KIO / KWebView and PrivateBrowsing (Cookies)
Alex Fiestas
afiestas at kde.org
Tue Apr 24 09:02:28 BST 2012
On Monday, April 23, 2012 07:38:16 PM Dawit A wrote:
> None of this is necessary. What should happen in private browsing mode is
> the "cookies" metadata should be set to "manual" to disable cookie handling
> kio_http. The KIO::Integration::AccessManager can be modified to send its
> own cookie header instead. This would give you want you want. I have
> attached an untested patch that does just that. Test it and let me know if
> it works okay for you.
Wow! kdelibs is full of awesomess, I get how this work now.
> The only question I have and which the patch does not address is whether or
> not cookies stored outside of the private-browsing mode should be used
> (read: sent back to the server) during private browsing mode. Reading the
> up on the definition of private browsing mode, it seems to me that we
> should only stop saving information once in private browsing mode, not stop
> sending data that was previously stored before "private browsing mode" was
> initiated.
Actually we should not send any data we currently have stored since that data
can be used to identify the user and that will break any hope of private
browsing. Perfect example is a cookie that authenticate the user with a web
service such gmail or evil Google tracking what searches we do.
Chromium, Firefox and Opera have this behavior as well (they start with an
empty cookiejar).
Going to take a look at your patch and try to figure something out.
Big Thanks !
More information about the kde-core-devel
mailing list