From 489a814f54cddec33fa4fd85f97b27e4a8c2e9a1 Mon Sep 17 00:00:00 2001
From: Anthony Restaino <anthonyrestaino11@gmail.com>
Date: Sat, 31 Jan 2015 22:36:19 -0500
Subject: [PATCH] Changes to make Incognito mode more secure and less likely to
 leak data to websites.

Changes for Incognito Settings
* Always disable location (even if explicitly set in settings)
* Never save passwords or form data
* Always set mixed content mode to NEVER ALLOW
* Disable DOM storage
---
 src/acr/browser/lightning/LightningView.java | 30 +++++++++++++++-----
 1 file changed, 23 insertions(+), 7 deletions(-)

diff --git a/src/acr/browser/lightning/LightningView.java b/src/acr/browser/lightning/LightningView.java
index e2ada31..edadd03 100644
--- a/src/acr/browser/lightning/LightningView.java
+++ b/src/acr/browser/lightning/LightningView.java
@@ -275,8 +275,12 @@ public class LightningView {
 
 		setColorMode(mPreferences.getInt(PreferenceConstants.RENDERING_MODE, 0));
 
-		mSettings.setGeolocationEnabled(mPreferences
-				.getBoolean(PreferenceConstants.LOCATION, false));
+		if (!mBrowserController.isIncognito()) {
+			mSettings.setGeolocationEnabled(mPreferences.getBoolean(PreferenceConstants.LOCATION,
+					false));
+		} else {
+			mSettings.setGeolocationEnabled(false);
+		}
 		if (API < 19) {
 			switch (mPreferences.getInt(PreferenceConstants.ADOBE_FLASH_SUPPORT, 0)) {
 				case 0:
@@ -313,11 +317,17 @@ public class LightningView {
 				break;
 		}
 
-		if (mPreferences.getBoolean(PreferenceConstants.SAVE_PASSWORDS, false)) {
+		if (mPreferences.getBoolean(PreferenceConstants.SAVE_PASSWORDS, false)
+				&& !mBrowserController.isIncognito()) {
 			if (API < 18) {
 				mSettings.setSavePassword(true);
 			}
 			mSettings.setSaveFormData(true);
+		} else {
+			if (API < 18) {
+				mSettings.setSavePassword(false);
+			}
+			mSettings.setSaveFormData(false);
 		}
 
 		if (mPreferences.getBoolean(PreferenceConstants.JAVASCRIPT, true)) {
@@ -388,12 +398,18 @@ public class LightningView {
 		if (API < 19) {
 			settings.setDatabasePath(context.getCacheDir() + "/databases");
 		}
-		if (API >= Build.VERSION_CODES.LOLLIPOP) {
-			mWebView.getSettings()
-					.setMixedContentMode(WebSettings.MIXED_CONTENT_COMPATIBILITY_MODE);
+		if (API >= Build.VERSION_CODES.LOLLIPOP && !mBrowserController.isIncognito()) {
+			settings.setMixedContentMode(WebSettings.MIXED_CONTENT_COMPATIBILITY_MODE);
+		} else if (API >= Build.VERSION_CODES.LOLLIPOP) {
+			// We're in Incognito mode, reject
+			settings.setMixedContentMode(WebSettings.MIXED_CONTENT_NEVER_ALLOW);
 		}
 		// TODO
-		settings.setDomStorageEnabled(true);
+		if (!mBrowserController.isIncognito()) {
+			settings.setDomStorageEnabled(true);
+		} else {
+			settings.setDomStorageEnabled(false);
+		}
 		settings.setAppCacheEnabled(true);
 		settings.setAppCachePath(context.getCacheDir().toString());
 		settings.setCacheMode(WebSettings.LOAD_DEFAULT);