Well-deployed technologies
Simple data storage
For simple data storage, the Web Storage specification offers two basic mechanisms, localStorage
and sessionStorage
, that can preserve data respectively indefinitely, or on a browser-session basis.
Database query/update
On top of this file-based access, the Indexed Database API (IndexedDB) defines a database of values and hierarchical objects that integrates naturally with JavaScript, and can be queried and updated very efficiently - a third edition of the specification is under development.
Encrypted storage
Some of this data need to be encrypted, the Web Cryptography API from the Web Cryptography Working Group exposes strong cryptography primitives to Web applications, and can be bound to pre-provisioned keys via the WebCrypto Key Discovery API.
File download
The HTML5 download
attribute provides a simple mechanism to trigger a file download (rather than a page navigation), with the possibility of setting a user-friendly filename.
Technologies in progress
Storage management
As more and more data need to be stored by the browser (e.g. for offline usage), it becomes critical for developers to get reliable storage space. The Storage specification allows Web applications to get quota estimate for storage as well as to request that the data stored by the application be treated as persistent and cannot be evicted without the user’s explicit consent.
File operations
Although the notion is less prevalent on mobile, there is generally at least some sort of concept of a file system. The File API provides an API for representing file objects in web applications, as well as programmatically selecting them and accessing their data. The API is read-only. Discussions on a read-write API have now resumed, see File System Access below.
Exploratory work
File operations
The File System Access specification is an early API proposal that lets Websites gain write access to the local file system. It builds on top of the File API.
Simple data storage
The localStorage
mechanism is a simple data storage mechanism but has one problem: the API is synchronous. This leads to performance and cross-window synchronization issues. IndexedDB is asynchronous but is hard to use for simple get/set operations. The KV Storage specification describes a simple asynchronous key/value storage API, proposed as a successor to localStorage
. The API is modeled on top of IndexedDB, allowing applications to transition to IndexedDB should the application need to use advanced features (such as transactions, indices, or cursors). Plan is to integrate this API in IndexedDB after incubation.
State management
HTTP cookies provide a valuable state-management mechanism for the Web. However, the synchronous nature of the document.cookie
interface has been a source of performance issue, especially now that browsers use multiple processes and threads to improve perceived performances and responsiveness where ever possible, including on mobile platforms where processing powers may be more limited. Cookies are also unavailable to workers, which do not have access to the DOM. The Cookie Store API defines an asynchronous cookies API for documents and workers.
Storage management
Web applications need to store different types of data locally, with different eviction strategies when running out of storage. For instance, an application may want to evict images first as they can be retrieved from the network, but may want to preserve application state as much as possible. The Storage buckets proposal grants applications the ability to create multiple storage buckets, where the user agent may choose to delete each bucket independently of other buckets.
The Storage Access API enables content inside <iframe>
elements to request and be granted access to their client-side storage, provided user agrees to it, so that embedded content which relies on having access to client-side storage can work in browsers that would otherwise prevent this behavior, e.g. to preserve the user's privacy.
Shared resources
The Web Locks API allows applications to acquire a lock on storage, to coordinate read/write operations across instances of an app that may be running concurrently in different tabs.
Discontinued features
- Quota management API
- Work on the Quota Management API, started in the Web Platform Working Group to expose an API to manage usage and availability of local storage resources, was discontinued in favor of the newer Storage proposal.
- Client-side SQL-based database
- The work around a client-side SQL-based database, which had been started in 2009, has been abandoned in favor of the work on IndexedDB.
- Address book data
- Communication applications can benefit from integrating with their users’ existing data records; on mobile devices, the address book is a particularly useful source of information. For Web apps outside of the browser, a purely programmatic approach was part of the System Applications Working Group; since this group has now closed, no further work on the Contacts Manager API is expected for the time being. Within the browser, HTML provides autocompleted fields for contacts information that would let browsers re-use data from address books.