Separate storage for each tab

[Embassy4016]

Preliminary checklist

• [X] I have read the README
• [X] I have read the FAQs.
• [X] I have searched existing issues for my feature request. This is a new issue (NOT a duplicate) and is not related to another issue.
• [X] This is a feature request for the Cromite browser; not the website nor F-Droid nor anything else.

Is your feature request related to privacy?

Yes

Is there a patch available for this feature somewhere?

Don't think so, but vanadium recently tried to implement something similar but rolledbacked on it because it breaks too many sites.

Describe the solution you would like

Cromite could seperate cookies of each tabs making it difficult for cross-site tracking. It would be more heavy on the battery life and might break more sites but seems worth it. A ui to turn this feature on or off would make it optional for users who are facing sites breaking. It's not full proof but it's atleast one less data point for tracking.

Describe alternatives you have considered

Don't have any

[uazo]

Cromite could seperate cookies of each tabs making it difficult for cross-site tracking

already today, in cromite, cookies and storage in general are linked to the website (eTLD+1, i.e. *.foo.com are considered the same). the effect is that a site embedded with an iframe, if you allow cookies to be saved, has partitioned storage and thus the same iframe on different sites has separate storage. in addition, unlike chrome, cookies are also treated by default as same-site = strict, so no top-level cookies are sent to embedded iframes.

what would you like instead?

A ui to turn this feature on or off would make it optional for users who are facing sites breaking.

this depends, that function has been active for a while and so far no one has complained. in the future we shall see, when chrome completely disables third-party cookies, I will not allow the use of shared storage anyway.

[Embassy4016]

Okay. Thought cromite only partitioned process and not storage for cookies. If cookies or site data don't use shared storage then there no need for any change. Though container tabs like feature from firefox would be great. This allows login into the same website with different accounts in different tabs during a session. Though this allows linking accounts and IP addresses for the site visited, partion of this kind still holds functional value for the user.

[uazo]

yes, I like it, but to be done right it must also be possible to exclude the automatic deletion of storage per tab. This would allow you to have, for example, a specific tab with a user logged in, which is useful if you need to access sites where the login is not yours but that of a relative and requires a two-factor security check to gain access.

[uazo]

a specific tab with a user logged in

unless profile management (in windows) already allows it

[Embassy4016]

Yes, but profiles are different and inconvenient compared to container tabs

[uazo]

but profiles are different and inconvenient compared to container tabs

in android. but in windows no.

[uazo]

example of storage separation by tab:

https://issuetracker.google.com/issues/335782518 see JNI_WebContentsFactory_CreateWebContentsWithSeparateStoragePartitionForExperiment in https://chromium-review.googlesource.com/c/chromium/src/+/5462668

https://chromium-review.googlesource.com/c/chromium/src/+/5296867