npm - is-incognito-mode - Versions diffs - 2.0.1 → 2.1.0 - Mend

is-incognito-mode 2.0.1 → 2.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,70 @@
 # Changelog
+## 2.1.0
+### Minor Changes
+- Robust per-engine detection — fixes Chrome incognito false negatives for good.
+  **The problem.** Chrome now deliberately fakes `navigator.storage.estimate().quota`
+  at `usage + 10 GiB` in _every_ mode, specifically to defeat incognito detection.
+  Any threshold on that value — 120 MiB, 1 GiB, anything — is therefore unreliable
+  on modern Chrome.
+  **The fix.** Detection is now per-engine, using the signal that actually still
+  leaks for each:
+  - **Chromium** — reads the legacy `navigator.webkitTemporaryStorage` quota
+    (which is _not_ faked) and compares it to `performance.memory.jsHeapSizeLimit`.
+    An incognito quota is memory-bound and stays below ~2× the heap limit; a
+    normal quota is disk-bound and far above it. The test is device-relative, so
+    there is no brittle fixed byte count.
+  - **Firefox & Safari** — probes the Origin Private File System via
+    `navigator.storage.getDirectory()`, which is rejected in private mode
+    (Firefox: a security error; Safari: "unknown transient reason").
+  - **Legacy Edge / IE** — unchanged `PointerEvent` + `indexedDB` heuristic.
+  - Legacy `localStorage` / `indexedDB.open` probes are retained as fallbacks for
+    older Safari and Firefox without OPFS.
+  **API changes (all backward compatible at runtime):**
+  - `isIncognito()`, `detectIncognito()`, `DetectionResult`, and
+    `IncognitoDetectionError` are unchanged.
+  - `DetectionResult.strategy` values changed: new `chromium-quota` and
+    `opfs-probe`; `storage-quota` removed. The `strategy` field is informational
+    (debugging / analytics); switch on it accordingly.
+  - New exported types: `PerformanceLike`, `DeprecatedStorageQuota`.
+  - `NavigatorLike` / `WindowLike` / `StorageManagerLike` gained optional fields
+    (`webkitTemporaryStorage`, `performance`, `getDirectory`).
+  - `DEFAULT_PRIVATE_QUOTA_BYTES` (1 GiB) is retained as the fallback heap limit
+    used when `performance.memory` is unavailable.
+  - `privateQuotaThresholdBytes`, when set, still forces an absolute byte cutoff
+    for the Chromium strategy.
+  Reference: this mirrors the techniques in the actively-maintained
+  `detectIncognito` library (v1.6.2).
+## 2.0.2
+### Patch Changes
+- Fix: Chrome incognito false negative — raise default quota threshold from 120 MiB to 1 GiB.
+  Chrome 110+ raised the per-tab incognito storage ceiling: a private tab on a
+  desktop commonly reports `navigator.storage.estimate().quota` in the
+  500 MiB–1 GiB range. With the previous 120 MiB cutoff, every modern Chromium
+  incognito session was misclassified as normal.
+  `DEFAULT_PRIVATE_QUOTA_BYTES` is now `1024 × 1024 × 1024` (1 GiB), matching the
+  threshold used by the actively-maintained `detectIncognito` library and
+  covering Chromium, Firefox, and Safari private modes. Normal-mode quotas on
+  modern desktops are tens-to-hundreds of GiB so the safety margin is large.
+  A regression test pins the behaviour at a 800 MiB quota (the heart of the
+  modern Chromium incognito band).
+  If you previously depended on the 120 MiB cutoff, pass
+  `privateQuotaThresholdBytes: 120 * 1024 * 1024` to `detectIncognito()` to
+  restore the old behaviour.
 ## 2.0.1
 ### Patch Changes

package/README.md CHANGED Viewed

@@ -54,9 +54,9 @@ a typed object with `browser`, `confidence`, `quota`, and `strategy` fields.
 Browsers don't expose a "private mode" API on purpose — but private windows
 still leak the fact through **resource limits** and **storage shape**.
-`is-incognito-mode` packages the current state-of-the-art detection (quota
-probing via `navigator.storage.estimate()`) as a tiny, typed, zero-dep module,
-so you can stop hand-rolling heuristics that browsers patched out in 2019.
+`is-incognito-mode` packages the current state-of-the-art per-engine detection
+as a tiny, typed, zero-dep module, so you can stop hand-rolling heuristics that
+browsers patched out years ago.
 A few real-world fits:
@@ -104,35 +104,51 @@ static file, no build step).
 ## How it decides (under the hood)
-The library tries the cleanest signal first and falls back to engine-specific
-probes for older browsers. Click to expand:
+There is no single cross-browser signal — each engine leaks private mode in a
+different place — so the library picks the right probe per engine.
 <details>
 <summary>Detection flow diagram</summary>
 ```mermaid
 flowchart TD
-    A[detectIncognito] --> B{navigator.storage<br/>.estimate available?}
-    B -- yes --> C{quota &lt; 120 MiB?}
-    C -- yes --> R1([private — high confidence])
-    C -- no --> R2([normal — high confidence])
-    B -- no --> D{which browser?}
-    D -- Safari/WebKit --> E[localStorage probe<br/>+ openDatabase probe]
-    D -- Firefox --> F[indexedDB.open error path]
-    D -- Edge legacy / IE --> G[PointerEvent + window.indexedDB heuristic]
+    A[detectIncognito] --> D{which engine?}
+    D -- Chromium --> C1[webkitTemporaryStorage quota]
+    C1 --> C2{quota &lt; 2 × jsHeapSizeLimit?}
+    C2 -- yes --> R1([private — high confidence])
+    C2 -- no --> R2([normal — high confidence])
+    D -- Firefox --> F1["navigator.storage.getDirectory() — OPFS"]
+    F1 --> F2{rejected with a security error?}
+    F2 -- yes --> R3([private — high confidence])
+    F2 -- no --> R4([normal — high confidence])
+    D -- Safari/WebKit --> S1["navigator.storage.getDirectory() — OPFS"]
+    S1 --> S2{rejected 'unknown transient reason'?}
+    S2 -- yes --> R5([private])
+    S2 -- no --> R6([normal])
+    D -- Edge legacy / IE --> G[PointerEvent + indexedDB heuristic]
     D -- unknown --> X([throw UNSUPPORTED_BROWSER])
-    E --> R3([private/normal — medium])
-    F --> R4([private/normal — low])
-    G --> R5([private/normal — low])
 ```
 </details>
-The default threshold is **120 MiB** — Chromium gives incognito tabs ~10 % of
-disk capped at 120 MiB, and Firefox / Safari private modes cap similarly.
-Devices with very small total storage can hit false positives; raise the
-threshold or lower-bound against `navigator.deviceMemory * 1 GiB` if that
-matters to you.
+**Chromium (Chrome, Edge, Brave, Opera, …).** Chrome deliberately fakes
+`navigator.storage.estimate().quota` at `usage + 10 GiB` in _every_ mode
+specifically to defeat detection — so that API is useless. The library instead
+reads the **legacy `navigator.webkitTemporaryStorage`** quota, which still
+reports the real per-origin limit: disk-bound (huge) in a normal tab,
+memory-bound (small) in incognito. It compares that to
+`performance.memory.jsHeapSizeLimit` — a per-renderer constant — so the test
+adapts to the device instead of relying on a brittle fixed byte count.
+**Firefox & Safari.** The **Origin Private File System**
+(`navigator.storage.getDirectory()`) is rejected in private mode — Firefox
+throws a security error, Safari throws "unknown transient reason". A clean
+resolve means a normal window.
+**Legacy Edge / IE.** No `indexedDB` while `PointerEvent` exists → private.
+If you need to override the Chromium heuristic with an absolute byte cutoff,
+pass `privateQuotaThresholdBytes` (see [Tuning](#tuning-the-detection)).
 ---
@@ -157,7 +173,7 @@ const { isPrivate, browser, confidence, quota, strategy } =
 console.log(
   `${browser} (${confidence}) — strategy: ${strategy}, quota: ${quota}`,
 );
-// → "chromium (high) — strategy: storage-quota, quota: 33554432"
+// → "chromium (high) — strategy: chromium-quota, quota: 629145600"
 ```
 Fields on `DetectionResult`:
@@ -166,25 +182,29 @@ Fields on `DetectionResult`:
 | ------------ | ----------------------------- | ----------------------------------------------------------------------------------------- |
 | `isPrivate`  | `boolean`                     | Final verdict.                                                                            |
 | `browser`    | `BrowserName`                 | Coarse engine: `chromium`, `firefox`, `safari`, `webkit`, `edge-legacy`, `ie`, `unknown`. |
-| `confidence` | `'high' \| 'medium' \| 'low'` | `high` for direct quota signal; `low` for legacy heuristics.                              |
-| `quota`      | `number \| null`              | Total storage quota in bytes, when `storage.estimate()` was available.                    |
-| `strategy`   | `DetectionStrategyName`       | Which probe produced the verdict.                                                         |
+| `confidence` | `'high' \| 'medium' \| 'low'` | `high` for the primary per-engine probe; `low` for legacy heuristics.                     |
+| `quota`      | `number \| null`              | Temporary-storage quota in bytes (Chromium); `null` for the OPFS and legacy strategies.   |
+| `strategy`   | `DetectionStrategyName`       | Which probe produced the verdict — see [How it decides](#how-it-decides-under-the-hood).  |
-### Tuning the quota threshold
+### Tuning the detection
+The Chromium strategy is **self-calibrating by default** — it compares the
+temporary-storage quota to the device's JS heap limit, so you normally do not
+need to configure anything. For an absolute byte cutoff instead, pass
+`privateQuotaThresholdBytes`:
 ```ts
-import {
-  detectIncognito,
-  DEFAULT_PRIVATE_QUOTA_BYTES,
-} from 'is-incognito-mode';
+import { detectIncognito } from 'is-incognito-mode';
+// Classify a Chromium tab as private if its temporary-storage quota is
+// below 2 GiB, instead of the default heap-relative heuristic.
 const result = await detectIncognito({
-  privateQuotaThresholdBytes: DEFAULT_PRIVATE_QUOTA_BYTES * 2,
+  privateQuotaThresholdBytes: 2 * 1024 * 1024 * 1024,
 });
 ```
-Default is **120 MiB**. Raise it if you see false positives on small-disk
-devices.
