[Webkit-unassigned] [Bug 157010] New: QuotaExceededError when saving to localStorage in private mode - leaks users browsing preference
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Apr 25 17:51:53 PDT 2016
https://bugs.webkit.org/show_bug.cgi?id=157010
Bug ID: 157010
Summary: QuotaExceededError when saving to localStorage in
private mode - leaks users browsing preference
Classification: Unclassified
Product: WebKit
Version: Safari 9
Hardware: All
OS: All
Status: NEW
Severity: Major
Priority: P2
Component: Platform
Assignee: webkit-unassigned at lists.webkit.org
Reporter: dvoytenko at google.com
`localStorage.setItem` fails in private mode with `QuotaExceededError`. It looks the original bug item for this was https://bugs.webkit.org/show_bug.cgi?id=49329
This is now a clear and "recommended" way for site owners to detect user's private browsing preferences and could be considered a significant privacy issue. See for instance:
http://apple.stackexchange.com/questions/131587/how-can-a-web-site-determine-if-safari-private-browsing-is-turned-on
http://stackoverflow.com/questions/9659103/how-to-detect-users-on-an-iphone-with-private-browsing-enabled
It looks like Safari is the last remaining major browser that still allows leaking of private mode via this approach. The original bug item cited above does not discuss privacy implications. Is it possible to address?
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20160426/6db9e6b2/attachment.html>
More information about the webkit-unassigned
mailing list