Project: chromium Issues People Development process History Sign in
New issue
Advanced search Search tips
Issue 601951 Android keyboard suggestions leak information typed in incognito window
Starred by 3 users Reported by, Apr 8 2016 Back to list
Status: Unconfirmed
Owner: ----
EstimatedDays: ----
NextAction: ----
OS: Android
Pri: 2
Type: Bug

Sign in to add a comment
Steps to reproduce the problem:
1. Type a specific string in an incognito window frequently (e.g. an acronym in a url)
2. Observe that when typing similar strings outside of Chrome (e.g. in hangouts) the string from the incognito window is suggested as a correction.

What is the expected behavior?
Any information typed in incognito mode should not go into the keyboard's dictionary or suggestion model

What went wrong?
The sensitive content typed in incognito windows was suggested outside of incognito window context. This shows that the information is available outside of incognito mode, and opens the potential for a user to accidentally leak something they'd like to be private.

Did this work before? N/A 

Chrome version: 49.0.2623.105  Channel: stable
OS Version: 6.0.1
Flash Version: 

This really might be more accurately characterized as a privacy bug, but crbug didn't have an option, so I selected "Security" out of the assumption that the chrome security team will know how to route this to an appropriate privacy team.
Comment 1 by, Apr 8 2016
"crbug didn't have an option for privacy bugs", that is. (No radio button for it in the form.)
Comment 2 by, Apr 9 2016
Components: Privacy
Labels: -Type-Bug-Security -Restrict-View-SecurityTeam Type-Bug
Comment 3 by, Apr 11 2016
Just FYI: Here is a similar request for Chromium OS in Issue 311180.
Comment 4 by, Apr 13 2016
A feature request for incognito support for the Android keyboard APIs is tracked at b/28157942.
Project Member Comment 5 by, Jun 3 2016
Labels: Hotlist-Google
Sign in to add a comment