+`DEFAULT_PRIVATE_QUOTA_BYTES` (1 GiB) is exported as a reference value — it is
+the fallback heap limit used when `performance.memory` is unavailable.
 ### Injecting globals (for testing)
@@ -198,14 +218,19 @@ const result = await detectIncognito({
   globals: {
     navigator: {
       userAgent: 'Mozilla/5.0 ... Chrome/131.0',
-      storage: {
-        estimate: () => Promise.resolve({ quota: 32 * 1024 * 1024 }),
+      // Legacy quota API: a small, memory-bound quota — i.e. an incognito tab.
+      webkitTemporaryStorage: {
+        queryUsageAndQuota: (onSuccess) => {
+          onSuccess(0, 600 * 1024 * 1024); // 600 MiB granted
+        },
       },
     },
-    window: {},
+    window: {
+      performance: { memory: { jsHeapSizeLimit: 4 * 1024 * 1024 * 1024 } },
+    },
   },
 });
-// result.isPrivate === true
+// result.isPrivate === true  (600 MiB < 2 × 4 GiB)
 ```
 ### Error handling
@@ -226,7 +251,7 @@ try {
         // Probably a bot / curl / node-fetch
         break;
       case 'PROBE_FAILED':
-        // Storage API rejected, no fallback applied
+        // The engine's probe could not produce a verdict
         break;
     }
   }
@@ -266,16 +291,16 @@ Full generated reference: **<https://yankouskia.github.io/is-incognito-mode/>**
 ### Browsers
-| Engine                 | Detection strategy              | Confidence |
-| ---------------------- | ------------------------------- | ---------- |
-| Chromium ≥ 80          | `navigator.storage.estimate`    | high       |
-| Firefox ≥ 75           | `navigator.storage.estimate`    | high       |
-| Safari ≥ 13            | `navigator.storage.estimate`    | high       |
-| Older Safari / WebKit  | `localStorage` + `openDatabase` | medium-low |
-| Older Firefox          | `indexedDB.open` error path     | low        |
-| Edge (legacy)          | `PointerEvent` heuristic        | low        |
-| IE 10–11               | `PointerEvent` heuristic        | low        |
-| All others (`unknown`) | throws `UNSUPPORTED_BROWSER`    | —          |
+| Engine                 | Detection strategy                           | Confidence |
+| ---------------------- | -------------------------------------------- | ---------- |
+| Chromium ≥ 76          | `webkitTemporaryStorage` quota vs heap limit | high       |
+| Firefox ≥ 111          | OPFS `navigator.storage.getDirectory()`      | high       |
+| Safari ≥ 15.2          | OPFS `navigator.storage.getDirectory()`      | high       |
+| Older Safari / WebKit  | `localStorage` + `openDatabase` probes       | medium-low |
+| Older Firefox          | `indexedDB.open` error path                  | low        |
+| Edge (legacy)          | `PointerEvent` + `indexedDB` heuristic       | low        |
+| IE 10–11               | `PointerEvent` + `indexedDB` heuristic       | low        |
+| All others (`unknown`) | throws `UNSUPPORTED_BROWSER`                 | —          |
 ### Node / runtimes
@@ -293,15 +318,15 @@ Rollup, esbuild, Bun, and Deno.
 ## What's new in v2
-|                     | v1.x                                                     | v2.0                                                         |
-| ------------------- | -------------------------------------------------------- | ------------------------------------------------------------ |
-| Detection technique | FileSystem API + IndexedDB + localStorage + PointerEvent | `navigator.storage.estimate()` quota (with legacy fallbacks) |
-| TypeScript          | shipped JS only                                          | strict TypeScript source, full `.d.ts`                       |
-| Module formats      | UMD + CJS                                                | ESM + CJS dual publish                                       |
-| Dependencies        | `get-browser`                                            | **zero**                                                     |
-| Bundle size         | ~3 kB min+gzip                                           | **~1 kB min+gzip**                                           |
-| Engines             | Node ≥ 8                                                 | Node ≥ 20                                                    |
-| Error model         | `throw 'string'`                                         | `IncognitoDetectionError` with `code`                        |
+|                     | v1.x                                                     | v2.0                                                                |
+| ------------------- | -------------------------------------------------------- | ------------------------------------------------------------------- |
+| Detection technique | FileSystem API + IndexedDB + localStorage + PointerEvent | per-engine probes: Chromium temp-storage quota, Firefox/Safari OPFS |
+| TypeScript          | shipped JS only                                          | strict TypeScript source, full `.d.ts`                              |
+| Module formats      | UMD + CJS                                                | ESM + CJS dual publish                                              |
+| Dependencies        | `get-browser`                                            | **zero**                                                            |
+| Bundle size         | ~3 kB min+gzip                                           | **~1 kB min+gzip**                                                  |
+| Engines             | Node ≥ 8                                                 | Node ≥ 20                                                           |
+| Error model         | `throw 'string'`                                         | `IncognitoDetectionError` with `code`                               |
 See [`BREAKING_CHANGES.md`](./BREAKING_CHANGES.md) for migration recipes
 and [`DECISIONS.md`](./DECISIONS.md) for the reasoning behind each big call.

package/dist/index.cjs CHANGED Viewed

@@ -31,33 +31,53 @@ var IncognitoDetectionError = class extends Error {
 };
 // src/strategies.ts
-var DEFAULT_PRIVATE_QUOTA_BYTES = 120 * 1024 * 1024;
+var DEFAULT_PRIVATE_QUOTA_BYTES = 1024 * 1024 * 1024;
+var HEAP_QUOTA_MULTIPLIER = 2;
 var PROBE_KEY = "__is_incognito_mode_probe_cd1394e6__";
 async function runStrategies(browser, globals, options) {
   const errors = [];
-  if (canUseStorageEstimate(globals)) {
-    try {
-      const result = await detectViaStorageQuota(browser, globals, options);
-      if (result !== null) return result;
-    } catch (error) {
-      errors.push(error);
-    }
-  }
   switch (browser) {
-    case "safari":
-    case "webkit": {
-      const result = detectViaSafariStorage(browser, globals);
+    case "chromium": {
+      const result = await attempt(
+        () => detectViaChromiumQuota(browser, globals, options),
+        errors
+      );
       if (result !== null) return result;
       break;
     }
     case "firefox": {
-      const result = await detectViaFirefoxIndexedDB(browser, globals);
-      if (result !== null) return result;
+      const opfs = await attempt(
+        () => detectViaOpfsProbe(browser, globals, "Security error"),
+        errors
+      );
+      if (opfs !== null) return opfs;
+      const idb = await attempt(
+        () => detectViaFirefoxIndexedDB(browser, globals),
+        errors
+      );
+      if (idb !== null) return idb;
+      break;
+    }
+    case "safari":
+    case "webkit": {
