NEW 42515
console() and Private Browsing 
https://bugs.webkit.org/show_bug.cgi?id=42515
Summary console() and Private Browsing
Robert Hogan
Reported 2010-07-18 04:27:37 PDT
Not all calls to domWindow()->console() are protected by privateBrowsingEnabled(). At the moment there are only three calls that seem to care: printErrorMessageForFrame() FrameLoader::shouldAllowNavigation() DocLoader::printAccessDeniedMessage Surely all calls to console()->addMessage() should care?
Attachments
Add attachment proposed patch, testcase, etc.
Alexey Proskuryakov
Comment 1 2010-07-19 16:53:57 PDT
I'm not sure if these checks are needed with the current Console design - the console is cleared when navigating to another document, so someone in possession of your computer won't be able to see the logs to discover out your browsing history.
Robert Hogan
Comment 2 2010-07-21 08:16:53 PDT
(In reply to comment #1) > I'm not sure if these checks are needed with the current Console design - the console is cleared when navigating to another document, so someone in possession of your computer won't be able to see the logs to discover out your browsing history. Yes, the current situation is neither fish nor fowl. The following have addMessage() calls that need at least the same protection in privateBrowsing mode as the ones listed previously, in other words they also contain URL information which seems to have been the criterion for protecting printErrorMessageForFrame() and co: XSSAuditor::canLoadObject() WebSocket::connect() While WebCore ditches console messages each time it navigates to a new document, it's likely that clients are having to manage the storage of console messages when switching out of private browsing as well. If Console::canPrintExceptions() is true it will write everything to stdout - does Safari ensure that canPrintExceptions() is false in private browsing or is canPrintExceptions() exposed to users at all? So WebCore should either care about console messages in private browsing or not. If it cares it should probably switch off nearly all console messages and ensure canPrintExceptions() is false.
Alexey Proskuryakov
Comment 3 2010-07-21 08:59:33 PDT
> does Safari ensure that canPrintExceptions() is false in private browsing Yes, an embedder application is supposed to disable exception printing when is doesn't want them printed. As you mentioned, setShouldPrintExceptions() affects printing to stdout only, not to Inspector console. I don't have a strong opinion on whether WebCore should suppress printing error messages to Inspector console when private browsing is enabled.
Adam Barth
Comment 4 2010-07-23 10:14:06 PDT
This is the kind of thing that can get us in trouble later, but I don't think there's a pressing need to suppress these messages now. My gut tells me we should suppress them and save ourselves some potential pain in the future.
Brent Fulgham
Comment 5 2021-09-21 14:42:39 PDT
XSSAuditor code was removed in Bug 230499.
Note You need to log in before you can comment on or make changes to this bug.