+ <!-- Cookies. -->
+ <sect2 id="cookies">
+ <title>Cookies</title>
+
+ <para>
+ <mediaobject>
+ <imageobject>
+ <imagedata fileref="cookies.png" format="PNG"/>
+ </imageobject>
+ <textobject>
+ <phrase>Cookies</phrase>
+ </textobject>
+ </mediaobject>
+ </para>
+
+ <para>
+ <ulink url="https://en.wikipedia.org/wiki/HTTP_cookie">Cookies</ulink>
+ allow websites to store small pieces of information for a specific host that are sent in the HTTP header every time the browser connects to that host.
+ Privacy Browser allows a maximum of <ulink url="http://browsercookielimits.iain.guru/">180 cookies with a maximum size of 4096 bytes per cookie</ulink> to be set per domain.
+ Cookies are often used to track users across the web, particularly third-party cookies (which are completely blocked in Privacy Browser).
+ They are also used as a security mechanism on websites where you log in to identify it is you as you browse from page to page on a site.
+ </para>
+
+ <para>
+ Durable cookies are shared with all tabs that are opened after they are made durable and are preserved even when Privacy Browser is restarted.
+ This allows users to stay logged in to sites of their choosing. No cookies are durable by default. Making a cookie durable requires specific user interaction.
+ </para>
+
+ <para>
+ All other cookies are specific to the tab where they are created and are destroyed when the tab is closed.
+ </para>
+ </sect2>
+
+ <!-- DOM storage. -->
+ <sect2 id="dom-storage">
+ <title>DOM storage</title>
+
+ <para>
+ <ulink url="https://en.wikipedia.org/wiki/Web_storage">DOM (Document Object Model) storage</ulink>, also knows as web storage, allows web pages to store information on a client device.
+ The storage capacity is larger than for cookies and the data is not automatically sent in the headers with every HTTP request.
+ In Privacy Browser, each website is allowed to store a <ulink url="https://arty.name/localstorage.html">5 MB of data</ulink> in DOM storage.
+ DOM storage requires JavaScript to function, and, in addition, requires an extra toggle to be enabled.
+ In Privacy Browser, DOM storage is limited to the tab where it is created and is destroyed when the tab is closed.
+ </para>
+ </sect2>
+
+ <!-- IndexedDB. -->
+ <sect2 id="indexeddb">
+ <title>IndexedDB</title>
+
+ <para>
+ <ulink url="https://developer.mozilla.org/en-US/docs/Web/API/IndexedDB_API">IndexedDB</ulink>
+ provides web pages with a local database where they can store “significant amounts of structured data”.
+ There is disagreement on the internet about the maximum size of an IndexedDB database, probably because the various rendering engines keep changing their mind.
+ But it is usually listed at somewhere between 20% and 80% of <emphasis>your entire hard drive</emphasis> with each individual domain limited to some segment of that.
+ IndexedDB requires JavaScript to function.
+ In Privacy Browser, this database is limited to the tab where it is created and is destroyed when the tab is closed.
+ </para>
+ </sect2>
+
+ <!-- Service Workers. -->
+ <sect2 id="service-workers">
+ <title>Service Workers</title>
+
+ <para>
+ <ulink url="https://developer.chrome.com/docs/workbox/service-worker-overview/">Service workers</ulink> are offline JavaScript proxies of a website. They have their own cache that is usually hidden and hard to clear.
+ They were designed by people who want the web browser to become the operating system and run full “apps”.
+ In Privacy Browser, service workers are limited to the tab where they are created and are destroyed when the tab is closed.
+ </para>
+ </sect2>
+
+ <!-- Filesystem API. -->
+ <sect2 id="filesystem-api">
+ <title>Filesystem API</title>
+
+ <para>
+ The <ulink url="https://developer.chrome.com/articles/file-system-access/">filesystem API</ulink> grants the browser direct access to the files on your system.
+ Like service workers, the filesystem API is a summarily bad idea thought up by those who want the browser to become an operating system.
+ Even when JavaScript and local storage are enabled, the filesystem API does not work in Privacy Browser.
+ </para>
+ </sect2>
+ </sect1>
+
+ <!-- User Agent. -->
+ <sect1 id="user-agent">
+ <title>User Agent</title>
+