- From: Utkarsh Upadhyay <musically.ut@gmail.com>
- Date: Tue, 12 Jan 2016 00:02:59 +0100
- To: Joel Weinberger <jww@chromium.org>
- Cc: timeless@gmail.com, Patrick Toomey <patrick.toomey@github.com>, Richard Barnes <rbarnes@mozilla.com>, WebAppSec WG <public-webappsec@w3.org>
- Message-ID: <CALh3q9zLTVPXBDJnZn7VskANnVWR0O4MuZg37x1rJ7dHg29UGA@mail.gmail.com>
Thanks for the feedback and the lively discussion! > In any case, I'd like to better understand the use case of when a site knows that a link should be opened "privately" and it shouldn't be the users choice before we go too far down this path. I haven't thought about it exhaustively but have accumulated a few use cases from the experience of developing an extension to help users with switching to incognito mode. First use case was of websites knowing *risky clicks* and providing a _safe_ way to make sure that the user doesn't have to clean up after himself, i.e. NSFW links on their content. Reddit was an example I provided in my original mail but other news sites will probably also find use for it. Second use case was being able to give users clearer instructions. An example of such a case I recently ran across was here: https://support.google.com/accounts/answer/6160500?hl=en Relevant part of the page: > Sign in to your Google Account on android.com/devicemanager <http://www.android.com/devicemanager>. If you're helping a friend with their lost device, we recommend opening an incognito tab in Chrome <https://support.google.com/chrome/answer/95464> and having them sign in to the Google Account they use on their mobile device. Such instructions can be simplified by linking to the website with target="_private". Other links which may accidentally reveal personal information (think direct links to bank account balance page) can also be made save by setting target="_private". Thirdly, and what prompted me to think of this proposal, was that opening an incognito window through an extension on Chrome is rather convoluted (uses background scripts) and fragile. It may not continue to work, for example, when https://developer.chrome.com/extensions/manifest/externally_connectable is enforced. In any case, the extension requires permissions to access _all_ data across _all_ websites, which already should be raising eyebrows. I'd rather have this provided by the site + the browser, both of which I trust more than a third party plugin. Do these make sense? ---- > This feature would require formalizing these modes, and that seems tricky at best, since the user agents are not necessarily providing the same guarantees. If several browsers are providing independent implementations of features which _sound_ similar, isn't this is a good time to standardize it, even if it takes a bit of effort? ~ ut
Received on Monday, 11 January 2016 23:03:47 UTC