是否有一个安全的浏览器缓存? [英] Is there a secure browser cache?
问题描述
请注意:这是一个不同的问题到https - 它涉及到隐私安全。
Note: this is a different problem to https - it's related to privacy security
我试图找出是否有采取推信息到浏览器中加载了我们的服务器[缓存]的一种方式。有没有绑定到一个会话,将提供安全高速缓存什么技术?
I'm trying to figure out if there's a way to take load off our server [cache] by pushing information to the browser. Is there any technology that will provide secure caching that is bound to a session?
我们有一个通常用来隐私敏感数据,但不会有太大变化。重新申请更新从服务器/数据库中的所有时间均会降低灵敏度。
We have privacy-sensitive data that's often used, but will not change much. Re-requesting updates from the server/database all the time will reduce the sensitivity.
该解决方案可以不依赖任何网页上正在举行开放的全部时间(例如无框架集)。导航远离页(或打开一个新标签)是允许的。
The solution cannot rely on any page being held open the entire time (e.g. no framesets). Navigation away from a page (or opening a new tab) is allowed.
谷歌是否适合齿轮在这里?我找不到搭售缓存到会话的任何方式。
Does Google Gears fit here? I can't find any way of tying the cache to the session.
问题域是咖啡厅/共享机登录多个Web应用程序的用户。例如当会话到期时,或者在用户注销时,不应有任何缓存的数据的任何地方。
当他们登录,我presume没有人会其他人具有对计算机的物理访问。
The problem domain is cafe/shared machine login with multiple web app users. e.g. when the session expires, or the user logs off, there should be no cached data anywhere. While they are logged on, I presume that nobody will else have physical access to the computer.
另请参阅可HTML5的sessionStorage被写入到磁盘?
推荐答案
您必须与当地的类似数据库的功能,HTML5.0。但是你是什么意思安全? HTML5.0将对阵跨站点安全问题,但用户仍然可以完全访问数据,需要加密的,我不认为。
You'll have HTML5.0 with local database-like features. However what do you mean by secure? HTML5.0 will be secure against cross-site issues, but the user will still have full access to the data, I don't think encryption is required.
谷歌齿轮倒是可以,但它不是一个标准,而HTML5.0是,Safari浏览器支持5.0,我想Opera和Firefox也将在2009年年中,如果他们不已经。资源管理器中,可能会有一些马车实施,使他们能够迫使开发商使用Silverlight。
Google gears does fit, but its not a standard while HTML5.0 is, Safari supports 5.0, and I guess Opera and Firefox will too by mid 2009, if they don't already. Explorer, probably will have some buggy implementation so they can force developers to use Silverlight.
编辑:斯蒂芬,我看你需要他们离开后,当然,摧毁高速缓存,除非他们的机器有一个接近传感器,这将是不可能的:)
但是你可以有你的Javascript删除一切,当他们注销例如
Stephen, I see you need to destroy the cache after they leave, of course unless their machine has a proximity sensor this won't be possible :) But you could have your Javascript delete everything when they Logoff for example.
链接 HTML5.0规范,
链接 HTML5.0规范缓存
链接 HTML5.0会话存储规格(徇众要求:)
这篇关于是否有一个安全的浏览器缓存?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
