[dandelany]

I'm completely unconvinced that cross-domain local storage is even remotely a good idea. I can't think of any data I'd want to store in a clientside database that I would want other sites to be able to see/modify.

  So, all hopes for cross-domain user tracking are still doomed. sigh

Um, this is a good thing. I don't want the sites I visit to be communicating my use patterns to each other.

[paraschopra]

Actually, it wasn't a sarcasm. I do need cross-domain user tracking for perfectly legitmate reasons. Many of my users do A/B test where control is www.example.com and variation is www.example.org (for example) and the goal page lies on www.shoppingcart.com -- currently there is NO way I can track a user across these three domains (no, third party cookies don't work properly on Safari and Opera).

I am left to experiment with user fingerprinting md5(user-agent, http accept and screen resolution) but that is less than ideal situation.

[jdunck]

If you don't need 100% reach, have a look at xauth source: http://github.com/xauth/xauth

They use a central domain and window.postMessage to make a secure but shared storage.