Web Storage

Web Architecture [./]
Fall 2010 — INFO 290 (CCN 42605)

Erik Wilde, UC Berkeley School of Information
2010-09-30

Creative Commons License [http://creativecommons.org/licenses/by/3.0/]

This work is licensed under a CC
Attribution 3.0 Unported License [http://creativecommons.org/licenses/by/3.0/]

Contents E. Wilde: Web Storage

Contents

E. Wilde: Web Storage

(2) Abstract

Mobile applications face two main challenges that call for local data storage: they must be able to go offline so that they can work when there is no connectivity; they must be able to store data locally so that they can better optimize network traffic. In this lecture, we look some of the established mechanisms for local storage (Cookies) and traffic optimization (HTTP caching), and look at the HTML5 mechanisms that provide more extensive client-side support for local data storage: Web Storage and Web SQL Database.



E. Wilde: Web Storage

(3) Optimization and Expansion



E. Wilde: Web Storage

(4) Minimal Web Storage Demo

<!DOCTYPE html>
<html>
 <head>
  <title>Minimal Web Storage Demo</title>
 </head>
 <body>
  <h1>Minimal <a href="http://www.w3.org/TR/webstorage/">Web Storage</a> Demo</h1>
  <p>localStorage Page Views: <span id="lCount">untold</span> time(s)</p>
  <p>sessionStorage Page Views: <span id="sCount">untold</span> time(s)</p>
  <script type="text/javascript">
   if (!localStorage.pageLoadCount)
    localStorage.pageLoadCount = 0;
   localStorage.pageLoadCount = 1 + parseInt(localStorage.pageLoadCount);
   // should be .textContent instead of .innerHTML (changed for IE)
   document.getElementById('lCount').innerHTML = localStorage.pageLoadCount;
   if (!sessionStorage.pageLoadCount)
    sessionStorage.pageLoadCount = 0;
   sessionStorage.pageLoadCount = 1 + parseInt(sessionStorage.pageLoadCount);
   document.getElementById('sCount').innerHTML = sessionStorage.pageLoadCount;
  </script>
 </body>
</html>


E. Wilde: Web Storage

(5) Local Storage vs. Caching



E. Wilde: Web Storage

(6) Local Storage vs. Cookies



Cookies

Outline (Cookies)

  1. Cookies [8]
    1. Third-Party Cookies [3]
  2. Key/Value Storage [4]
    1. Session Storage [1]
    2. Local Storage [1]
  3. Relational Storage [5]
Cookies E. Wilde: Web Storage

(8) Tracking Sessions



Cookies E. Wilde: Web Storage

(9) Cookies for State Management

Cookies for State Management

Cookies E. Wilde: Web Storage

(10) Cookie Mechanics (Initial Request)

https://www.ischool.berkeley.edu/intranet

GET /intranet HTTP/1.1
Host: www.ischool.berkeley.edu
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6 (.NET CLR 3.5.30729)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.8,de-ch;q=0.5,de;q=0.3
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
If-Modified-Since: Thu, 04 Mar 2010 20:15:49 GMT
Cache-Control: max-age=0

HTTP/1.1 403 Forbidden
Date: Thu, 04 Mar 2010 20:17:24 GMT
Server: Apache/2.2.14 (Fedora)
X-Powered-By: PHP/5.2.12
Set-Cookie: SESS00be74b89d347a8c3cb30a12b2378b79=m22t433utrc8dc2uvmn02fedc1; expires=Sat, 27-Mar-2010 23:50:44 GMT; path=/; domain=.ischool.berkeley.edu
Last-Modified: Thu, 04 Mar 2010 20:15:50 GMT
Etag: "b31bc1b24477a0bc2378e8e7bad4a101"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Content-Encoding: gzip
Content-Length: 2205
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8


Cookies E. Wilde: Web Storage

(11) Cookie Mechanics (Authenticating)

https://www.ischool.berkeley.edu/intranet

POST /intranet HTTP/1.1
Host: www.ischool.berkeley.edu
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6 (.NET CLR 3.5.30729)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.8,de-ch;q=0.5,de;q=0.3
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.ischool.berkeley.edu/intranet
Cookie: SESS00be74b89d347a8c3cb30a12b2378b79=m22t433utrc8dc2uvmn02fedc1; has_js=1
Content-Type: application/x-www-form-urlencoded
Content-Length: 104
name=dret&pass=??????&form_build_id=form-d2937ead2a61d62e2f07fef759b858b9&form_id=user_login&op=Log+in

HTTP/1.1 302 Found
Date: Thu, 04 Mar 2010 20:23:41 GMT
Server: Apache/2.2.14 (Fedora)
X-Powered-By: PHP/5.2.12
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Thu, 04 Mar 2010 20:23:41 GMT
Cache-Control: store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: SESS00be74b89d347a8c3cb30a12b2378b79=deleted; expires=Wed, 04-Mar-2009 20:23:40 GMT; path=/
Set-Cookie: SESS00be74b89d347a8c3cb30a12b2378b79=i290spebr7ucurno8f4nh9njj5; expires=Sat, 27-Mar-2010 23:57:01 GMT; path=/; domain=.ischool.berkeley.edu
Location: http://www.ischool.berkeley.edu/intranet
Content-Length: 0
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8


