Note: this is a different problem to https - it's related to privacy security
I'm trying to figure out if there's a way to take load off our server [cache] by pushing information to the browser. Is there any technology that will provide secure caching that is bound to a session?
We have privacy-sensitive data that's often used, but will not change much. Re-requesting updates from the server/database all the time will reduce the sensitivity.
The solution cannot rely on any page being held open the entire time (e.g. no framesets). Navigation away from a page (or opening a new tab) is allowed.
Does Google Gears fit here? I can't find any way of tying the cache to the session.
The problem domain is cafe/shared machine login with multiple web app users. e.g. when the session expires, or the user logs off, there should be no cached data anywhere. While they are logged on, I presume that nobody will else have physical access to the computer.
See also Can HTML5 sessionStorage be written to disk?