+      const opfs = await attempt(
+        () => detectViaOpfsProbe(browser, globals, "unknown transient reason"),
+        errors
+      );
+      if (opfs !== null) return opfs;
+      const legacy = await attempt(
+        () => detectViaSafariStorage(browser, globals),
+        errors
+      );
+      if (legacy !== null) return legacy;
       break;
     }
     case "edge-legacy":
     case "ie": {
-      const result = detectViaLegacyEdge(browser, globals);
+      const result = await attempt(
+        () => detectViaLegacyEdge(browser, globals),
+        errors
+      );
       if (result !== null) return result;
       break;
     }
@@ -68,24 +88,75 @@ async function runStrategies(browser, globals, options) {
     errors.length > 0 ? { cause: errors[0] } : void 0
   );
 }
-function canUseStorageEstimate(globals) {
-  return typeof globals.navigator?.storage?.estimate === "function";
+async function attempt(strategy, errors) {
+  try {
+    return await strategy();
+  } catch (error) {
+    errors.push(error);
+    return null;
+  }
 }
-async function detectViaStorageQuota(browser, globals, options) {
-  const storage = globals.navigator?.storage;
-  if (!storage?.estimate) return null;
-  const estimate = await storage.estimate();
-  const quota = typeof estimate.quota === "number" ? estimate.quota : null;
+async function detectViaChromiumQuota(browser, globals, options) {
+  const tempStorage = globals.navigator?.webkitTemporaryStorage;
+  if (typeof tempStorage?.queryUsageAndQuota !== "function") return null;
+  const quota = await new Promise((resolve) => {
+    let settled = false;
+    const settle = (value) => {
+      if (!settled) {
+        settled = true;
+        resolve(value);
+      }
+    };
+    try {
+      tempStorage.queryUsageAndQuota(
+        (_used, grantedQuota) => {
+          settle(typeof grantedQuota === "number" ? grantedQuota : null);
+        },
+        () => {
+          settle(null);
+        }
+      );
+    } catch {
+      settle(null);
+    }
+  });
   if (quota === null) return null;
-  const isPrivate = quota < options.privateQuotaThresholdBytes;
+  const isPrivate = options.privateQuotaThresholdBytes === void 0 ? quota < chromiumHeapLimit(globals) * HEAP_QUOTA_MULTIPLIER : quota < options.privateQuotaThresholdBytes;
   return {
     isPrivate,
     browser,
     confidence: "high",
     quota,
-    strategy: "storage-quota"
+    strategy: "chromium-quota"
   };
 }
+function chromiumHeapLimit(globals) {
+  const limit = globals.window?.performance?.memory?.jsHeapSizeLimit;
+  return typeof limit === "number" && limit > 0 ? limit : DEFAULT_PRIVATE_QUOTA_BYTES;
+}
+async function detectViaOpfsProbe(browser, globals, privateErrorFragment) {
+  const storage = globals.navigator?.storage;
+  if (typeof storage?.getDirectory !== "function") return null;
+  try {
+    await storage.getDirectory();
+    return {
+      isPrivate: false,
+      browser,
+      confidence: "high",
+      quota: null,
+      strategy: "opfs-probe"
+    };
+  } catch (error) {
+    const message = error instanceof Error ? error.message : String(error);
+    return {
+      isPrivate: message.includes(privateErrorFragment),
+      browser,
+      confidence: "high",
+      quota: null,
+      strategy: "opfs-probe"
+    };
+  }
+}
 function detectViaSafariStorage(browser, globals) {
   const storage = globals.window?.localStorage;
   if (!storage) {
@@ -186,17 +257,8 @@ function detectViaLegacyEdge(browser, globals) {
   if (!win) return null;
   const hasIndexedDB = Boolean(win.indexedDB ?? globals.indexedDB);
   const hasPointer = Boolean(win.PointerEvent ?? win.MSPointerEvent);
-  if (!hasIndexedDB && hasPointer) {
-    return {
-      isPrivate: true,
-      browser,
-      confidence: "low",
-      quota: null,
-      strategy: "legacy-edge"
-    };
-  }
   return {
-    isPrivate: false,
+    isPrivate: !hasIndexedDB && hasPointer,
     browser,
     confidence: "low",
     quota: null,
@@ -217,10 +279,11 @@ async function detectIncognito(options = {}) {
     userAgent: globals.navigator.userAgent,
     ...globals.navigator.vendor === void 0 ? {} : { vendor: globals.navigator.vendor }
   });
-  const threshold = options.privateQuotaThresholdBytes ?? DEFAULT_PRIVATE_QUOTA_BYTES;
-  return runStrategies(browser, globals, {
-    privateQuotaThresholdBytes: threshold
-  });
+  return runStrategies(
+    browser,
+    globals,
+    options.privateQuotaThresholdBytes === void 0 ? {} : { privateQuotaThresholdBytes: options.privateQuotaThresholdBytes }
+  );
 }
 async function isIncognito(options = {}) {
   const result = await detectIncognito(options);

package/dist/index.cjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../src/browser.ts","../src/errors.ts","../src/strategies.ts","../src/detect.ts"],"names":["indexedDB"],"mappings":";;;;;AAqBA,IAAM,iBAAiB,CAAC,SAAA,EAAW,QAAA,EAAU,WAAA,EAAa,QAAQ,MAAM,CAAA;AAQjE,SAAS,cAAc,MAAA,EAAuC;AACnE,EAAA,MAAM,EAAA,GAAA,CAAM,MAAA,EAAQ,SAAA,IAAa,EAAA,EAAI,WAAA,EAAY;AACjD,EAAA,MAAM,MAAA,GAAA,CAAU,MAAA,EAAQ,MAAA,IAAU,EAAA,EAAI,WAAA,EAAY;AAElD,EAAA,IAAI,CAAC,IAAI,OAAO,SAAA;AAEhB,EAAA,IAAI,EAAA,CAAG,SAAS,OAAO,CAAA,IAAK,GAAG,QAAA,CAAS,UAAU,GAAG,OAAO,IAAA;AAC5D,EAAA,IAAI,EAAA,CAAG,QAAA,CAAS,OAAO,CAAA,EAAG,OAAO,aAAA;AACjC,EAAA,IAAI,EAAA,CAAG,SAAS,UAAU,CAAA,IAAK,GAAG,QAAA,CAAS,QAAQ,GAAG,OAAO,SAAA;AAE7D,EAAA,MAAM,iBAAA,GAAoB,eAAe,IAAA,CAAK,CAAC,SAAS,EAAA,CAAG,QAAA,CAAS,IAAI,CAAC,CAAA;AACzE,EAAA,IAAI,mBAAmB,OAAO,UAAA;AAK9B,EAAA,IAAI,EAAA,CAAG,SAAS,SAAS,CAAA,KAAM,OAAO,QAAA,CAAS,OAAO,CAAA,IAAK,CAAC,MAAA,CAAA,EAAS;AACnE,IAAA,OAAO,QAAA;AAAA,EACT;AACA,EAAA,IAAI,EAAA,CAAG,QAAA,CAAS,cAAc,CAAA,EAAG,OAAO,QAAA;AAExC,EAAA,OAAO,SAAA;AACT;;;ACtBO,IAAM,uBAAA,GAAN,cAAsC,KAAA,CAAM;AAAA,EAC/B,IAAA,GAAO,yBAAA;AAAA,EAChB,IAAA;AAAA,EAET,WAAA,CACE,IAAA,EACA,OAAA,EACA,OAAA,EACA;AACA,IAAA,KAAA,CAAM,SAAS,OAAO,CAAA;AACtB,IAAA,IAAA,CAAK,IAAA,GAAO,IAAA;AAAA,EACd;AACF;;;AC1BO,IAAM,2BAAA,GAA8B,MAAM,IAAA,GAAO;AAMxD,IAAM,SAAA,GAAY,sCAAA;AAOlB,eAAsB,aAAA,CACpB,OAAA,EACA,OAAA,EACA,OAAA,EAC0B;AAC1B,EAAA,MAAM,SAAoB,EAAC;AAG3B,EAAA,IAAI,qBAAA,CAAsB,OAAO,CAAA,EAAG;AAClC,IAAA,IAAI;AACF,MAAA,MAAM,MAAA,GAAS,MAAM,qBAAA,CAAsB,OAAA,EAAS,SAAS,OAAO,CAAA;AACpE,MAAA,IAAI,MAAA,KAAW,MAAM,OAAO,MAAA;AAAA,IAC9B,SAAS,KAAA,EAAO;AACd,MAAA,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,IACnB;AAAA,EACF;AAGA,EAAA,QAAQ,OAAA;AAAS,IACf,KAAK,QAAA;AAAA,IACL,KAAK,QAAA,EAAU;AACb,MAAA,MAAM,MAAA,GAAS,sBAAA,CAAuB,OAAA,EAAS,OAAO,CAAA;AACtD,MAAA,IAAI,MAAA,KAAW,MAAM,OAAO,MAAA;AAC5B,MAAA;AAAA,IACF;AAAA,IACA,KAAK,SAAA,EAAW;AACd,MAAA,MAAM,MAAA,GAAS,MAAM,yBAAA,CAA0B,OAAA,EAAS,OAAO,CAAA;AAC/D,MAAA,IAAI,MAAA,KAAW,MAAM,OAAO,MAAA;AAC5B,MAAA;AAAA,IACF;AAAA,IACA,KAAK,aAAA;AAAA,IACL,KAAK,IAAA,EAAM;AACT,MAAA,MAAM,MAAA,GAAS,mBAAA,CAAoB,OAAA,EAAS,OAAO,CAAA;AACnD,MAAA,IAAI,MAAA,KAAW,MAAM,OAAO,MAAA;AAC5B,MAAA;AAAA,IACF;AAIA;AAGF,EAAA,MAAM,IAAI,uBAAA;AAAA,IACR,OAAA,KAAY,YAAY,qBAAA,GAAwB,cAAA;AAAA,IAChD,yDAAyD,OAAO,CAAA,EAAA,CAAA;AAAA,IAChE,MAAA,CAAO,SAAS,CAAA,GAAI,EAAE,OAAO,MAAA,CAAO,CAAC,GAAE,GAAI;AAAA,GAC7C;AACF;AAEA,SAAS,sBAAsB,OAAA,EAAoC;AACjE,EAAA,OAAO,OAAO,OAAA,CAAQ,SAAA,EAAW,OAAA,EAAS,QAAA,KAAa,UAAA;AACzD;AAEA,eAAe,qBAAA,CACb,OAAA,EACA,OAAA,EACA,OAAA,EACiC;AACjC,EAAA,MAAM,OAAA,GAAU,QAAQ,SAAA,EAAW,OAAA;AACnC,EAAA,IAAI,CAAC,OAAA,EAAS,QAAA,EAAU,OAAO,IAAA;AAE/B,EAAA,MAAM,QAAA,GAAW,MAAM,OAAA,CAAQ,QAAA,EAAS;AACxC,EAAA,MAAM,QAAQ,OAAO,QAAA,CAAS,KAAA,KAAU,QAAA,GAAW,SAAS,KAAA,GAAQ,IAAA;AACpE,EAAA,IAAI,KAAA,KAAU,MAAM,OAAO,IAAA;AAE3B,EAAA,MAAM,SAAA,GAAY,QAAQ,OAAA,CAAQ,0BAAA;AAClC,EAAA,OAAO;AAAA,IACL,SAAA;AAAA,IACA,OAAA;AAAA,IACA,UAAA,EAAY,MAAA;AAAA,IACZ,KAAA;AAAA,IACA,QAAA,EAAU;AAAA,GACZ;AACF;AAEA,SAAS,sBAAA,CACP,SACA,OAAA,EACwB;AACxB,EAAA,MAAM,OAAA,GAAU,QAAQ,MAAA,EAAQ,YAAA;AAChC,EAAA,IAAI,CAAC,OAAA,EAAS;AAEZ,IAAA,OAAO;AAAA,MACL,SAAA,EAAW,IAAA;AAAA,MACX,OAAA;AAAA,MACA,UAAA,EAAY,KAAA;AAAA,MACZ,KAAA,EAAO,IAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACZ;AAAA,EACF;AAEA,EAAA,IAAI;AACF,IAAA,OAAA,CAAQ,OAAA,CAAQ,WAAW,GAAG,CAAA;AAC9B,IAAA,OAAA,CAAQ,WAAW,SAAS,CAAA;AAAA,EAC9B,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO;AAAA,MACL,SAAA,EAAW,IAAA;AAAA,MACX,OAAA;AAAA,MACA,UAAA,EAAY,QAAA;AAAA,MACZ,KAAA,EAAO,IAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACZ;AAAA,EACF;AAEA,EAAA,MAAM,MAAM,OAAA,CAAQ,MAAA;AACpB,EAAA,IAAI,OAAO,GAAA,CAAI,YAAA,KAAiB,UAAA,EAAY;AAC1C,IAAA,IAAI;AACF,MAAA,GAAA,CAAI,YAAA,CAAa,IAAA,EAAM,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,IACzC,CAAA,CAAA,MAAQ;AACN,MAAA,OAAO;AAAA,QACL,SAAA,EAAW,IAAA;AAAA,QACX,OAAA;AAAA,QACA,UAAA,EAAY,KAAA;AAAA,QACZ,KAAA,EAAO,IAAA;AAAA,QACP,QAAA,EAAU;AAAA,OACZ;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO;AAAA,IACL,SAAA,EAAW,KAAA;AAAA,IACX,OAAA;AAAA,IACA,UAAA,EAAY,KAAA;AAAA,IACZ,KAAA,EAAO,IAAA;AAAA,IACP,QAAA,EAAU;AAAA,GACZ;AACF;AAEA,eAAe,yBAAA,CACb,SACA,OAAA,EACiC;AACjC,EAAA,MAAMA,UAAAA,GAAY,OAAA,CAAQ,SAAA,IAAa,OAAA,CAAQ,MAAA,EAAQ,SAAA;AACvD,EAAA,IAAI,CAACA,UAAAA,EAAW;AACd,IAAA,OAAO;AAAA,MACL,SAAA,EAAW,IAAA;AAAA,MACX,OAAA;AAAA,MACA,UAAA,EAAY,KAAA;AAAA,MACZ,KAAA,EAAO,IAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACZ;AAAA,EACF;AAEA,EAAA,OAAO,IAAI,OAAA,CAAyB,CAAC,OAAA,KAAY;AAC/C,IAAA,IAAI,OAAA;AACJ,IAAA,IAAI;AACF,MAAA,OAAA,GAAUA,UAAAA,CAAU,KAAK,SAAS,CAAA;AAAA,IACpC,CAAA,CAAA,MAAQ;AACN,MAAA,OAAA,CAAQ;AAAA,QACN,SAAA,EAAW,IAAA;AAAA,QACX,OAAA;AAAA,QACA,UAAA,EAAY,KAAA;AAAA,QACZ,KAAA,EAAO,IAAA;AAAA,QACP,QAAA,EAAU;AAAA,OACX,CAAA;AACD,MAAA;AAAA,IACF;AAEA,IAAA,OAAA,CAAQ,gBAAA,CAAiB,SAAS,MAAM;AACtC,MAAA,OAAA,CAAQ;AAAA,QACN,SAAA,EAAW,IAAA;AAAA,QACX,OAAA;AAAA,QACA,UAAA,EAAY,KAAA;AAAA,QACZ,KAAA,EAAO,IAAA;AAAA,QACP,QAAA,EAAU;AAAA,OACX,CAAA;AAAA,IACH,CAAC,CAAA;AACD,IAAA,OAAA,CAAQ,gBAAA,CAAiB,WAAW,MAAM;AACxC,MAAA,IAAI;AACF,QAAA,OAAA,CAAQ,OAAO,KAAA,EAAM;AACrB,QAAAA,UAAAA,CAAU,eAAe,SAAS,CAAA;AAAA,MACpC,CAAA,CAAA,MAAQ;AAAA,MAER;AACA,MAAA,OAAA,CAAQ;AAAA,QACN,SAAA,EAAW,KAAA;AAAA,QACX,OAAA;AAAA,QACA,UAAA,EAAY,KAAA;AAAA,QACZ,KAAA,EAAO,IAAA;AAAA,QACP,QAAA,EAAU;AAAA,OACX,CAAA;AAAA,IACH,CAAC,CAAA;AAAA,EACH,CAAC,CAAA;AACH;AAEA,SAAS,mBAAA,CACP,SACA,OAAA,EACwB;AACxB,EAAA,MAAM,MAAM,OAAA,CAAQ,MAAA;AACpB,EAAA,IAAI,CAAC,KAAK,OAAO,IAAA;AACjB,EAAA,MAAM,YAAA,GAAe,OAAA,CAAQ,GAAA,CAAI,SAAA,IAAa,QAAQ,SAAS,CAAA;AAC/D,EAAA,MAAM,UAAA,GAAa,OAAA,CAAQ,GAAA,CAAI,YAAA,IAAgB,IAAI,cAAc,CAAA;AACjE,EAAA,IAAI,CAAC,gBAAgB,UAAA,EAAY;AAC/B,IAAA,OAAO;AAAA,MACL,SAAA,EAAW,IAAA;AAAA,MACX,OAAA;AAAA,MACA,UAAA,EAAY,KAAA;AAAA,MACZ,KAAA,EAAO,IAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACZ;AAAA,EACF;AACA,EAAA,OAAO;AAAA,IACL,SAAA,EAAW,KAAA;AAAA,IACX,OAAA;AAAA,IACA,UAAA,EAAY,KAAA;AAAA,IACZ,KAAA,EAAO,IAAA;AAAA,IACP,QAAA,EAAU;AAAA,GACZ;AACF;;;AC/MA,eAAsB,eAAA,CACpB,OAAA,GAAkC,EAAC,EACT;AAC1B,EAAA,MAAM,OAAA,GAAU,cAAA,CAAe,OAAA,CAAQ,OAAO,CAAA;AAC9C,EAAA,IAAI,CAAC,aAAA,CAAc,OAAO,CAAA,EAAG;AAC3B,IAAA,MAAM,IAAI,uBAAA;AAAA,MACR,eAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF;AAEA,EAAA,MAAM,UAAU,aAAA,CAAc;AAAA,IAC5B,SAAA,EAAW,QAAQ,SAAA,CAAU,SAAA;AAAA,IAC7B,GAAI,OAAA,CAAQ,SAAA,CAAU,MAAA,KAAW,MAAA,GAC7B,EAAC,GACD,EAAE,MAAA,EAAQ,OAAA,CAAQ,SAAA,CAAU,MAAA;AAAO,GACxC,CAAA;AAED,EAAA,MAAM,SAAA,GACJ,QAAQ,0BAAA,IAA8B,2BAAA;AAExC,EAAA,OAAO,aAAA,CAAc,SAAS,OAAA,EAAS;AAAA,IACrC,0BAAA,EAA4B;AAAA,GAC7B,CAAA;AACH;AAiBA,eAAsB,WAAA,CACpB,OAAA,GAAkC,EAAC,EACjB;AAClB,EAAA,MAAM,MAAA,GAAS,MAAM,eAAA,CAAgB,OAAO,CAAA;AAC5C,EAAA,OAAO,MAAA,CAAO,SAAA;AAChB;AAEA,SAAS,eACP,SAAA,EACkB;AAClB,EAAA,IAAI,WAAW,OAAO,SAAA;AACtB,EAAA,OAAO;AAAA,IACL,SAAA,EAAW,OAAO,SAAA,KAAc,WAAA,GAAc,MAAA,GAAY,SAAA;AAAA,IAC1D,MAAA,EAAQ,OAAO,MAAA,KAAW,WAAA,GAAc,MAAA,GAAY,MAAA;AAAA,IACpD,SAAA,EAAW,OAAO,SAAA,KAAc,WAAA,GAAc,MAAA,GAAY;AAAA,GAC5D;AACF;AAEA,SAAS,cACP,OAAA,EAGA;AACA,EAAA,OAAO,OAAA,CAAQ,OAAA,CAAQ,SAAA,EAAW,SAAS,CAAA;AAC7C","file":"index.cjs","sourcesContent":["/*\n Coarse browser-engine identifiers used to pick a detection strategy.\n \n We deliberately do not export brand names like \"Brave\" or \"Vivaldi\" — they\n * are all Chromium under the hood and the relevant private-mode behaviour\n * matches the engine, not the brand.\n /\nexport type BrowserName =\n \| 'chromium'\n \| 'firefox'\n \| 'safari'\n \| 'webkit'\n \| 'edge-legacy'\n \| 'ie'\n \| 'unknown';\n\ninterface UserAgentSource {\n readonly userAgent: string;\n readonly vendor?: string;\n}\n\nconst CHROMIUM_HINTS = ['chrome/', 'crios/', 'chromium/', 'edg/', 'opr/'];\n\n/\n Classify the current navigator into a coarse browser engine.\n \n Pure function — accepts an optional `source` so it can be unit-tested\n * without polluting globals. In production we read from `navigator` directly.\n /\nexport function detectBrowser(source?: UserAgentSource): BrowserName {\n const ua = (source?.userAgent ?? '').toLowerCase();\n const vendor = (source?.vendor ?? '').toLowerCase();\n\n if (!ua) return 'unknown';\n\n if (ua.includes('msie ') \|\| ua.includes('trident/')) return 'ie';\n if (ua.includes('edge/')) return 'edge-legacy';\n if (ua.includes('firefox/') \|\| ua.includes('fxios/')) return 'firefox';\n\n const looksLikeChromium = CHROMIUM_HINTS.some((hint) => ua.includes(hint));\n if (looksLikeChromium) return 'chromium';\n\n // Safari sets `vendor === 'apple computer, inc.'`. iOS-Chrome/Firefox also\n // run on WebKit but advertise different UAs, so we reach this branch only\n // for \"real\" Safari and other WebKit shells.\n if (ua.includes('safari/') && (vendor.includes('apple') \|\| !vendor)) {\n return 'safari';\n }\n if (ua.includes('applewebkit/')) return 'webkit';\n\n return 'unknown';\n}\n","/\n Stable identifiers for {@link IncognitoDetectionError} causes.\n \n Branching on `code` is safer than parsing `message` strings.\n /\nexport type IncognitoDetectionErrorCode =\n /* Invoked in a non-browser context (Node, worker without globals, etc.). /\n \| 'NOT_A_BROWSER'\n /* Browser detected but no supported detection strategy applies. /\n \| 'UNSUPPORTED_BROWSER'\n /* A probe threw before it could produce a definitive result. /\n \| 'PROBE_FAILED';\n\n/\n Thrown when private-mode cannot be determined.\n \n @example\n * ```ts\n * import { isIncognito, IncognitoDetectionError } from 'is-incognito-mode';\n \n try {\n * await isIncognito();\n * } catch (error) {\n * if (error instanceof IncognitoDetectionError) {\n * console.warn(error.code, error.message);\n * }\n * }\n * ```\n /\nexport class IncognitoDetectionError extends Error {\n override readonly name = 'IncognitoDetectionError';\n readonly code: IncognitoDetectionErrorCode;\n\n constructor(\n code: IncognitoDetectionErrorCode,\n message: string,\n options?: { cause?: unknown },\n ) {\n super(message, options);\n this.code = code;\n }\n}\n","import type { BrowserName } from './browser.ts';\nimport { IncognitoDetectionError } from './errors.ts';\nimport type {\n DetectIncognitoOptions,\n DetectionGlobals,\n DetectionResult,\n} from './types.ts';\n\n/\n Default cutoff: 120 MB. Below this, every shipping browser we tested in 2024\n * is in a restricted (private) storage context. Above, it is normal.