Cookies E. Wilde: Web Storage

(12) Cookie Mechanics (Cookied Repeat)

http://www.ischool.berkeley.edu/intranet

GET /intranet HTTP/1.1
Host: www.ischool.berkeley.edu
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6 (.NET CLR 3.5.30729)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.8,de-ch;q=0.5,de;q=0.3
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: SESS00be74b89d347a8c3cb30a12b2378b79=i290spebr7ucurno8f4nh9njj5; has_js=1

HTTP/1.1 301 Moved Permanently
Date: Thu, 04 Mar 2010 20:23:42 GMT
Server: Apache/2.2.14 (Fedora)
Location: https://www.ischool.berkeley.edu/intranet
Content-Length: 339
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1


Third-Party Cookies

Outline (Third-Party Cookies)

  1. Cookies [8]
    1. Third-Party Cookies [3]
  2. Key/Value Storage [4]
    1. Session Storage [1]
    2. Local Storage [1]
  3. Relational Storage [5]
Third-Party Cookies E. Wilde: Web Storage

(14) Advertising & Privacy

  • Big ad servers are digital hubs in the commercial Web
    • consumers switch content providers but get the same ad provider
    • tracking consumers across content providers is very valuable
  • Cookies set by ad providers are sent very frequently
    • each site that uses the ad provider triggers the cookies to be sent
    • detailed profiling can be employed for creating consumer profiles
  • Content and ad providers can cooperate for better profiling
    • consumers log in to content providers and are reliably identified
    • their personal profile can be matched with the ad provider's profile
    • ad provider consolidation makes this scenario realistic


Third-Party Cookies E. Wilde: Web Storage

(15) Browsers Assemble Web Pages

Typical Web resources (HTML pages) are assembled from a number of resources retrieved by HTTP. Any resource not originating on the server that is hosting the HTML page is considered a third-party resource. If the HTTP response for such a resource contains a cookie, it is a third-party cookie.

Third Party Cookie

Third-Party Cookies E. Wilde: Web Storage

(16) The World's Most Popular Script

<script type="text/javascript">
	var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
	document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
<script type="text/javascript">
	try {
		var pageTracker = _gat._getTracker("UA-xxxxxx-x");
		pageTracker._trackPageview();
	} catch(err) {}
</script>
 [http://www.google-analytics.com/ga.js]
                    f = "?utmwv=" + ca + "&utmn=" + Y() + (N(b.hostname) ? "" : "&utmhn=" + S(b.hostname)) + (g.U == 100 ? "" : "&utmsp=" + S(g.U)) + f;
                    if (0 == s || 2 == s) {
                        a = 2 == s ? k : c || k;
                        l.$a(g.oa + f, a)
                    }
                    if (1 == s || 2 == s) {
                        f = ("https:" == b.protocol ? "https://ssl.google-analytics.com/__utm.gif" : "http://www.google-analytics.com/__utm.gif") + f + "&utmac=" + h + "&utmcc=" + l.ac(d);
                        if (ka) f += "&gaq=1";
                        l.$a(f, c)
                    }


Key/Value Storage

Outline (Key/Value Storage)

  1. Cookies [8]
    1. Third-Party Cookies [3]
  2. Key/Value Storage [4]
    1. Session Storage [1]
    2. Local Storage [1]
  3. Relational Storage [5]
Key/Value Storage E. Wilde: Web Storage

(18) Limitations of Cookies



Key/Value Storage E. Wilde: Web Storage

(19) Simple Storage Interface

interface Storage {
	readonly attribute unsigned long length;
	getter DOMString key(in unsigned long index);
	getter any getItem(in DOMString key);
	setter creator void setItem(in DOMString key, in any data);
	deleter void removeItem(in DOMString key);
	void clear();
};
 [http://www.w3.org/TR/webstorage/#the-storage-interface]

Session Storage

Outline (Session Storage)

  1. Cookies [8]
    1. Third-Party Cookies [3]
  2. Key/Value Storage [4]
    1. Session Storage [1]
    2. Local Storage [1]
  3. Relational Storage [5]
Session Storage E. Wilde: Web Storage

(21) Storage per Top-Level Browsing Context

  • Session storage is scoped by two mechanisms
  • Session storage behaves in the same way as local storage
    • only the scoping (and thus persistence) is different
  • Session storage changes are indicated by storage [http://www.w3.org/TR/webstorage/#the-storage-event] events
    • applications can install and implement storage event handlers


Local Storage

Outline (Local Storage)

