A bug on Google Chrome, discovered by iOS developer Jeff Johnson, has been storing affiliated site data in local storage despite user settings stating otherwise, reported The Verge. Fortunately, Google was able to immediately patch the issue.
According to a post by Johnson on October 7, Chrome version 86.0.4240.75 for macOS retains site data for Google-affiliated websites such as Search and YouTube even when users enable the “Clear cookies and site data when you quit Chrome” setting.
Looking at the All cookies and site data page in Chrome Settings, Johnson observed that with this setting, Chrome deletes cookies and site data from other websites such as Apple’s after closing and relaunching the browser. The same behavior was observed by The Verge.
When he visited YouTube and Google search, then closed and relaunched the browser, it deleted only cookies but retained database storage, local storage, and service workers.
Johnson said, “Chrome respects the ‘Clear cookies and site data when you quit Chrome’ setting for apple.com but not entirely for youtube.com.”
He was able to make a workaround by adding YouTube to the list of sites that can never use cookies. He noted that “adding YouTube to ‘Always clear cookies when windows are closed.’”
The Verge noted that such information lets websites remember information about users when they revisit, while cookies track preferences and identities of the user across various sites.
It is important to note that only site data remains upon relaunching the browser, while cookies are deleted. However, such information can come in the form of “cookie-style data,” which can circumvent safety measures employed by users to prevent their info from being tracked.
Regarding this matter, a Google spokesperson issued a statement saying, “We are aware of a bug in Chrome that is impacting how cookies are cleared on some first-party Google websites.” Moreover, it is “investigating the issue, and plan to roll out a fix in the coming days.”
The Verge, when presented with the 86.0.4249.111 update, installed the rollout and observed that YouTube local and web data, as well as service workers, are purged upon closing. However, Google.com site info still remains.
A complete fix on the issue is yet to be released. Meanwhile, The Verge remarked that Google has been planning to completely phase out third-party cookies over the next couple of years, but is expected to face challenges in implementing this plan.
