Issue 677719 link

Starred by 1 user

Issue metadata

Status:	WontFix
Owner:	----
Closed:	Jan 2017
Cc:	kenrb@chromium.org
EstimatedDays:	----
NextAction:	----
OS:	Linux
Pri:	2
Type:	Bug-Security
allpublic Via-Wizard-Security

Bad design of incognito mode

Reported by ukrinu...@gmail.com, Jan 1 2017

Issue description

UserAgent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36

Steps to reproduce the problem:
1. Sites data (cookie, etc) available in incognito windows, while close all incognito windows.
2. Page "chrome://settings/clearBrowserData" does not allow clear sites data.
3. Some extensions work separately in normal and incognito modes. After change extension settings in normal mode need close and open all incognito windows to apply settings in incognito mode.
4. Changing extension settings in incognito mode does not affect the same extension in notmal mode.

What is the expected behavior?
1. Each incognito windows have its own sites data.
2. Page "chrome://settings/clearBrowserData" open in incognito mode and clear sites data.
3. One instance of extension in separate process to all browser processes (normal and incognito modes). Apply settings on the fly (without close and open all incognito windows).
4. Extensions in incognito mode can save settings and can read it in normal mode.

What went wrong?

Did this work before? N/A 

Chrome version:   Channel: stable
OS Version: 
Flash Version:

Comment 1 by kenrb@chromium.org, Jan 1 2017

Cc: kenrb@chromium.org
Status: WontFix (was: Unconfirmed)

Thank you for the report.

I don't see any valid bugs here. Cookies from your regular profile are *not* available in incognito mode, though you will see things like autofill data and your history. This is by design. Incognito mode is intended to prevent your browsing information from leaking from incognito back to your regular profile (i.e. 'leave no trace'), data going the other way is not considered a problem.

To clear your incognito mode browsing history and cookies, etc, just close your incognito windows. Nothing is persisted.

Regarding extensions, yes there is a risk there, but unfortunately that isn't something we can control. For that reason extensions are disabled by default in incognito mode -- you have to specifically enable each extension you want to use in incognito, thus assuming the risk of data persistence from that mode.

Project Member

Comment 2 by sheriffbot@chromium.org, Apr 10 2017

Labels: -Restrict-View-SecurityTeam allpublic

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

►

Issue 677719 link

Issue metadata

Bad design of incognito mode

Issue description

Comment 1 by kenrb@chromium.org, Jan 1 2017

Comment 1 Deleted

Comment 2 by sheriffbot@chromium.org, Apr 10 2017

Comment 2 Deleted

Sign in to add a comment