  1. Cookies [8]
    1. Third-Party Cookies [3]
  2. Key/Value Storage [4]
    1. Session Storage [1]
    2. Local Storage [1]
  3. Relational Storage [5]
Local Storage E. Wilde: Web Storage

(23) Storage per Browser

  • Local storage is scoped by one mechanism
    • one local storage per document origin [http://www.w3.org/TR/html5/browsers.html#origin-0]
  • Local storage behaves in the same way as session storage
    • only the scoping (and thus persistence) is different
  • Local storage changes are indicated by storage [http://www.w3.org/TR/webstorage/#the-storage-event] events
    • applications can install and implement storage event handlers
    • event handlers are more important for local storage (multiple tabs)


Relational Storage

Outline (Relational Storage)

  1. Cookies [8]
    1. Third-Party Cookies [3]
  2. Key/Value Storage [4]
    1. Session Storage [1]
    2. Local Storage [1]
  3. Relational Storage [5]
Relational Storage E. Wilde: Web Storage

(25) Local SQL Database

sqlite.gif

Relational Storage E. Wilde: Web Storage

(26) Minimal Web Database Demo (Create Tables)

   function loaded(){
   if (window.openDatabase){
    //openDatabase(name, version, displayname, estimatedsize, callback);
    var db = openDatabase("mystorage", "1.0", "Web Database Demo", 1*1024*1024);
    if (db) {
     drop_table_ife(db, "places");
     drop_table_ife(db, "currency");
     create_table_ifne(db);
     create_table_ifne_other(db, "currency");
     insert_values_places(db, "Mumbai", "India", 13922135);
     insert_values_places(db, "Shanghai", "China", 13831900);
     insert_values_places(db, "Karachi", "Pakistan", 12991000);
     insert_values_places(db, "Delhi", "India", 12259260);
     insert_values_places(db, "Istanbul", "Turkey", 11372613);
     insert_values_currency(db, "India", "Indian Rupee");
     insert_values_currency(db, "Pakistan", "Pakistani Rupee");
     insert_values_currency(db, "China", "Renminbi");
     insert_values_currency(db, "Turkey", "Turkish lira");
     read_and_display_values_places(db); //reads and displays values from the 'places' table
     read_and_display_values_currency(db); // reads and displays values from the 'currency' table
     do_the_join(db); //performs a JOIN query and displays the results
    } else { alert('Error opening database'); };
   } else { alert('Web SQL doesn\'t seem to be supported in this browser'); };


Relational Storage E. Wilde: Web Storage

(27) Minimal Web Database Demo (Use Tables)

   function read_and_display_values_places(db){
    var thetable = document.getElementById('table1');
    db.transaction(
     function(t){
     t.executeSql('SELECT city as cityname, country as countryname, population as thepop FROM places', [], 
      function(t,r) {
        for (var i=0;i<r.rows.length;i++) {
         var cityname = r.rows.item(i).cityname;
         var countryname = r.rows.item(i).countryname;
         var thepop = r.rows.item(i).thepop;
         if (thetable) { thetable.innerHTML += "<tr><td scope=\"col\">"+cityname+"</td><td scope=\"col\" width=\"30%\">"+countryname+"</td><td scope=\"col\" width=\"30%\">"+thepop+"</td></tr>"; }}}, 
      function(t,e) { alert('Error:'+e.message); });});}
 <body onload="loaded()">
  <h1>Minimal <a href="http://www.w3.org/TR/webdatabase/">Web Database</a> Demo</h1>
  <p>Table: Places</p>
  <table id="table1" rules="all"><tr><th scope="col">City</th><th scope="col">Country</th><th scope="col">Population</th></tr></table>
  <p>Table: Currency</p>
  <table id="table2" rules="all"><tr><th scope="col">Country</th><th scope="col">Currency</th></tr></table>
  <p>Join of Places and Currency</p>
  <table id="table3" rules="all"><tr><th scope="col">City</th><th scope="col">Currency</th></tr></table>
 </body>


Relational Storage E. Wilde: Web Storage

(28) Minimal Web Database Demo (Join Tables)

   function do_the_join(db){
    var thetable = document.getElementById('table3');
    db.transaction(
    function(t){
    t.executeSql('SELECT city as cityname, currency as currency FROM places, currency where places.country = currency.country', [], 
     function(t,r) {
      for (var i=0;i<r.rows.length;i++){
       var city = r.rows.item(i).cityname;
       var currency = r.rows.item(i).currency;
        if (thetable){
        thetable.innerHTML +="<tr><td scope=\"col\"> "+city+"</td><td scope=\"col\"> "+currency+"</td></tr>";}}}, 
     function(t,e) { alert('Error:'+e.message); });});}


Relational Storage E. Wilde: Web Storage

(29) Specification Problems



E. Wilde: Web Storage

(30) Conclusions



2010-09-30 Web Architecture [./]
Fall 2010 — INFO 290 (CCN 42605)