Thoughts, bugs and ideas.
Featured-post chrome

Detecting incognito mode in Chrome 76

pwnr

tl;dr: Opening a web app in Chrome's Incognito mode imposes a special restriction on storage that doesn't apply to normal browsing contexts: there's a quota limit of around 100 megabytes, regardless of free space available on your device.

# Background

Recently Google has announced that it has patched the bug which was present until Chrome 74 ,which made incognito mode detection possible using FileSystem API loophole.

Until version 74  Chrome’s FileSystem API is disabled in Incognito Mode to avoid leaving traces of activity on someone’s device.  This loophole was used to deter metered paywall circumvention by some publishing platforms.

Chrome's private browsing principles and why its important.

https://www.blog.google/outreach-initiatives/google-news-initiative/protecting-private-browsing-chrome/


# Method

The setup is relatively simple: Special restriction on storage in  Chrome's Incognito mode can be used to determine if the current upper limit of storage is near to 100 mb. This can be used to determine when people are browsing in Incognito Mode.

The "Estimating Available Storage Space" article has more information on how you can  estimate available storage space.


  if ('storage' in navigator && 'estimate' in navigator.storage) {
    navigator.storage.estimate();
    .then(function(estimate){      
    if(estimate.quota/1e+6 < 116.361073){
    alert("Why Incognito ? " + estimate.quota/1e+6);
    } else{
        alert(estimate.quota/1e+6+ ' mb');
    }});
  }

# Results

You can test the script by clicking the following link Incognito Test

You can switch between browsing modes to view the difference.

Share twitter/ facebook/ copy link