\n \n Sources: detectIncognito.js research notes; cross-checked against Chrome\n * 120+, Firefox 121+, Safari 17+.\n /\nexport const DEFAULT_PRIVATE_QUOTA_BYTES = 120 1024 * 1024;\n\n/*\n Sentinel key used by the legacy localStorage probe. Random enough that\n * collisions with real user keys are impossible.\n /\nconst PROBE_KEY = '__is_incognito_mode_probe_cd1394e6__';\n\n/\n Try strategies in priority order, returning the first one that produces a\n * definitive answer. Throws {@link IncognitoDetectionError} if every strategy\n * declines.\n /\nexport async function runStrategies(\n browser: BrowserName,\n globals: DetectionGlobals,\n options: Required<Pick<DetectIncognitoOptions, 'privateQuotaThresholdBytes'>>,\n): Promise<DetectionResult> {\n const errors: unknown[] = [];\n\n // 1. navigator.storage.estimate — the modern, vendor-blessed-ish signal.\n if (canUseStorageEstimate(globals)) {\n try {\n const result = await detectViaStorageQuota(browser, globals, options);\n if (result !== null) return result;\n } catch (error) {\n errors.push(error);\n }\n }\n\n // 2. Per-engine fallbacks for older versions / restricted runtimes.\n switch (browser) {\n case 'safari':\n case 'webkit': {\n const result = detectViaSafariStorage(browser, globals);\n if (result !== null) return result;\n break;\n }\n case 'firefox': {\n const result = await detectViaFirefoxIndexedDB(browser, globals);\n if (result !== null) return result;\n break;\n }\n case 'edge-legacy':\n case 'ie': {\n const result = detectViaLegacyEdge(browser, globals);\n if (result !== null) return result;\n break;\n }\n case 'chromium':\n case 'unknown': {\n break;\n }\n }\n\n throw new IncognitoDetectionError(\n browser === 'unknown' ? 'UNSUPPORTED_BROWSER' : 'PROBE_FAILED',\n `No detection strategy produced a verdict for browser \"${browser}\".`,\n errors.length > 0 ? { cause: errors[0] } : undefined,\n );\n}\n\nfunction canUseStorageEstimate(globals: DetectionGlobals): boolean {\n return typeof globals.navigator?.storage?.estimate === 'function';\n}\n\nasync function detectViaStorageQuota(\n browser: BrowserName,\n globals: DetectionGlobals,\n options: Required<Pick<DetectIncognitoOptions, 'privateQuotaThresholdBytes'>>,\n): Promise<DetectionResult \| null> {\n const storage = globals.navigator?.storage;\n if (!storage?.estimate) return null;\n\n const estimate = await storage.estimate();\n const quota = typeof estimate.quota === 'number' ? estimate.quota : null;\n if (quota === null) return null;\n\n const isPrivate = quota < options.privateQuotaThresholdBytes;\n return {\n isPrivate,\n browser,\n confidence: 'high',\n quota,\n strategy: 'storage-quota',\n };\n}\n\nfunction detectViaSafariStorage(\n browser: BrowserName,\n globals: DetectionGlobals,\n): DetectionResult \| null {\n const storage = globals.window?.localStorage;\n if (!storage) {\n // No localStorage at all is itself a strong signal on Safari < 11 private.\n return {\n isPrivate: true,\n browser,\n confidence: 'low',\n quota: null,\n strategy: 'safari-storage',\n };\n }\n\n try {\n storage.setItem(PROBE_KEY, '1');\n storage.removeItem(PROBE_KEY);\n } catch {\n return {\n isPrivate: true,\n browser,\n confidence: 'medium',\n quota: null,\n strategy: 'safari-storage',\n };\n }\n\n const win = globals.window;\n if (typeof win.openDatabase === 'function') {\n try {\n win.openDatabase(null, null, null, null);\n } catch {\n return {\n isPrivate: true,\n browser,\n confidence: 'low',\n quota: null,\n strategy: 'safari-storage',\n };\n }\n }\n\n return {\n isPrivate: false,\n browser,\n confidence: 'low',\n quota: null,\n strategy: 'safari-storage',\n };\n}\n\nasync function detectViaFirefoxIndexedDB(\n browser: BrowserName,\n globals: DetectionGlobals,\n): Promise<DetectionResult \| null> {\n const indexedDB = globals.indexedDB ?? globals.window?.indexedDB;\n if (!indexedDB) {\n return {\n isPrivate: true,\n browser,\n confidence: 'low',\n quota: null,\n strategy: 'firefox-indexeddb',\n };\n }\n\n return new Promise<DetectionResult>((resolve) => {\n let request: IDBOpenDBRequest;\n try {\n request = indexedDB.open(PROBE_KEY);\n } catch {\n resolve({\n isPrivate: true,\n browser,\n confidence: 'low',\n quota: null,\n strategy: 'firefox-indexeddb',\n });\n return;\n }\n\n request.addEventListener('error', () => {\n resolve({\n isPrivate: true,\n browser,\n confidence: 'low',\n quota: null,\n strategy: 'firefox-indexeddb',\n });\n });\n request.addEventListener('success', () => {\n try {\n request.result.close();\n indexedDB.deleteDatabase(PROBE_KEY);\n } catch {\n / best-effort cleanup /\n }\n resolve({\n isPrivate: false,\n browser,\n confidence: 'low',\n quota: null,\n strategy: 'firefox-indexeddb',\n });\n });\n });\n}\n\nfunction detectViaLegacyEdge(\n browser: BrowserName,\n globals: DetectionGlobals,\n): DetectionResult \| null {\n const win = globals.window;\n if (!win) return null;\n const hasIndexedDB = Boolean(win.indexedDB ?? globals.indexedDB);\n const hasPointer = Boolean(win.PointerEvent ?? win.MSPointerEvent);\n if (!hasIndexedDB && hasPointer) {\n return {\n isPrivate: true,\n browser,\n confidence: 'low',\n quota: null,\n strategy: 'legacy-edge',\n };\n }\n return {\n isPrivate: false,\n browser,\n confidence: 'low',\n quota: null,\n strategy: 'legacy-edge',\n };\n}\n","import { detectBrowser } from './browser.ts';\nimport { IncognitoDetectionError } from './errors.ts';\nimport { DEFAULT_PRIVATE_QUOTA_BYTES, runStrategies } from './strategies.ts';\nimport type {\n DetectIncognitoOptions,\n DetectionGlobals,\n DetectionResult,\n} from './types.ts';\n\n/\n Detect whether the current browser is in private / incognito mode.\n \n Returns a rich {@link DetectionResult}. Most callers want the thinner\n * {@link isIncognito} convenience instead.\n \n @throws {IncognitoDetectionError}\n * - `NOT_A_BROWSER` when invoked outside a browser-like environment.\n * - `UNSUPPORTED_BROWSER` when the browser was classified as `unknown` and\n * no fallback strategy applied.\n * - `PROBE_FAILED` when every applicable strategy threw before producing a\n * definitive answer.\n \n @example\n * ```ts\n * import { detectIncognito } from 'is-incognito-mode';\n \n const { isPrivate, browser, confidence, quota } = await detectIncognito();\n * console.log(`${browser} (${confidence} confidence, quota: ${quota ?? '?'})`);\n * ```\n /\nexport async function detectIncognito(\n options: DetectIncognitoOptions = {},\n): Promise<DetectionResult> {\n const globals = resolveGlobals(options.globals);\n if (!isBrowserLike(globals)) {\n throw new IncognitoDetectionError(\n 'NOT_A_BROWSER',\n 'is-incognito-mode can only run in a browser-like environment.',\n );\n }\n\n const browser = detectBrowser({\n userAgent: globals.navigator.userAgent,\n ...(globals.navigator.vendor === undefined\n ? {}\n : { vendor: globals.navigator.vendor }),\n });\n\n const threshold =\n options.privateQuotaThresholdBytes ?? DEFAULT_PRIVATE_QUOTA_BYTES;\n\n return runStrategies(browser, globals, {\n privateQuotaThresholdBytes: threshold,\n });\n}\n\n/\n Convenience wrapper around {@link detectIncognito} that resolves to the\n * boolean verdict only. Drop-in compatible with v1's default export.\n \n @example\n * ```ts\n * import { isIncognito } from 'is-incognito-mode';\n \n if (await isIncognito()) {\n * showPaywall();\n * }\n * ```\n \n @throws {IncognitoDetectionError} See {@link detectIncognito}.\n */\nexport async function isIncognito(\n options: DetectIncognitoOptions = {},\n): Promise<boolean> {\n const result = await detectIncognito(options);\n return result.isPrivate;\n}\n\nfunction resolveGlobals(\n overrides: DetectionGlobals \| undefined,\n): DetectionGlobals {\n if (overrides) return overrides;\n return {\n navigator: typeof navigator === 'undefined' ? undefined : navigator,\n window: typeof window === 'undefined' ? undefined : window,\n indexedDB: typeof indexedDB === 'undefined' ? undefined : indexedDB,\n };\n}\n\nfunction isBrowserLike(\n globals: DetectionGlobals,\n): globals is DetectionGlobals & {\n navigator: NonNullable<DetectionGlobals['navigator']>;\n} {\n return Boolean(globals.navigator?.userAgent);\n}\n"]}
1	+ {"version":3,"sources":["../src/browser.ts","../src/errors.ts","../src/strategies.ts","../src/detect.ts"],"names":["indexedDB"],"mappings":";;;;;AAqBA,IAAM,iBAAiB,CAAC,SAAA,EAAW,QAAA,EAAU,WAAA,EAAa,QAAQ,MAAM,CAAA;AAQjE,SAAS,cAAc,MAAA,EAAuC;AACnE,EAAA,MAAM,EAAA,GAAA,CAAM,MAAA,EAAQ,SAAA,IAAa,EAAA,EAAI,WAAA,EAAY;AACjD,EAAA,MAAM,MAAA,GAAA,CAAU,MAAA,EAAQ,MAAA,IAAU,EAAA,EAAI,WAAA,EAAY;AAElD,EAAA,IAAI,CAAC,IAAI,OAAO,SAAA;AAEhB,EAAA,IAAI,EAAA,CAAG,SAAS,OAAO,CAAA,IAAK,GAAG,QAAA,CAAS,UAAU,GAAG,OAAO,IAAA;AAC5D,EAAA,IAAI,EAAA,CAAG,QAAA,CAAS,OAAO,CAAA,EAAG,OAAO,aAAA;AACjC,EAAA,IAAI,EAAA,CAAG,SAAS,UAAU,CAAA,IAAK,GAAG,QAAA,CAAS,QAAQ,GAAG,OAAO,SAAA;AAE7D,EAAA,MAAM,iBAAA,GAAoB,eAAe,IAAA,CAAK,CAAC,SAAS,EAAA,CAAG,QAAA,CAAS,IAAI,CAAC,CAAA;AACzE,EAAA,IAAI,mBAAmB,OAAO,UAAA;AAK9B,EAAA,IAAI,EAAA,CAAG,SAAS,SAAS,CAAA,KAAM,OAAO,QAAA,CAAS,OAAO,CAAA,IAAK,CAAC,MAAA,CAAA,EAAS;AACnE,IAAA,OAAO,QAAA;AAAA,EACT;AACA,EAAA,IAAI,EAAA,CAAG,QAAA,CAAS,cAAc,CAAA,EAAG,OAAO,QAAA;AAExC,EAAA,OAAO,SAAA;AACT;;;ACtBO,IAAM,uBAAA,GAAN,cAAsC,KAAA,CAAM;AAAA,EAC/B,IAAA,GAAO,yBAAA;AAAA,EAChB,IAAA;AAAA,EAET,WAAA,CACE,IAAA,EACA,OAAA,EACA,OAAA,EACA;AACA,IAAA,KAAA,CAAM,SAAS,OAAO,CAAA;AACtB,IAAA,IAAA,CAAK,IAAA,GAAO,IAAA;AAAA,EACd;AACF;;;AC5BO,IAAM,2BAAA,GAA8B,OAAO,IAAA,GAAO;AAOzD,IAAM,qBAAA,GAAwB,CAAA;AAM9B,IAAM,SAAA,GAAY,sCAAA;AAOlB,eAAsB,aAAA,CACpB,OAAA,EACA,OAAA,EACA,OAAA,EAC0B;AAC1B,EAAA,MAAM,SAAoB,EAAC;AAE3B,EAAA,QAAQ,OAAA;AAAS,IACf,KAAK,UAAA,EAAY;AACf,MAAA,MAAM,SAAS,MAAM,OAAA;AAAA,QACnB,MAAM,sBAAA,CAAuB,OAAA,EAAS,OAAA,EAAS,OAAO,CAAA;AAAA,QACtD;AAAA,OACF;AACA,MAAA,IAAI,MAAA,KAAW,MAAM,OAAO,MAAA;AAC5B,MAAA;AAAA,IACF;AAAA,IACA,KAAK,SAAA,EAAW;AACd,MAAA,MAAM,OAAO,MAAM,OAAA;AAAA,QACjB,MAAM,kBAAA,CAAmB,OAAA,EAAS,OAAA,EAAS,gBAAgB,CAAA;AAAA,QAC3D;AAAA,OACF;AACA,MAAA,IAAI,IAAA,KAAS,MAAM,OAAO,IAAA;AAC1B,MAAA,MAAM,MAAM,MAAM,OAAA;AAAA,QAChB,MAAM,yBAAA,CAA0B,OAAA,EAAS,OAAO,CAAA;AAAA,QAChD;AAAA,OACF;AACA,MAAA,IAAI,GAAA,KAAQ,MAAM,OAAO,GAAA;AACzB,MAAA;AAAA,IACF;AAAA,IACA,KAAK,QAAA;AAAA,IACL,KAAK,QAAA,EAAU;AACb,MAAA,MAAM,OAAO,MAAM,OAAA;AAAA,QACjB,MAAM,kBAAA,CAAmB,OAAA,EAAS,OAAA,EAAS,0BAA0B,CAAA;AAAA,QACrE;AAAA,OACF;AACA,MAAA,IAAI,IAAA,KAAS,MAAM,OAAO,IAAA;AAC1B,MAAA,MAAM,SAAS,MAAM,OAAA;AAAA,QACnB,MAAM,sBAAA,CAAuB,OAAA,EAAS,OAAO,CAAA;AAAA,QAC7C;AAAA,OACF;AACA,MAAA,IAAI,MAAA,KAAW,MAAM,OAAO,MAAA;AAC5B,MAAA;AAAA,IACF;AAAA,IACA,KAAK,aAAA;AAAA,IACL,KAAK,IAAA,EAAM;AACT,MAAA,MAAM,SAAS,MAAM,OAAA;AAAA,QACnB,MAAM,mBAAA,CAAoB,OAAA,EAAS,OAAO,CAAA;AAAA,QAC1C;AAAA,OACF;AACA,MAAA,IAAI,MAAA,KAAW,MAAM,OAAO,MAAA;AAC5B,MAAA;AAAA,IACF;AAGA;AAGF,EAAA,MAAM,IAAI,uBAAA;AAAA,IACR,OAAA,KAAY,YAAY,qBAAA,GAAwB,cAAA;AAAA,IAChD,yDAAyD,OAAO,CAAA,EAAA,CAAA;AAAA,IAChE,MAAA,CAAO,SAAS,CAAA,GAAI,EAAE,OAAO,MAAA,CAAO,CAAC,GAAE,GAAI;AAAA,GAC7C;AACF;AAEA,eAAe,OAAA,CACb,UACA,MAAA,EACiC;AACjC,EAAA,IAAI;AACF,IAAA,OAAO,MAAM,QAAA,EAAS;AAAA,EACxB,SAAS,KAAA,EAAO;AACd,IAAA,MAAA,CAAO,KAAK,KAAK,CAAA;AACjB,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAeA,eAAe,sBAAA,CACb,OAAA,EACA,OAAA,EACA,OAAA,EACiC;AACjC,EAAA,MAAM,WAAA,GAAc,QAAQ,SAAA,EAAW,sBAAA;AACvC,EAAA,IAAI,OAAO,WAAA,EAAa,kBAAA,KAAuB,UAAA,EAAY,OAAO,IAAA;AAElE,EAAA,MAAM,KAAA,GAAQ,MAAM,IAAI,OAAA,CAAuB,CAAC,OAAA,KAAY;AAC1D,IAAA,IAAI,OAAA,GAAU,KAAA;AACd,IAAA,MAAM,MAAA,GAAS,CAAC,KAAA,KAA+B;AAC7C,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,OAAA,GAAU,IAAA;AACV,QAAA,OAAA,CAAQ,KAAK,CAAA;AAAA,MACf;AAAA,IACF,CAAA;AACA,IAAA,IAAI;AACF,MAAA,WAAA,CAAY,kBAAA;AAAA,QACV,CAAC,OAAO,YAAA,KAAiB;AACvB,UAAA,MAAA,CAAO,OAAO,YAAA,KAAiB,QAAA,GAAW,YAAA,GAAe,IAAI,CAAA;AAAA,QAC/D,CAAA;AAAA,QACA,MAAM;AACJ,UAAA,MAAA,CAAO,IAAI,CAAA;AAAA,QACb;AAAA,OACF;AAAA,IACF,CAAA,CAAA,MAAQ;AACN,MAAA,MAAA,CAAO,IAAI,CAAA;AAAA,IACb;AAAA,EACF,CAAC,CAAA;AACD,EAAA,IAAI,KAAA,KAAU,MAAM,OAAO,IAAA;AAE3B,EAAA,MAAM,SAAA,GACJ,OAAA,CAAQ,0BAAA,KAA+B,MAAA,GACnC,KAAA,GAAQ,kBAAkB,OAAO,CAAA,GAAI,qBAAA,GACrC,KAAA,GAAQ,OAAA,CAAQ,0BAAA;AAEtB,EAAA,OAAO;AAAA,IACL,SAAA;AAAA,IACA,OAAA;AAAA,IACA,UAAA,EAAY,MAAA;AAAA,IACZ,KAAA;AAAA,IACA,QAAA,EAAU;AAAA,GACZ;AACF;AAEA,SAAS,kBAAkB,OAAA,EAAmC;AAC5D,EAAA,MAAM,KAAA,GAAQ,OAAA,CAAQ,MAAA,EAAQ,WAAA,EAAa,MAAA,EAAQ,eAAA;AACnD,EAAA,OAAO,OAAO,KAAA,KAAU,QAAA,IAAY,KAAA,GAAQ,IACxC,KAAA,GACA,2BAAA;AACN;AASA,eAAe,kBAAA,CACb,OAAA,EACA,OAAA,EACA,oBAAA,EACiC;AACjC,EAAA,MAAM,OAAA,GAAU,QAAQ,SAAA,EAAW,OAAA;AACnC,EAAA,IAAI,OAAO,OAAA,EAAS,YAAA,KAAiB,UAAA,EAAY,OAAO,IAAA;AAExD,EAAA,IAAI;AACF,IAAA,MAAM,QAAQ,YAAA,EAAa;AAC3B,IAAA,OAAO;AAAA,MACL,SAAA,EAAW,KAAA;AAAA,MACX,OAAA;AAAA,MACA,UAAA,EAAY,MAAA;AAAA,MACZ,KAAA,EAAO,IAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACZ;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,MAAM,UAAU,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK,CAAA;AACrE,IAAA,OAAO;AAAA,MACL,SAAA,EAAW,OAAA,CAAQ,QAAA,CAAS,oBAAoB,CAAA;AAAA,MAChD,OAAA;AAAA,MACA,UAAA,EAAY,MAAA;AAAA,MACZ,KAAA,EAAO,IAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACZ;AAAA,EACF;AACF;AAGA,SAAS,sBAAA,CACP,SACA,OAAA,EACwB;AACxB,EAAA,MAAM,OAAA,GAAU,QAAQ,MAAA,EAAQ,YAAA;AAChC,EAAA,IAAI,CAAC,OAAA,EAAS;AAEZ,IAAA,OAAO;AAAA,MACL,SAAA,EAAW,IAAA;AAAA,MACX,OAAA;AAAA,MACA,UAAA,EAAY,KAAA;AAAA,MACZ,KAAA,EAAO,IAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACZ;AAAA,EACF;AAEA,EAAA,IAAI;AACF,IAAA,OAAA,CAAQ,OAAA,CAAQ,WAAW,GAAG,CAAA;AAC9B,IAAA,OAAA,CAAQ,WAAW,SAAS,CAAA;AAAA,EAC9B,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO;AAAA,MACL,SAAA,EAAW,IAAA;AAAA,MACX,OAAA;AAAA,MACA,UAAA,EAAY,QAAA;AAAA,MACZ,KAAA,EAAO,IAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACZ;AAAA,EACF;AAEA,EAAA,MAAM,MAAM,OAAA,CAAQ,MAAA;AACpB,EAAA,IAAI,OAAO,GAAA,CAAI,YAAA,KAAiB,UAAA,EAAY;AAC1C,IAAA,IAAI;AACF,MAAA,GAAA,CAAI,YAAA,CAAa,IAAA,EAAM,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,IACzC,CAAA,CAAA,MAAQ;AACN,MAAA,OAAO;AAAA,QACL,SAAA,EAAW,IAAA;AAAA,QACX,OAAA;AAAA,QACA,UAAA,EAAY,KAAA;AAAA,QACZ,KAAA,EAAO,IAAA;AAAA,QACP,QAAA,EAAU;AAAA,OACZ;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO;AAAA,IACL,SAAA,EAAW,KAAA;AAAA,IACX,OAAA;AAAA,IACA,UAAA,EAAY,KAAA;AAAA,IACZ,KAAA,EAAO,IAAA;AAAA,IACP,QAAA,EAAU;AAAA,GACZ;AACF;AAGA,eAAe,yBAAA,CACb,SACA,OAAA,EACiC;AACjC,EAAA,MAAMA,UAAAA,GAAY,OAAA,CAAQ,SAAA,IAAa,OAAA,CAAQ,MAAA,EAAQ,SAAA;AACvD,EAAA,IAAI,CAACA,UAAAA,EAAW;AACd,IAAA,OAAO;AAAA,MACL,SAAA,EAAW,IAAA;AAAA,MACX,OAAA;AAAA,MACA,UAAA,EAAY,KAAA;AAAA,MACZ,KAAA,EAAO,IAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACZ;AAAA,EACF;AAEA,EAAA,OAAO,IAAI,OAAA,CAAyB,CAAC,OAAA,KAAY;AAC/C,IAAA,IAAI,OAAA;AACJ,IAAA,IAAI;AACF,MAAA,OAAA,GAAUA,UAAAA,CAAU,KAAK,SAAS,CAAA;AAAA,IACpC,CAAA,CAAA,MAAQ;AACN,MAAA,OAAA,CAAQ;AAAA,QACN,SAAA,EAAW,IAAA;AAAA,QACX,OAAA;AAAA,QACA,UAAA,EAAY,KAAA;AAAA,QACZ,KAAA,EAAO,IAAA;AAAA,QACP,QAAA,EAAU;AAAA,OACX,CAAA;AACD,MAAA;AAAA,IACF;AAEA,IAAA,OAAA,CAAQ,gBAAA,CAAiB,SAAS,MAAM;AACtC,MAAA,OAAA,CAAQ;AAAA,QACN,SAAA,EAAW,IAAA;AAAA,QACX,OAAA;AAAA,QACA,UAAA,EAAY,KAAA;AAAA,QACZ,KAAA,EAAO,IAAA;AAAA,QACP,QAAA,EAAU;AAAA,OACX,CAAA;AAAA,IACH,CAAC,CAAA;AACD,IAAA,OAAA,CAAQ,gBAAA,CAAiB,WAAW,MAAM;AACxC,MAAA,IAAI;AACF,QAAA,OAAA,CAAQ,OAAO,KAAA,EAAM;AACrB,QAAAA,UAAAA,CAAU,eAAe,SAAS,CAAA;AAAA,MACpC,CAAA,CAAA,MAAQ;AAAA,MAER;AACA,MAAA,OAAA,CAAQ;AAAA,QACN,SAAA,EAAW,KAAA;AAAA,QACX,OAAA;AAAA,QACA,UAAA,EAAY,KAAA;AAAA,QACZ,KAAA,EAAO,IAAA;AAAA,QACP,QAAA,EAAU;AAAA,OACX,CAAA;AAAA,IACH,CAAC,CAAA;AAAA,EACH,CAAC,CAAA;AACH;AAGA,SAAS,mBAAA,CACP,SACA,OAAA,EACwB;AACxB,EAAA,MAAM,MAAM,OAAA,CAAQ,MAAA;AACpB,EAAA,IAAI,CAAC,KAAK,OAAO,IAAA;AACjB,EAAA,MAAM,YAAA,GAAe,OAAA,CAAQ,GAAA,CAAI,SAAA,IAAa,QAAQ,SAAS,CAAA;AAC/D,EAAA,MAAM,UAAA,GAAa,OAAA,CAAQ,GAAA,CAAI,YAAA,IAAgB,IAAI,cAAc,CAAA;AACjE,EAAA,OAAO;AAAA,IACL,SAAA,EAAW,CAAC,YAAA,IAAgB,UAAA;AAAA,IAC5B,OAAA;AAAA,IACA,UAAA,EAAY,KAAA;AAAA,IACZ,KAAA,EAAO,IAAA;AAAA,IACP,QAAA,EAAU;AAAA,GACZ;AACF;;;ACnTA,eAAsB,eAAA,CACpB,OAAA,GAAkC,EAAC,EACT;AAC1B,EAAA,MAAM,OAAA,GAAU,cAAA,CAAe,OAAA,CAAQ,OAAO,CAAA;AAC9C,EAAA,IAAI,CAAC,aAAA,CAAc,OAAO,CAAA,EAAG;AAC3B,IAAA,MAAM,IAAI,uBAAA;AAAA,MACR,eAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF;AAEA,EAAA,MAAM,UAAU,aAAA,CAAc;AAAA,IAC5B,SAAA,EAAW,QAAQ,SAAA,CAAU,SAAA;AAAA,IAC7B,GAAI,OAAA,CAAQ,SAAA,CAAU,MAAA,KAAW,MAAA,GAC7B,EAAC,GACD,EAAE,MAAA,EAAQ,OAAA,CAAQ,SAAA,CAAU,MAAA;AAAO,GACxC,CAAA;AAED,EAAA,OAAO,aAAA;AAAA,IACL,OAAA;AAAA,IACA,OAAA;AAAA,IACA,OAAA,CAAQ,+BAA+B,MAAA,GACnC,KACA,EAAE,0BAAA,EAA4B,QAAQ,0BAAA;AAA2B,GACvE;AACF;AAiBA,eAAsB,WAAA,CACpB,OAAA,GAAkC,EAAC,EACjB;AAClB,EAAA,MAAM,MAAA,GAAS,MAAM,eAAA,CAAgB,OAAO,CAAA;AAC5C,EAAA,OAAO,MAAA,CAAO,SAAA;AAChB;AAEA,SAAS,eACP,SAAA,EACkB;AAClB,EAAA,IAAI,WAAW,OAAO,SAAA;AAItB,EAAA,OAAO;AAAA,IACL,SAAA,EAAW,OAAO,SAAA,KAAc,WAAA,GAAc,MAAA,GAAY,SAAA;AAAA,IAC1D,MAAA,EACE,OAAO,MAAA,KAAW,WAAA,GACd,MAAA,GACC,MAAA;AAAA,IACP,SAAA,EAAW,OAAO,SAAA,KAAc,WAAA,GAAc,MAAA,GAAY;AAAA,GAC5D;AACF;AAEA,SAAS,cACP,OAAA,EAGA;AACA,EAAA,OAAO,OAAA,CAAQ,OAAA,CAAQ,SAAA,EAAW,SAAS,CAAA;AAC7C","file":"index.cjs","sourcesContent":["/*\n Coarse browser-engine identifiers used to pick a detection strategy.\n \n We deliberately do not export brand names like \"Brave\" or \"Vivaldi\" — they\n * are all Chromium under the hood and the relevant private-mode behaviour\n * matches the engine, not the brand.\n /\nexport type BrowserName =\n \| 'chromium'\n \| 'firefox'\n \| 'safari'\n \| 'webkit'\n \| 'edge-legacy'\n \| 'ie'\n \| 'unknown';\n\ninterface UserAgentSource {\n readonly userAgent: string;\n readonly vendor?: string;\n}\n\nconst CHROMIUM_HINTS = ['chrome/', 'crios/', 'chromium/', 'edg/', 'opr/'];\n\n/\n Classify the current navigator into a coarse browser engine.\n \n Pure function — accepts an optional `source` so it can be unit-tested\n * without polluting globals. In production we read from `navigator` directly.\n /\nexport function detectBrowser(source?: UserAgentSource): BrowserName {\n const ua = (source?.userAgent ?? '').toLowerCase();\n const vendor = (source?.vendor ?? '').toLowerCase();\n\n if (!ua) return 'unknown';\n\n if (ua.includes('msie ') \|\| ua.includes('trident/')) return 'ie';\n if (ua.includes('edge/')) return 'edge-legacy';\n if (ua.includes('firefox/') \|\| ua.includes('fxios/')) return 'firefox';\n\n const looksLikeChromium = CHROMIUM_HINTS.some((hint) => ua.includes(hint));\n if (looksLikeChromium) return 'chromium';\n\n // Safari sets `vendor === 'apple computer, inc.'`. iOS-Chrome/Firefox also\n // run on WebKit but advertise different UAs, so we reach this branch only\n // for \"real\" Safari and other WebKit shells.\n if (ua.includes('safari/') && (vendor.includes('apple') \|\| !vendor)) {\n return 'safari';\n }\n if (ua.includes('applewebkit/')) return 'webkit';\n\n return 'unknown';\n}\n","/\n Stable identifiers for {@link IncognitoDetectionError} causes.\n \n Branching on `code` is safer than parsing `message` strings.\n /\nexport type IncognitoDetectionErrorCode =\n /* Invoked in a non-browser context (Node, worker without globals, etc.). /\n \| 'NOT_A_BROWSER'\n /* Browser detected but no supported detection strategy applies. /\n \| 'UNSUPPORTED_BROWSER'\n /* A probe threw before it could produce a definitive result. /\n \| 'PROBE_FAILED';\n\n/\n Thrown when private-mode cannot be determined.\n \n @example\n * ```ts\n * import { isIncognito, IncognitoDetectionError } from 'is-incognito-mode';\n \n try {\n * await isIncognito();\n * } catch (error) {\n * if (error instanceof IncognitoDetectionError) {\n * console.warn(error.code, error.message);\n * }\n * }\n * ```\n /\nexport class IncognitoDetectionError extends Error {\n override readonly name = 'IncognitoDetectionError';\n readonly code: IncognitoDetectionErrorCode;\n\n constructor(\n code: IncognitoDetectionErrorCode,\n message: string,\n options?: { cause?: unknown },\n ) {\n super(message, options);\n this.code = code;\n }\n}\n","import type { BrowserName } from './browser.ts';\nimport { IncognitoDetectionError } from './errors.ts';\nimport type {\n DetectIncognitoOptions,\n DetectionGlobals,\n DetectionResult,\n} from './types.ts';\n\n/\n Fallback JS-heap ceiling (1 GiB) used by the Chromium strategy when\n * `performance.memory.jsHeapSizeLimit` is unavailable. Also exported as the\n * reference value for the `privateQuotaThresholdBytes` advanced override.\n /\nexport const DEFAULT_PRIVATE_QUOTA_BYTES = 1024 1024 * 1024;\n\n/*\n The Chromium temporary-storage quota in an incognito tab stays below roughly\n * twice the JS-heap ceiling (it is memory-bound, not disk-bound). Normal tabs\n * are disk-bound and far above it.\n /\nconst HEAP_QUOTA_MULTIPLIER = 2;\n\n/\n Sentinel key used by the legacy localStorage / indexedDB probes. Random\n * enough that collisions with real user keys are impossible.\n /\nconst PROBE_KEY = '__is_incognito_mode_probe_cd1394e6__';\n\n/\n Try strategies in priority order, returning the first one that produces a\n * definitive answer. Throws {@link IncognitoDetectionError} if every strategy\n * declines.\n /\nexport async function runStrategies(\n browser: BrowserName,\n globals: DetectionGlobals,\n options: Pick<DetectIncognitoOptions, 'privateQuotaThresholdBytes'>,\n): Promise<DetectionResult> {\n const errors: unknown[] = [];\n\n switch (browser) {\n case 'chromium': {\n const result = await attempt(\n () => detectViaChromiumQuota(browser, globals, options),\n errors,\n );\n if (result !== null) return result;\n break;\n }\n case 'firefox': {\n const opfs = await attempt(\n () => detectViaOpfsProbe(browser, globals, 'Security error'),\n errors,\n );\n if (opfs !== null) return opfs;\n const idb = await attempt(\n () => detectViaFirefoxIndexedDB(browser, globals),\n errors,\n );\n if (idb !== null) return idb;\n break;\n }\n case 'safari':\n case 'webkit': {\n const opfs = await attempt(\n () => detectViaOpfsProbe(browser, globals, 'unknown transient reason'),\n errors,\n );\n if (opfs !== null) return opfs;\n const legacy = await attempt(\n () => detectViaSafariStorage(browser, globals),\n errors,\n );\n if (legacy !== null) return legacy;\n break;\n }\n case 'edge-legacy':\n case 'ie': {\n const result = await attempt(\n () => detectViaLegacyEdge(browser, globals),\n errors,\n );\n if (result !== null) return result;\n break;\n }\n case 'unknown': {\n break;\n }\n }\n\n throw new IncognitoDetectionError(\n browser === 'unknown' ? 