Google email in incognito is remembered in regular window.

Steps to reproduce:
Login to a website in private window, open that website in normal window. It shows logged in.

Expected behavior:
Private window cookies should be separate from normal window. Login in private window should not log me in normal one.

Orion, OS version; hardware type:
Version 0.99.120.1-beta (WebKit 614.1.20), macOS Monterey, MacBook Pro M1

Image/Video:
<Copy/paste or drag and drop to upload images or videos (up to 20MB)>

Orion is retaining some website data for private window sessions, even after you close all private windows and relaunch the browser. What data is retained is unknown, because there is currently no way to view this (at least I don't know where to see it without visiting the website again).

Steps to reproduce:
I made sure to have the setting Orion opens with set to "All non-private windows from last session", just to be sure that is not letting through data to be retained.

1. check under Settings > Privacy > Manage to make sure the domain you're testing it on is not listed, also helpful if you never visited the domain before (I had less than 30 domains listed here to begin with)
2. Open new private window (cmd+shift+n)
3. Open google.com to make sure the auto suggestions are not preloading the page you're testing with, just in case
4. Search for your domain, in my example: dagbladet
5. Open the first link (dagbladet.no)
6. Close private window (I closed with the red dot)
7. Close Orion with cmd+q
8. Relaunch Orion
9. Open Settings > Privacy > Manage

You will now see your domain listed, even though you browsed it in private window (in my example dagbladet.no)

Expected behavior:
No website should ever store any cookies, or any kind of data if I only browse them in a private window without downloading files, bookmarking or storing passwords.

Orion, OS version; hardware type:
Orion 0.99.120.1-beta (WebKit 614.1.20), iMac M1 2021 24", macOS Monterey 12.6

This is quite a serious privacy issue. Even if it doesn't retain any data, it is still leaking and retaining what websites you browse to those that may inspect the browser on the computer.

Another thing I found out:

1. In private window, I logged in to Google account at docs.google.com with my work email (it's custom domain, not gmail.com)
2. I opened mail.google.com in normal non-private window and it populated the "Add Gmail to your Google Account" with my work email, even though I had all Google and related cookies/data erased in normal window, I cleared them before attempting either of the two logins.

Orion is clearly leaking data from private into non-private.

One more important thing to mention: I have all 3rd party extensions disabled under Window > Extensions.

I can confirm that it also happens to me on the version 0.99.120.1-beta (WebKit 614.1.20).
I've also experienced a few times that logging in to another Google account would make all the logged-in sessions in my normal window disappear.
It also happens on WordPress.com in a more intricate way:

1. Logging in as account A in a normal browser instance, go to WordPress.com and see that I've logged in properly.
2. Logging in as account B in a private browser instance, now go back to the same normal window that the user A is logged in and refresh. The page won't load, and the network inspector would show several errors due to "this user is not authorized to access this resource".

My assumption is that it's not a one way leaking; it feels more like the private and the normal session share the data store that shouldn't have shared.

Looks somewhat related to https://orionfeedback.org/d/3210-google-email-in-incognito-is-remembered-in-regular-window

Looks like there might be the same bug driving all these issues.

Hopefully it is fixed soon. Right now I cannot use the browser in this state, I rely too much on private window logic, even though I have already replaced Chrome with Orion as my primary browser for almost everything.

frin As indicated above, it will be fixed in the next release. Thanks for reporting!

In the case of Safari, it is not actually "private window", but rather "private tab". What I mean is that, as soon as a private tab gets closed, all the data (including cache and cookies) associated with that tab gets deleted. Closing a private window should be considered as closing all the private tabs in that window, and accordingly the data should be deleted. Also, no two private tabs should be allowed to share any kind of data.

Steps to reproduce:

1. Open a Private Browsing window.
2. Visit a website and log in. (I've tested this with several websites including Twitter)
3. Close the window.
4. Visit the same website in a regular window.

I am logged into the account I logged into in the private window, even if I was already logged into a different account previously.

Expected behavior:
Private Browsing windows should not save any cookies, or at least not beyond the life of the private window.

Orion, OS version; hardware type:
Version 0.99.120.1-beta (WebKit 614.1.20)
MacBook Pro (macOS Monterey 12.4 build 21F79)

Duplicate of #3303 and #3210; fixed in 0.99.120.1.3-rc

tuesday Thanks. FYI under Reply button you have Flag option which allows to flag something as duplicate in a way mods can act upon easilly

Open a Private window and browse some websites. Doesn't matter if you login to some websites or not. After you're done quit the browser. Then, when you start Orion again from the scratch and check Preferences - Privacy - Cookies and Site Data - Manage you can still see all the websites' traces so have to delete it manually.

Browsing Privately shouldn't save any site data or at the very least automatically delete it on browser restart

Orion Version 0.99.120.1-beta (WebKit 614.1.20), MBA M1 Monterey

Image/Video:
<Copy/paste or drag and drop to upload images or videos (up to 20MB)>