Birinci taraf çerezler, sayfanın üst kısmında yer alan URL çubuğundaki web sitesi tarafından oluşturulur.
İnternetin ilk günlerinde, ileri zamanlı erişimler için web sitelerinin bilgisayarda bilgi depolayabilmesinin avantajlı olacağı görüşü kesinlik kazandı. Örneğin, hava durumu bilgileri gösteren bir web sitesi, kullanıcıdan bir posta kodu isteyebilir ve daha sonra bunu bir çerezde depolar. Kullanıcının web sitesini bir sonraki ziyaretinde, posta kodunu tekrar girmesine gerek kalmadan hava durumu bilgisi otomatik olarak yüklenir.
Web’deki diğer her olayda olduğu gibi, bazı kötü amaçlı zeki insanlar, kullanıcıların ne olup bittiğini bilselerdi onaylamayacakları şeyleri yapmak için çerezleri kötüye kullanmanın her türlü yolunu buldular. Örneğin, bir web sitesi, bir cihazda özgün bir seri numarasına sahip bir çerez oluşturabilir. Daha sonra, bir kullanıcının o cihaz üzerinden web sitesini her ziyaretinde, cihaz farklı IP adreslerinden bağlansa bile, sunucunun o seri numarası için devam ettirdiği özgün profile bağlanabilir.
Almost all websites with logins require cookies to be enabled for a user to log in. That is how they make sure it is still you as you move from page to page on the site, and is, in my opinion, the only legitimate use for cookies.
Android’s System WebView treats cookies as an app-level setting, meaning that cookies are either on or off for all tabs in Privacy Browser. The result is that the cookies setting for whatever tab is currently displayed controls the cookies setting for all the background tabs as well. If you have a tab in that background that has cookies enabled so that you can be logged into a website, and switch to a tab that doesn't have cookies enabled, it disabled cookies for all the tabs. If the background tab makes a request, for example, to see if there is updated information, that request will be sent without cookies, which will cause the website to log you out. This is a limitation that will be removed with the release of Privacy WebView in the 4.x series.
If cookies are enabled but JavaScript is disabled, the privacy icon will be yellow as a warning.
Third-party cookies are set by portions of a website that are loaded from servers different from the URL at the top of the page. There is no good reason to ever enable third-party cookies. Privacy Browser 3.8 removed the option, and even Google is planning to disable them in the future.
Document Object Model storage, also known as web storage, is like cookies on steroids. Whereas the maximum combined storage size for all cookies from a single URL is 4 kilobytes, DOM storage can hold megabytes per site. Unlike cookies, DOM storage does not send all the data in the headers with every request. Rather, it uses JavaScript to read and write data, which means it does not function when JavaScript is disabled.
Form data contains information typed into web forms, like usernames, addresses, phone numbers, etc., and lists them in a drop-down box on future visits. Unlike the other forms of local storage, form data is not sent to the web server without specific user interaction. Beginning in Android Oreo (version 8.0, API 26), WebView’s form data was replaced by the Autofill service. As such, controls for form data no longer appear on newer Android devices.
Clear and Exit runs every time the last tab is closed or Clear and Exit is selected from the navigation menu.
By default it clears the cookies, DOM storage, form data, the logcat, and the WebView cache. Then it manually deletes the entire app_webview
and cache
directories.
The behavior of Clear and Exit can be configured in the settings.