30 June 2010
For occasions when you want to keep the sites that you visit private, Adobe Flash Player supports the private browsing mode found in many web browsers. Private browsing lets you browse the web without storing any history on your computer. Beginning with Flash Player 10.1, Flash Player integrates with your web browser to automatically clear stored data in accordance with your browser's private browsing settings.
General users: The first two sections of this article describe what private browsing is, and which browsers currently support this feature and integrate with Flash Player.
Advanced users: The third section describes subtle changes introduced with private browsing support beginning with Flash Player 10.1.
Developers: The last section details technical changes to keep in mind regarding local storage (local shared objects) and private browsing support beginning with Flash Player 10.1.
Web browsers typically remember information about sites you previously visited—a history of sites that you visit—to help you quickly retrace your steps online. For times when you do not want other people to see your history, many browsers offer a "private browsing" mode. When you turn on private browsing, these browsers will not remember any history, allowing you to hide your activity from other users sharing the same computer.
When you use private browsing mode, your web browser stores several types of information only temporarily. Once you leave private browsing, the browser will delete that data, including the record of your visit in the browser's history, cookies, and cached image files. This keeps your browsing private from other people that may use the same computer. This contrasts with normal browsing, where the browser remembers your history even after you've restarted your browser.
Starting with Flash Player 10.1, Flash Player will also automatically clear any data it might store during private browsing, helping to keep your history private.
Note: With some content, private browsing may cause unexpected behavior because Flash Player clears data that a website expects to remember. Keep that in mind when using this privacy feature.
Current versions of the following browsers support private browsing integration with Flash Player 10.1 and later:
The Flash Player behaviors discussed in this article apply only to these browsers.
Prior to Flash Player 10.1, the player behaved the same whether the browser was in private browsing or not. Browsers could clear browser data temporarily stored during a private browsing session, such as cookies and history, but they were unaware of the data stored in Flash Player local storage (also known as local shared objects or LSOs). To keep user information safe, information in Flash Player local storage is stored on a site-by-site basis—so that one website can never see information from another website. However, storing information on a site-by-site basis can leave a history of previously visited sites that have used local storage.
Starting with Flash Player 10.1, Flash Player actively supports the browser's private browsing mode, managing data in local storage so that it is consistent with private browsing. So when a private browsing session ends, Flash Player will automatically clear any corresponding data in local storage.
Additionally, Flash Player separates the local storage used in normal browsing from the local storage used during private browsing. So when you enter private browsing mode, sites that you previously visited will not be able to see information they saved on your computer during normal browsing. For example, if you saved your login and password in a web application powered by Flash during normal browsing, the site won't remember that information when you visit the site under private browsing, keeping your identity private.
Flash Player gives you control over your experience, enabling you to change settings through the Settings panel and the global Settings Manager. These will behave somewhat differently when you access them in private browsing mode.
The Settings panel lets you change settings for a specific piece of content running in Flash Player (also known as a SWF file) or the site where that content came from. For example, you might access the Settings panel to allow a website to use your camera or microphone. Open the Settings panel by right-clicking the SWF content and choosing "Settings..." from the context menu (note that the SWF file must have a size of at least 215 × 138 pixels to have space to display the panel). Figure 1 shows the context menu.
Flash Player does not save any information—including settings—in private browsing mode, since this information might reveal sites that you visited while using private browsing. Accordingly, settings options will be hidden. Tabs that modify domain-specific settings such as privacy (camera and microphone access) and local storage will not be displayed. Since you cannot set domain-specific settings in private browsing mode, Flash Player will use default settings from the global Settings Manager.
In private browsing mode, Flash Player will prevent content from requesting additional local storage, since Flash Player does not save any settings during private browsing mode. The default local storage limit of 100 KB still applies in private browsing. This storage is deleted when you end the private browsing session.
You can modify this limit using the global Settings Manager, under "Global Storage Settings" (see Figure 2). In Flash Player 10.1, open the Settings Manager by right-clicking a SWF file and choosing Global Settings from the context menu shown in Figure 1. The Settings Manager can also be accessed at adobe.com/go/settingsmanager.
