Granted that Persona still has to support a bunch of evil legacy browsers, yes, we should be able to upgrade to non-evil, async, non-legacy, awesomeness on Firefox
----- Original Message ----- > From: "Andreas Gal" <[email protected]> > To: "Jedediah Parsons" <[email protected]> > Cc: "Nick Alexander" <[email protected]>, [email protected] > Sent: Friday, August 9, 2013 9:35:49 PM > Subject: Re: Implementation approaches for Create Account / Sign In > > Please never ever use localStorage. It's evil sync legacy crap. > > Andreas > > Sent from Mobile. > > On Aug 9, 2013, at 21:33, Jedediah Parsons <[email protected]> wrote: > > > > > On this single point: > > > >> Technical question. IIUC, the Persona shim stores private user details > >> in localStorage (and in persona.org cookies). > > > > I know I'm rabbit-holing, but to mention it anyway: > > > > The use of DOM storage limits our client code options. (localStorage and, > > even more so, sessionStorage.) For PiCl, and possibly also for Persona, > > we might want to consider making an abstract DB layer that the hosted code > > interacts with, and then be able to plug in async, non-DOM backends like > > IndexedDB if available. This would open up the door to using our services > > in Workers and possibly other contexts. (The persona communication_iframe > > has no UI, and would be a good candidate for this; PiCl may have similar > > possibilities.) > > > > ----- Original Message ----- > >> From: "Nick Alexander" <[email protected]> > >> To: [email protected] > >> Sent: Friday, August 9, 2013 9:01:01 AM > >> Subject: Re: Implementation approaches for Create Account / Sign In > >> > >> On 13-08-09 7:31 AM, Lloyd Hilaiel wrote: > >>> Chris Karlof and I were talking yesterday, and I was noting how awesome > >>> the > >>> implementation approach of Persona on FirefoxOS has been. The, the > >>> relevant code that ships with the device is limited to a container > >>> capable > >>> of running web content, and some setup code which invokes a function > >>> within the context of that web content when necessary. Further, the > >>> navigator.id. apis are intercepted by firefoxos, and cause raising of the > >>> "trusted" content window and relaying parameters into it. > >> > >> <snip> > >> > >>> Is there any really good reason not to explore this option? > >> > >> Technical question. IIUC, the Persona shim stores private user details > >> in localStorage (and in persona.org cookies). What happens when the > >> user clears local data? It's my belief that Persona just expects you to > >> re-authenticate to the email address you entered. If my understanding > >> is correct, we'll need to be more durable than that: we can't forget the > >> user's account and we can't expect re-auth. So that means the UI shim > >> can't be authoritative for this data. > >> > >> Nick > >> _______________________________________________ > >> Sync-dev mailing list > >> [email protected] > >> https://mail.mozilla.org/listinfo/sync-dev > > _______________________________________________ > > Sync-dev mailing list > > [email protected] > > https://mail.mozilla.org/listinfo/sync-dev > _______________________________________________ Sync-dev mailing list [email protected] https://mail.mozilla.org/listinfo/sync-dev
