Hi, the last days I've been looking at the private browsing support in WebKit, to fix several cases where things were not working. We have always supported private browsing via WebKitSettings:enable-private- browsing, but I guess nobody is actually using it because it has always been kind of broken.
In epiphany we have never used it, and instead we simply create a WebKitWebsiteDataManager configured to store the data in a temporary directory that is deleted when the private instance exits. This approach is better than nothing, but it's not good enough, for several reasons: - We are unnecessarily writing things to disk. - If UI process crashes, data will still be in the temp directory. - WebKitWebsiteDataManager doesn't cover all situations in which websites can write to disk, for example plugins that need to be configured in private mode explicitly, or the favicon database. - Any other behavior in WebCore that depends on ephemeral session is not honored. In the past WebKit used the enablePrivateBrowsing setting that was checked everywhere when needed. Now, pages have a session ID associated. There's a default session ID, and any other ID is considered ephemeral. So, to enable private browsing we just need to associate the page to any session ID different than the default one. The main different is that now in WebKit2 at least, the association happens on WebPageProxy construction, so it's not possible to enable/disable private browsing in a WebKitWebView, you must create a private or non-private web view. With the WebKit2 C API, this is achieved by creating a non persistent WebsiteDataStore and pass it to the WebPageProxy as PageConfiguration. So, I think we should fix the private browsing mode in WebKitGTK+, deprecate the private browsing setting and add new API to properly handle private browsing sessions. In our current API, the WebKitWebsiteDataManager is associated to the WebKitWebContext, and not to the WebKitWebView, all pages for the same context use the same website data store. So, it would be confusing to add a WebKitWebView constructor taking a WebKitWebsiteDataManager. The page only uses the website data store to get the session ID, and the context to configure the website data paths. So, I think we can hide the detail that private browsing depends on a non persistent website data store. I wouldn't like to expose session IDs either. So, I think we could add a construct only property, and when enabled create a non persistent website data store internally to be used instead of the one from the web context. It could be WebKitWebView:is-private for example or is-ephemeral maybe. With this approach every WebKitWebView created with private browsing enabled will have its own session ID. This makes sense if you want to have a normal web context with private and non-private web views. However, in the case of epiphany, for example, the whole browser instance is private, so it would be more convenient if we could also set the whole context as private. In that case we create a non persistent data store that will be used by all web views. You could still create a private web view explicitly that will use a different session ID (not sure it's useful, but still). For this we could add also a construct only property to WebKitWebContext and a new constructor webkit_web_context_new_private() or new_ephemeral(). What do you think? -- Carlos Garcia Campos http://pgp.rediris.es:11371/pks/lookup?op=get&search=0xF3D322D0EC4582C3
signature.asc
Description: This is a digitally signed message part
_______________________________________________ webkit-gtk mailing list webkit-gtk@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-gtk
