Closed
Bug 1350742
Opened 7 years ago
Closed 4 years ago
Console history of executed commands is shared between private and non-private windows
Categories
(DevTools :: Console, defect, P4)
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 1576907
People
(Reporter: yaroslav.c7s, Unassigned)
Details
User Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.110 Safari/537.36 Steps to reproduce: Steps: 1. Private Window. 2. Dubugger -> Console -> any code -> execute. 3. Private Window - close. 4. Non private. 5. Dubugger -> Console -> (↑) Actual results: Getting the history of the executed commands (in private mode).
Comment 1•7 years ago
|
||
This doesn't need to stay a hidden bug.
Group: firefox-core-security
Component: Untriaged → Developer Tools: Console
Summary: Debugger. Console. Getting the history of the executed commands in private mode → Console history of executed commands is shared between private and non-private windows
Updated•6 years ago
|
Product: Firefox → DevTools
Comment 2•6 years ago
|
||
I'm not sure this is this something we should fix ? What are the risks here ?
Status: UNCONFIRMED → NEW
Ever confirmed: true
Priority: -- → P4
Comment 3•4 years ago
|
||
I just had to run some JS code that contained hard-coded credentials, to test a login API. To avoid leaking those credentials, I ran the code in the console of a private window, assuming that when I closed the window, its console history would be deleted just like the normal history. But due to this bug, those credentials are now saved in the console history, and the only workaround appears to be to delete the entire history with clearHistory()
.
Comment 4•4 years ago
|
||
Bug 1576907 does capture the work for this and is a P2.
Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•