed consent for any kind of client side storage if it contains information that is personal. And it has been ruled that any information that can be used to identify returning users is such.
People think the GDPR is just about cookies, but it is agnostic of the technology used.
Maximum fines: €20 million, or 4% of the company's total worldwide annual turnover of the preceding financial year — whichever is higher.
And informed consent means they need to know what data you collect/store for which purposes and there needs to be an equally easy to select No-Option.
This doesn't really address the issue here. The condition here is that a site might decide that it needs to store (say) a copy of the Red Hat server installation package on each user's local machine (20GB) to facilitate repeat visits.
The stored data is not related to the user at all. The problem is that the website gets to silently write 20GB to the user's disk.