There are currently three ways to store data in a web browser. Only one is a real (both de-facto and de-jure) standard, it’s called Web Storage, and most mainstream web browsers, with the exception of Internet Explorer versions 1-7, support it, to a certain extent. The system is crude, allowing applications to store key/value pairs (ie “USERNAME=paulh”) but nothing more than that.
To advance beyond this, Apple came up with a system called Web SQL Database.
Web SQL Database is based on a free database product called SQLite. SQLite is a database system programmable in a large subset of the SQL programming language. The system is more freeform than most SQL databases like Oracle or PostgreSQL, and the code is much simpler and easy to integrate into existing applications, which means a lot of the popular applications you use every day actually have SQLite built into them.
Apple’s solution is popular, it works, and it’s also been adopted by Google for Chrome and Android. However, there are detractors, notably Microsoft and Mozilla. They argue that Web SQL Database has a number of shortcomings:
- SQL isn't really a standard. There are differences between the official standards, and virtually every implementation has non-standard extensions to deal with shortcomings in the language.
- Web SQL Database's detractors also argue that SQL is too high level. If a programmer merely wants to insert and remove things from a table, why force them to use a complex programming language?
- Web SQL Database is based on SQLite, but SQLite doesn't implement a specific standard, and it would be hard, it's been argued, to create a standard "SQL" for Web SQL Database.
- SQL is an entirely different system, unrelated to the languages its usually embedded within.
- It's easy for inexperienced programmers to embed security flaws in their SQL statements
- It's easy for inexperienced programmers to develop overly complex queries that database systems find impossible to process in a reasonable period of time.
- SQL is a non-standard. While it's possible to write SQL that will work under Oracle, PostgreSQL, and MySQL, it's very hard to do without a working knowledge of the quirks and flaws of all three systems.
- On the browser's back end, data is stored in a database, either using a custom technology, or, more often, using SQLite,
- If programmers want to use SQL, they can find someone who's written a SQL-front end to the IndexedDB API and use their library.
At this point, the W3C has officially "deprecated" Web SQL Database and is promoting IndexedDB. That said, given the relative unpopularity of IndexedDB, and popularity of Web SQL Database, it seems highly unlikely that the latter will disappear as a de-facto standard. In some ways, the W3C's decisions are disappointing as they reduce the likelihood that a version of Web SQL Database that has been "fixed" will appear.
While I can see both sides of the argument, I'm firmly in the camp that sees IndexedDB as a solution that'll result in more complex, more difficult to maintain, code, that'll encourage dependencies on bloated third party libraries. I'm not seeing the upside.
- I've posted more thoughts on the subject