I hope I didn't miss something somewhere, but I can't get to understand what is exactly happening with what I'm doing.

I'm programming a webapp and in my app I open programmatically a new page to search something in duckduckgo. I'm using the following code window.open("/?q=something") which is good for me.

This all works fine, but I noticed that when this code is executed, in my console, the following is logged:

Storage access automatically granted for tracker "" on "http://localhost:8000".

I'm wondering what this means.
I'm aware that it's probably not something related to duckduckgo itself, maybe just that they are nice enough to actually log something and be transparent.

What information is exactly shared with an external website when using window.open? What does this "granting access to the tracker" mean? Where is this log in my console ing from? Can an external site actually execute some javascript code in my current page? This seem strange to me and would sound disastrous for privacy.

I hope I didn't miss something somewhere, but I can't get to understand what is exactly happening with what I'm doing.

I'm programming a webapp and in my app I open programmatically a new page to search something in duckduckgo. I'm using the following code window.open("https://duckduckgo./?q=something") which is good for me.

This all works fine, but I noticed that when this code is executed, in my console, the following is logged:

Storage access automatically granted for tracker "https://duckduckgo." on "http://localhost:8000".

I'm wondering what this means.
I'm aware that it's probably not something related to duckduckgo itself, maybe just that they are nice enough to actually log something and be transparent.

What information is exactly shared with an external website when using window.open? What does this "granting access to the tracker" mean? Where is this log in my console ing from? Can an external site actually execute some javascript code in my current page? This seem strange to me and would sound disastrous for privacy.

• javascript
• privacy
• tracker
• duckduckgo

• 2 Documented here. I'm thinking you were automatically granted access because you've interacted with DDG before. – user47589 Commented Nov 20, 2019 at 19:32

1 Answer 1

So from what I understand from this firefox documentation page (plus a bit of experimenting with window.open):

When window.open is ran to open https://duckduckgo., this allow any tracker from https://duckduckgo. that would be loaded from localhost now or in the next 30 days, to have access to it's own domain storage (and not only the one of localhost).

The message is logged by firefox itself to inform that you just granted this right to https://duckduckgo..

(Thanks a lot Amy for the link that allowed me to learn and answer myself :))