[meta] Support IndexedDB in Private Browsing Mode (with encrypted disk storage)
Categories
(Core :: Storage: IndexedDB, enhancement, P3)
Tracking
()
People
(Reporter: sg, Unassigned)
References
(Blocks 1 open bug)
Details
(Keywords: dev-doc-needed, DevAdvocacy, meta)
Attachments
(1 obsolete file)
|
Reporter | |
Updated•4 years ago
|
|
|
Reporter | |
Comment 1•4 years ago
|
||
Depends on Bug 1593365 for removing exposure of origin information in disk paths.
|
||
Updated•4 years ago
|
|
|
Reporter | |
Comment 4•4 years ago
|
||
|
||
Comment 5•4 years ago
|
||
Any update or temporary fix available to workaround the issue ?
|
|
||
Comment 6•4 years ago
|
||
I mean this error DOMException: A mutation operation was attempted on a database that did not allow mutations.
to handle it gracefully in private mode
|
||
Comment 7•4 years ago
|
||
Comment on attachment 9181986 [details]
Bug 1639542 - Adapt browserchrome tests to support of IndexedDB in private browsing mode. r=#dom-workers-and-storage
Revision D93757 was moved to bug 1699055. Setting attachment 9181986 [details] to obsolete.
|
|
Reporter | |
Updated•4 years ago
|
|
||
Comment 8•3 years ago
|
||
Is this bug still being worked on?
Currently Netlfix is still broken for playback, and on a much smaller scale things like https://drive.fission.codes will never work in a private window without this.
|
||
Comment 9•3 years ago
|
||
There's an about:config workaround by setting
dom.indexedDB.privateBrowsing.enabled to true
Of course this will forego the privacy guarantees of private browsing, but it's a tradeoff you can make.
|
||
Updated•3 years ago
|
|
||
Updated•3 years ago
|
|
|
||
Updated•3 years ago
|
|
||
Comment 10•3 years ago
|
||
In my opinion the mechanism that grant access to the indexedDB in private mode should be very similar to the one grant access to microphone or camera.
Example scenario:
- user visit website A (he can be in a private mode or in apublic mode)
- website A request to "access indexedDB in provate mode" (eg. via dedicated API)
- user can see a popup and can make decision if he wants to grant permission (decision is permament - if user say yes, he do not have to confirm it again)
If user grant permission to "access indexedDB in private mode", then website "A" can store all data in the browser. If user does not grant access then webside "A" can make decision to store all data on the server.
With this approche it's very clear for the user and for the developer how to handle data storage.
|
|
||
Updated•2 years ago
|
|
|
||
Updated•2 years ago
|
|
||
Comment 14•2 years ago
|
||
Maybe you could make it work like cookies: keep the storage content during the session and delete it at the end of the session.
|
||
Updated•2 years ago
|
|
||
Updated•1 year ago
|
|
||
Comment 15•1 year ago
|
||
https://twitter.com/cedric_infosec/status/1658455734349070338
IndexedDB in private browsing works in FF 115 beta and if everything goes well it will be available in FF 115 release.
|
||
Comment 16•1 year ago
|
||
First of all, I can only express my greatest relief and gratitude at seeing this problem corrected, 11 years after I first encountered bug #781982.
So thanks again to everyone who made this possible.
Second, I have two questions:
-
Is it expected that created indexedDBs do not appear in developer tools (Storage > Indexed DB) in private browsing mode? As a comparison, it is possible to inspect Local Storage in private browsing mode, so there would be a difference in behavior.
-
The correction of this issue is not (yet) mentioned in upcoming release notes (Firefox Beta 115, Firefox 115 for developers
). Wouldn't it be relevant to communicate on the subject?
|
|
||
Comment 17•1 year ago
|
||
(In reply to Maxime RETY from comment #16)
- Is it expected that created indexedDBs do not appear in developer tools (Storage > Indexed DB) in private browsing mode? As a comparison, it is possible to inspect Local Storage in private browsing mode, so there would be a difference in behavior.
Yeah, that doesn't work yet. There are some complications specific to the way how IndexedDB stores data in private browsing mode.
- The correction of this issue is not (yet) mentioned in upcoming release notes (Firefox Beta 115, Firefox 115 for developers
). Wouldn't it be relevant to communicate on the subject?
I'm sure it will be added to release notes soon.
|
|
||
Comment 18•1 year ago
|
||
Understood, thans Jan for your feedback.
|
||
Comment 19•1 year ago
|
||
I can't wait to see those utterly bad sites who dose private mode detection with IDB on visitor to limit the sites availability go away!
|
||
Updated•8 months ago
|
|
|
||
Comment 20•7 months ago
|
||
The remaining defects this depends on look a bit like regressions rather than blocking bugs ? Should we close this and unlink and mark them accordingly ?
|
||
Comment 21•7 months ago
|
||
So, was this ever fixed? I came here after realizing that addons that rely on IndexedDB don't work in tor (but do without private mode), and was wondering if I should ask in tor or firefox. Currently tor is using firefox 115.7.0esr.
|
||
Updated•7 months ago
|
|
|
||
Updated•7 months ago
|
|
|
||
Updated•7 months ago
|
|
|
||
Updated•7 months ago
|
|
|
||
Comment 22•7 months ago
|
||
All the gating bugs for this meta bug has been closed already. Hence, closing this meta bug.
Description
•