[whatwg] Private browsing vs. Storage and Databases

Bil Corry bil at corry.biz
Wed Apr 8 20:34:58 PDT 2009 

Aryeh Gregor wrote on 4/8/2009 12:23 PM: 
> On Wed, Apr 8, 2009 at 1:02 PM, Bil Corry <bil at corry.biz> wrote:
>> Is there really a use case for wanting to show up at a site as yourself, but not have any footprint of the visit saved locally?
> 
> Yes.  The commonly-cited use-case is buying a present for your spouse:
> you would like it to be a surprise, and therefore not show up in the
> URL bar when they use the computer and type things.  The actual
> use-case and basically the whole purpose of the feature, which people
> tend to politely avoid mentioning, is viewing porn.

You could buy presents and surf porn regardless if the browser offers up your cookiejar or not.


> The feature is not intended to try hiding info about you from the
> site.  It's not very useful for that.

It could be :)


> If you don't want the site to
> know about you, you'd want to delete info before the visit, and may as
> well leave it alone after the visit.  Note that browsers do the exact
> opposite: all delete info after the session, but only some hide info
> from before the session.  You certainly wouldn't bother deleting
> history or cached files, since the server doesn't know about those
> anyway.

I like that "privacy mode" does not leave a local footprint, I'm not arguing against it.  I was pointing out that I had the expectation that it also provided a new user profile.


>  And you'd want to set privacy on a per-site basis, not a
> per-session basis -- you say "I don't trust this site", not "I don't
> trust any of the sites I'm going to visit in this particular browser
> window until I close it (but I trust all other sites)".  The latter
> would be bizarre.

Then I want the bizarre.  There are a variety of use cases for having a new user profile when in "privacy mode".  It would be helpful as a web developer for testing a site as a brand new visitor.  It would be helpful when visiting a risky site; maybe the site will try CSRF -- CSRF won't work if I'm surfing under a new user profile that doesn't have any existing cookies.  Maybe I want to double-check that Amazon hasn't reverted to their lower-prices-for-people-who-have-never-been-to-Amazon-before pricing strategy, but I still want to keep my original Amazon cookies.  Or I want to allow a visitor to use my computer, they use the same sites I do and I don't want them being logged in as me.  Or the reverse, I'm at a friends house, the library, etc and I want to visit sites without accidentally logging in as someone else.


> The intent of private browsing mode is to say "I don't want other
> people using this computer to know that this browser session ever
> occurred".  You don't care if the site knows about you.  If that were
> the use-case, the feature would be designed totally differently.

Again, I don't know the backstory to private browsing; I have never used it.  But my expectation when I heard about it is that it doesn't leave a footprint on the computer and it starts with a new user profile.  And for myself, that behavior is the most useful.


- Bil

More information about the whatwg mailing list