Safari private mode is reproducibly broken as of 2012 0524 on my completely updated macbook running OSX 10.7.4 and Safari 5.1.7 (7534.57.2). Software update lists no available updates.
My expectation, as set by the dialog box displayed when entering private browsing mode, was that no cookies created during the private browsing session would persist. The dialog box doesn’t specifically mention cookies, but the help accessed via clicking the question mark on the dialog box has this to say:
Any changes made to cookies are discarded when you turn off Private Browsing.
Therefore I thought that if I started safari, entered private mode, logged in to amazon, exited private mode, then restarted private mode and returned to amazon that I would be logged out because amazon would have no cookies to identify me. Instead, I’m still logged in to amazon and amazon remembers my session. This is true even if I quit safari after exiting private mode and before restarting it, verifying the process has exited via
1 2 | |
Reproduction steps:
- start safari
- clear all stored data (Preferences –> Privacy tab –> Remove All Website Data)
- start private mode
- navigate to amazon.com
- verify no amazon cookies exist (Develop –> Web Inspector –> delete amazon.com cookies, if any)
- login to amazon
- exit private mode
- quit safari and verify process ending via ps, as above
- start safari
- . start private mode
- . navigate to amazon.com
- . your amazon.com user is still logged in
Note that if you exit private mode then immediately reenter private mode without quitting safari, the amazon.com cookies created in private mode are deleted as safari claims. That is, if you replace step 7 above with:
- start private mode again
- navigate to amazon.com
Then your user will not be logged in and cookies will not have persisted.
Edit: as of 2012 0706, I found a workaround.