The global Settings Manager controls settings that affect all content powered by Flash Player across all browsers on your machine. However, note that it only reflects domain settings from normal browsing mode and does not display information set or used during private browsing. Therefore, the Website Privacy Settings panel and the Website Storage Settings panel seen in the global Settings Manager do not apply to private browsing.
You can still use your camera and microphone in private browsing mode. By default, the global Settings Manager is set to always ask, so when you visit a site that uses camera and/or microphone, the camera and microphone dialog box will appear and request permission to access the camera and microphone. (If you never want to see this request, and thus always deny use of your camera and mic, you can set the global setting to always deny.)
The remainder of this article is aimed at developers creating content for Flash Player. Support for private browsing introduces changes that may impact developers using local storage (local shared objects, or LSOs). The following changes apply only when the browser is in private browsing mode.
Because users should be in control of how they want to view content, there is no way for developers to turn private browsing support on or off through ActionScript, and there is no ActionScript API to determine if private browsing mode is enabled.
Accordingly, if you are developing content that uses local storage, keep the following in mind:
Note the changes to the Settings panel behavior described earlier in the article. Also, note that the hidden Settings panel tabs cannot be shown using ActionScript through the
showSettings() API. If Flash Player is in private browsing mode, and a hidden tab is requested via
showSettings(), the default Video Display tab is shown instead.
Browsers vary greatly in their implementation of private browsing. Some spawn an entirely new window in private browsing. Some close your current session and spawn a new private browsing session. And some switch modes in place. Flash Player strives to provide a consistent experience in all supported environments. To accomplish this, Flash Player adheres to the strictest policy, and an instance of Flash Player will maintain the same private browsing state throughout its lifetime.
Upon creation, a Flash Player instance initializes to the current browsing mode of the browser. If the browser is in private browsing mode when the Flash Player instance is created, then that particular instance will forever be in private browsing mode. Likewise, if the browser is in normal browsing mode when the Flash Player instance is created, then that particular instance will forever be in normal browsing mode (private browsing is turned off). Accordingly, toggling private browsing on or off without refreshing the page or closing the private browsing window will not impact Flash Player.
Instead of saving local storage (local shared objects, or LSOs) on disk as it does during normal browsing, Flash Player stores LSOs in memory during private browsing. When you enter private browsing mode, this private browsing LSO store in memory is empty and you cannot access any existing LSOs on disk. This separates the temporary private browsing LSOs from your normal LSOs.
For example, suppose you're browsing normally (private browsing mode is off), you get to level 42 of a Flash-based game, and the game saves the level you're at in an LSO. Later, you enter private browsing mode and return to the game. Now that you're in private browsing mode, the game cannot read the value that was stored on disk during normal browsing. The game will behave as if you have never played it before, and will not remember your saved level.
In addition, any LSOs created during private browsing sessions cannot be accessed from normal browsing sessions. And as soon as the private browsing session ends, all private browsing LSOs are cleared.
In private browsing, Flash Player guarantees that a single instance of Flash Player can access its own LSOs. However, because of the inconsistencies between browsers, the player cannot guarantee access to LSOs stored from other instances of Flash Player during a private browsing session. And in some browsers, reloading a page clears private browsing LSOs because a new instance of Flash Player is created.
Flash Player has always allowed users to clear their LSOs at any time, but private browsing support makes this scenario more common. Plan for different behavior around LSOs when users enable private browsing. Add failure handling logic that is prepared for cleared LSOs to resolve those cases properly.
Private browsing is a useful tool for users who wish to exercise privacy on a shared computer or want to surf the web without storing any information about which sites or pages they have visited. Now with Flash Player 10.1, content that runs in Flash Player also supports private browsing and follows the same model, so that any data that is stored is cleared after the session ends. When using this privacy feature, keep in mind that content unprepared for private browsing may not behave as expected.
If you have problems or enhancement requests, please contact Adobe by filing a bug in our public Flash Player bug and issue management system. This is the best and fastest way to have the issue looked at by the Flash Player team. For more information, read Introducing the Flash Player bug and issue management system.