Does Brave prevent websites from accessing bookmarks and history

If I’m not mistaken, in Firefox, this would be managed through the use of permissions. For example, extensions that want to download data to a users local drive need to obtain permission from the user.

I understand that extensions may be given access to bookmarks and history via API permissions, but can a script in a website have access to that kind of browser data?

UPDATE: Why is nobody answering this question? Is it a difficult question to answer ?

I apologize for the wait and we appreciate your patience. The difficulty of the question isn’t relevant - if you approached us for an answer you likely couldn’t find it yourself so your statement doesn’t track.

I’m more than happy to help you or any other user troubleshoot, resolve an issue, answer a question, clear up a subject or anything else one might need. However, demanding [free] support in this way is not appreciated. If you find yourself posting an important topic that doesn’t get answered again, you’re welcome to “bump”, but be respectful. Alternatively, feel free to message me directly if you feel strongly about getting your question or issue resolved (again, respectfully).

As for your question: In both the live release and Developer version of Brave, websites must request permission to access any user data, be it in your browser(bookmarks, history,etc) or your system (eg, camera, microphone, etc). The user must explicitly grant the site access to the requested permissions.
Note: You have the option, as you may have noticed, to automatically allow access to certain domains so that you’re not asked for access to the same permissions every time. Its relevant to note that this is still considered granting permission, as it’s still under the users control as to whether or not the site should continue to ask.

This applies to extensions as well, although the permissions granted are usually either required in order for the extension to run or individual permissions may be allowed/denied from within the extensions settings themselves.
Note: Pay attention when installing an extension to what you’re granting it access to. Many people will add and install an extension without a glance at what they’re agreeing to. You are notified of any and all data the extension has access to both before install (that is, in the CWS) and at install.

Briefly on the note of scripts - A script run can only access data in which it either has access to by default or would be granted access to. Some javascript is used to run/display ads, some may be used to prevent browsers with ad-blocking software from visiting a domain - it’s hard to give one catch-all answer to your question. If you’re feel concerned that a certain website may be using scripts to gather your information or attempt some other unauthorized action on/with your data - block it.

Hopefully this clears things up for you. Let me know if you need further explanation.

1 Like

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.