Scratchpad is basically a notepad that lets you evaluate JavaScript code in
the context of the frontmost tab. It is not tied to that tab... when you ask
it to run some code, it runs it in the frontmost tab at that time...
Vlad from QA summed it up nicely in IRC: "i would like the data to remain
from a developer's point of view, but it kind of contradicts with PB
behavior and expectations"
Since this is a developer tool, do we stick with the intuition that a
developer wants their Scratchpads to stick around regardless of what they're
browsing, or does the behavior of private browsing mode toward content
windows take precedence?
Kevin
--
Kevin Dangoor
work: http://mozilla.com/
email: kdan...@mozilla.com <k...@blazingthings.com>
blog: http://www.BlueSkyOnMars.com
> What data exactly are we talking about here? Just the JS written in the
> scratchpad window? I see no reason to throw that away when switching out of
> PB. Or is there some JS scope leakage from sites you were viewing in PB
> possible here?
>
Since Scratchpad runs against the frontmost tab, there shouldn't be leakage
of scope... so, yes, we're just talking about the JS.
It's *possible* that the JS you have in your Scratchpad could be related to
the site. For example, let's say you were running some test ajax requests:
$.get("/someurl/?secretcode=PASSWORD", function(data) {...});
Private Browsing aims to protect against persistent storage of data
which reveals your browsing history. I don't see any risk with regards
to that with Scratchpad, so I don't think we need any special handling.
If the Scratchpad were tied to a tab (like the View Source window), I'd
argue that we need to close it when leaving the private browsing mode
(as we do for View Source windows).
> It's *possible* that the JS you have in your Scratchpad could be related to
> the site. For example, let's say you were running some test ajax requests:
>
> $.get("/someurl/?secretcode=PASSWORD", function(data) {...});
For sure. But this is not something that we need to worry about, the
same way that we don't worry about what happens if a user copies and
pastes some similarly sensitive information into a text editor while in
Private Browsing mode.
Cheers,
Ehsan