Clean private tab on tab close #6684
Comments
ghost
mentioned this issue
|
2 options
i feel that #2 is more intuitive behavior and also easier to implement |
|
related: #597 |
|
@bbondy mentions the second option might be harder with tab opener relationships so we could try starting with option 1 |
|
Having private tabs spawned from links in other private tabs share a session with the tab which spawned them would be expected behavior to most users. Having each private tab use its own session regardless of its origin would be annoying because if someone were signed in in the originating tab, the newly-spawned tab would not be, which would at the least require another sign-in unnecessarily. When a new private tab is opened manually, it should create a new session. It should share that session with all tabs descended from the original tab or its children. When the last tab in the private session is closed, that session should cease to exist. Other private tabs with different sessions should keep their own sessions alive until the last tab in the session is closed. From a privacy standpoint, option 2 is definitely preferable to the current implementation, provided that it is amended slightly to read "each private tab has its own session WHICH IS DESTROYED WHEN THE TAB IS CLOSED." Also, kudos for getting back to this. |
oops, i originally switched options1 and 2 in this comment. it's been corrected. |
partial fix for #6684 and #8963 TODO: Either the private tab sessions should be cleared and revert back to private session 1 when the last private tab is closed, or we need a private tab session manager menu. Currently the session will keep incrementing until the browser restarts. Test Plan: 1. open private tab 2. in the private tab, go to a site that requires login 3. login, then open a link from that site in a new private tab 4. you should also be logged in in the second private tab 5. open a new private tab 6. go to the same site. you should not be logged in.
partial fix for #6684 and #8963 TODO: Either the private tab sessions should be cleared and revert back to private session 1 when the last private tab is closed, or we need a private tab session manager menu. Currently the session will keep incrementing until the browser restarts. Test Plan: 1. open private tab 2. in the private tab, go to a site that requires login 3. login, then open a link from that site in a new private tab 4. you should also be logged in in the second private tab 5. open a new private tab 6. go to the same site. you should not be logged in.
partial fix for #6684 and #8963 TODO: Either the private tab sessions should be cleared and revert back to private session 1 when the last private tab is closed, or we need a private tab session manager menu. Currently the session will keep incrementing until the browser restarts. Test Plan: 1. open private tab 2. in the private tab, go to a site that requires login 3. login, then open a link from that site in a new private tab 4. you should also be logged in in the second private tab 5. open a new private tab 6. go to the same site. you should not be logged in.
|
I'm curious, would the same set of rules apply to TPB as well? #1185 I don't mean to go off topic but I mention this specifically as I think it does sort of pertain to this issue, particularly your 2nd option of each private tab having it's own session that is if you do apply the same rules to the TPB tabs as well when it comes to it during or after 1.2. #1185 It will be interesting to ascertain how you juxtapose the New Tor Circuit on top of the private tab or will the overall menu be changed to consolidate it? I suspect having the same session (as well as sharing the same IPs) from the first tab on each New Tab after seems better unless a users selects New Private Session. At least from a privacy context it does seem better because having a different set of IPs for each New Tab depending on what a user may be doing could be damaging. There was an interesting report made by a German duo where they analysed mechanisms and lengths to which industries go to de-anonymizing user data. Sorry for boring you; you're welcome to delete this comment if you don't think it aligns with the issue at hand. Thanks. |
partial fix for #6684 and #8963 TODO: Either the private tab sessions should be cleared and revert back to private session 1 when the last private tab is closed, or we need a private tab session manager menu. Currently the session will keep incrementing until the browser restarts. Test Plan: 1. open private tab 2. in the private tab, go to a site that requires login 3. login, then open a link from that site in a new private tab 4. you should also be logged in in the second private tab 5. open a new private tab 6. go to the same site. you should not be logged in.
partial fix for #6684 and #8963 TODO: Either the private tab sessions should be cleared and revert back to private session 1 when the last private tab is closed, or we need a private tab session manager menu. Currently the session will keep incrementing until the browser restarts. Test Plan: 1. open private tab 2. in the private tab, go to a site that requires login 3. login, then open a link from that site in a new private tab 4. you should also be logged in in the second private tab 5. open a new private tab 6. go to the same site. you should not be logged in.
bbondy
modified the milestones:
0.21.x (Developer Channel),
0.20.x (Beta Channel),
Backlog
alexwykoff
added
the
priority/P4
partial fix for #6684 and #8963 TODO: Either the private tab sessions should be cleared and revert back to private session 1 when the last private tab is closed, or we need a private tab session manager menu. Currently the session will keep incrementing until the browser restarts. Test Plan: 1. open private tab 2. in the private tab, go to a site that requires login 3. login, then open a link from that site in a new private tab 4. you should also be logged in in the second private tab 5. open a new private tab 6. go to the same site. you should not be logged in.
|
Moving to 0.21.x since we aren't using Muon 4.6.x yet |
|
@NumDeP Tor Private Tab will be a new tab type, independent of private/session tabs as they are currently implemented. There will be no such thing as 'TPB New Session Tab'; i imagine there will just be a menu item for 'New TPB Tab'. My initial thinking on this was that TBP tabs would share the same session state but run in different Tor circuits (same to how tabs in Tor browser work right now). If a user wanted to clear all session state and use fresh circuits, there would be a 'New Identity' button. |
partial fix for #6684 and #8963 TODO: Either the private tab sessions should be cleared and revert back to private session 1 when the last private tab is closed, or we need a private tab session manager menu. Currently the session will keep incrementing until the browser restarts. Test Plan: 1. open private tab 2. in the private tab, go to a site that requires login 3. login, then open a link from that site in a new private tab 4. you should also be logged in in the second private tab 5. open a new private tab 6. go to the same site. you should not be logged in.
|
+1 via email |
tildelowengrimm
added
the
fixed-with-brave-core
Did you search for similar issues before submitting this one?
Yes
Describe the issue you encountered:
When you close the last incognito tab, the browsing data is stored until the browser is restarted
Expected behavior:
Clean incognito browsing data on last incognito tab closed
Linux (Ubuntu 14.04) and Arch Linux
0.12.15
The text was updated successfully, but these errors were encountered: