In the first instance, the standard is an interface set up in the browser. Websites can use it to store information directly in the browser. This works through JavaScript. Each website is thus able to create its own database. And only the corresponding website is able to access the IndexedDB (short for Indexed Database API). This means data is kept private. Multiple types of object storage are available in the databases. These allow various formats to be stored: strings, numbers, objects, arrays, and data entries.
IndexedDB is an indexed table system rather than a relational database. It’s actually a NoSQL database, much like MongoDB. Entries are always stored in pairs: keys and values. Here, the value concerns an object and the key is the associated property. There are also indexes. They make it possible to perform a quick search.
Actions are always carried out in the form of transactions in IndexedDB. Each write, read or change operation is integrated into a transaction. This ensures that database changes are only performed in full or not at all. An advantage of IndexedDB is that the data transfer doesn’t have to occur synchronously (in most cases). Operations are performed asynchronously. This guarantees that the web browser isn’t disabled during the operation and can still be used by the user.
Security plays an important role when it comes to IndexedDB. It’s necessary to ensure that websites are unable to access the databases of other websites. To this end, IndexedDB established a same-origin policy in which the domain, application layer protocol, and port must be the same, otherwise the data will not be provided. Nonetheless, it’s possible for a subfolder of a domain to access the IndexedDB of another subfolder, as both share the same origin. However, access is not possible if another port is used or the protocol is switched from HTTP to HTTPS, or vice versa.