JxBrowser: (why) can I (not) use URI path for cache directories?

Question

I evaluated JxBrowser a short while ago. The following questions came to mind: Can I use Java URIs to "reroute" all temporary files from the underlaying Chromium engine through a custom FileSystemProvider like encFs4J?

The reason I want to that is to comply with data privacy laws. Since browsers can not be forced by a web application to clear their cache or store any temporary files in a safe manner, I thought I could use JxBrowser for this. If I can handle all files myself, I can do some crypto magic so that (almost) no one has access to the data besides my application.

There is an API to define the directories via BrowserContextParams. However, only absolute paths are allowed. URIs are not accepted.

Instead of doing

BrowserContext context = new BrowserContext(new BrowserContextParams("C:\\Chromium\\Data"));
Browser browser1 = new Browser(context);

I would like to do something like

BrowserContext context = new BrowserContext(new BrowserContextParams(new URI("enc+file:///C:/Chromium/Data"));
Browser browser1 = new Browser(context);

Does anyone know of a way to tap into the file handling routines of a process like JxBrowser? Can I somehow add this functionality like a wrapper around it?

I considered using something like VeraCrypt for this. But this is no good in terms of usability since you have to install virtual harddrive drivers. This is overkill for a rather simple issue.

Answer 1

Underlying Chromium engine in JxBrowser does not use Java IO API to access files. There is only a path string to the data directory that is passed to Chromium engine and it decides by itself how to handle all IO operations.

There is a mode in Chromium called incognito. In that mode all the files, including cookies, cache, history are stored in memory, nothing is stored on the hard drive, so once you close the application, all the data will be cleared automatically. If this meets your requirements we could investigate how to enable incognito mode in JxBrowser.

Answer 2

I will accepting Artem's answer to the original question. Incognito / private browser sessions - as long as they do not store anything on hard disk - would be a perfect and simple solution.

---

Furthermore, I want to share my research on this topic. The following answer is not related to JxBrowser but to any 3rd party applications and libraries which do not support URI path or require additional safeguarding of (temporary) files.

Option 1: RamDisk

• needed: kernel mode driver for ram disk
• privileges: admin once (to install the driver)
• usability: might be seemless, if application can handle ram disk by code (not researched)

Installing a RamdDisk which can "catch" the files. If the ram disk only persists while the application is running, it is already automatically cleaned up. (not researched for feasibility) With an own ram disk implementation one could perform additional steps.

Option 2: Virtual File System, e.g. VeraCrypt

• needed: VeraCrypt, kernel mode driver
• privileges: admin once (to install the driver)
• usability: user has to mount container manually before using the application

Due to usability issues this was not further researched.

Option 3: embedded SMB server with local share

• needed: SMB server implementation (e.g. JVLAN for Java), creating a server and share in code
• privileges: user (Ports 1445 can be used under Linux etc.)
• usability: seemless for the user, but quite a complicated solution for a simple issue

Steps: start a SMB server by code, add a share and user authentication (optional), mount the share to a local drive (windows) or mount point (linux), use an absolute path to access the files on the locally mounted share. If the application crashes, then the volatile / in-memory key for the "real" file encryption of the SMB server is lost and the files are safe from other eyes.

This option also has more potential, like clearing files once they got read, controling the access to third party apps and many more - even freakier - ideas.