'UNSUPPORTED_BROWSER' : 'PROBE_FAILED',\n `No detection strategy produced a verdict for browser \"${browser}\".`,\n errors.length > 0 ? { cause: errors[0] } : undefined,\n );\n}\n\nasync function attempt(\n strategy: () => DetectionResult \| null \| Promise<DetectionResult \| null>,\n errors: unknown[],\n): Promise<DetectionResult \| null> {\n try {\n return await strategy();\n } catch (error) {\n errors.push(error);\n return null;\n }\n}\n\n/\n Chromium family (Chrome, Edge, Brave, Opera, …).\n \n Modern Chrome deliberately fakes `navigator.storage.estimate().quota` at\n * `usage + 10 GiB` in every mode to defeat detection — so that API is\n * useless here. The legacy `navigator.webkitTemporaryStorage` API was not\n * given the same treatment and still reports the real per-origin quota:\n * disk-bound (huge) in normal mode, memory-bound (small) in incognito.\n \n We compare it to `performance.memory.jsHeapSizeLimit` — a per-renderer\n * constant that does not change between modes — so the test adapts to the\n * device instead of relying on a brittle fixed byte count.\n /\nasync function detectViaChromiumQuota(\n browser: BrowserName,\n globals: DetectionGlobals,\n options: Pick<DetectIncognitoOptions, 'privateQuotaThresholdBytes'>,\n): Promise<DetectionResult \| null> {\n const tempStorage = globals.navigator?.webkitTemporaryStorage;\n if (typeof tempStorage?.queryUsageAndQuota !== 'function') return null;\n\n const quota = await new Promise<number \| null>((resolve) => {\n let settled = false;\n const settle = (value: number \| null): void => {\n if (!settled) {\n settled = true;\n resolve(value);\n }\n };\n try {\n tempStorage.queryUsageAndQuota(\n (_used, grantedQuota) => {\n settle(typeof grantedQuota === 'number' ? grantedQuota : null);\n },\n () => {\n settle(null);\n },\n );\n } catch {\n settle(null);\n }\n });\n if (quota === null) return null;\n\n const isPrivate =\n options.privateQuotaThresholdBytes === undefined\n ? quota < chromiumHeapLimit(globals) HEAP_QUOTA_MULTIPLIER\n : quota < options.privateQuotaThresholdBytes;\n\n return {\n isPrivate,\n browser,\n confidence: 'high',\n quota,\n strategy: 'chromium-quota',\n };\n}\n\nfunction chromiumHeapLimit(globals: DetectionGlobals): number {\n const limit = globals.window?.performance?.memory?.jsHeapSizeLimit;\n return typeof limit === 'number' && limit > 0\n ? limit\n : DEFAULT_PRIVATE_QUOTA_BYTES;\n}\n\n/*\n Firefox and Safari: the Origin Private File System\n * (`navigator.storage.getDirectory()`) is rejected in private mode. The\n * rejection message differs per engine — Firefox says `Security error`,\n * Safari says `unknown transient reason` — so the caller passes the fragment\n * to match. A successful resolve means a normal window.\n /\nasync function detectViaOpfsProbe(\n browser: BrowserName,\n globals: DetectionGlobals,\n privateErrorFragment: string,\n): Promise<DetectionResult \| null> {\n const storage = globals.navigator?.storage;\n if (typeof storage?.getDirectory !== 'function') return null;\n\n try {\n await storage.getDirectory();\n return {\n isPrivate: false,\n browser,\n confidence: 'high',\n quota: null,\n strategy: 'opfs-probe',\n };\n } catch (error) {\n const message = error instanceof Error ? error.message : String(error);\n return {\n isPrivate: message.includes(privateErrorFragment),\n browser,\n confidence: 'high',\n quota: null,\n strategy: 'opfs-probe',\n };\n }\n}\n\n/* Older Safari / WebKit without OPFS: localStorage + openDatabase probes. /\nfunction detectViaSafariStorage(\n browser: BrowserName,\n globals: DetectionGlobals,\n): DetectionResult \| null {\n const storage = globals.window?.localStorage;\n if (!storage) {\n // No localStorage at all is a strong signal on Safari < 11 private.\n return {\n isPrivate: true,\n browser,\n confidence: 'low',\n quota: null,\n strategy: 'safari-storage',\n };\n }\n\n try {\n storage.setItem(PROBE_KEY, '1');\n storage.removeItem(PROBE_KEY);\n } catch {\n return {\n isPrivate: true,\n browser,\n confidence: 'medium',\n quota: null,\n strategy: 'safari-storage',\n };\n }\n\n const win = globals.window;\n if (typeof win.openDatabase === 'function') {\n try {\n win.openDatabase(null, null, null, null);\n } catch {\n return {\n isPrivate: true,\n browser,\n confidence: 'low',\n quota: null,\n strategy: 'safari-storage',\n };\n }\n }\n\n return {\n isPrivate: false,\n browser,\n confidence: 'low',\n quota: null,\n strategy: 'safari-storage',\n };\n}\n\n/* Older Firefox without OPFS: `indexedDB.open` fails in private mode. /\nasync function detectViaFirefoxIndexedDB(\n browser: BrowserName,\n globals: DetectionGlobals,\n): Promise<DetectionResult \| null> {\n const indexedDB = globals.indexedDB ?? globals.window?.indexedDB;\n if (!indexedDB) {\n return {\n isPrivate: true,\n browser,\n confidence: 'low',\n quota: null,\n strategy: 'firefox-indexeddb',\n };\n }\n\n return new Promise<DetectionResult>((resolve) => {\n let request: IDBOpenDBRequest;\n try {\n request = indexedDB.open(PROBE_KEY);\n } catch {\n resolve({\n isPrivate: true,\n browser,\n confidence: 'low',\n quota: null,\n strategy: 'firefox-indexeddb',\n });\n return;\n }\n\n request.addEventListener('error', () => {\n resolve({\n isPrivate: true,\n browser,\n confidence: 'low',\n quota: null,\n strategy: 'firefox-indexeddb',\n });\n });\n request.addEventListener('success', () => {\n try {\n request.result.close();\n indexedDB.deleteDatabase(PROBE_KEY);\n } catch {\n / best-effort cleanup /\n }\n resolve({\n isPrivate: false,\n browser,\n confidence: 'low',\n quota: null,\n strategy: 'firefox-indexeddb',\n });\n });\n });\n}\n\n/* Legacy Edge / IE: no `indexedDB` while `PointerEvent` exists → private. /\nfunction detectViaLegacyEdge(\n browser: BrowserName,\n globals: DetectionGlobals,\n): DetectionResult \| null {\n const win = globals.window;\n if (!win) return null;\n const hasIndexedDB = Boolean(win.indexedDB ?? globals.indexedDB);\n const hasPointer = Boolean(win.PointerEvent ?? win.MSPointerEvent);\n return {\n isPrivate: !hasIndexedDB && hasPointer,\n browser,\n confidence: 'low',\n quota: null,\n strategy: 'legacy-edge',\n };\n}\n","import { detectBrowser } from './browser.ts';\nimport { IncognitoDetectionError } from './errors.ts';\nimport { runStrategies } from './strategies.ts';\nimport type {\n DetectIncognitoOptions,\n DetectionGlobals,\n DetectionResult,\n WindowLike,\n} from './types.ts';\n\n/\n Detect whether the current browser is in private / incognito mode.\n \n Returns a rich {@link DetectionResult}. Most callers want the thinner\n * {@link isIncognito} convenience instead.\n \n @throws {IncognitoDetectionError}\n * - `NOT_A_BROWSER` when invoked outside a browser-like environment.\n * - `UNSUPPORTED_BROWSER` when the browser was classified as `unknown` and\n * no fallback strategy applied.\n * - `PROBE_FAILED` when every applicable strategy threw before producing a\n * definitive answer.\n \n @example\n * ```ts\n * import { detectIncognito } from 'is-incognito-mode';\n \n const { isPrivate, browser, confidence, quota } = await detectIncognito();\n * console.log(`${browser} (${confidence} confidence, quota: ${quota ?? '?'})`);\n * ```\n /\nexport async function detectIncognito(\n options: DetectIncognitoOptions = {},\n): Promise<DetectionResult> {\n const globals = resolveGlobals(options.globals);\n if (!isBrowserLike(globals)) {\n throw new IncognitoDetectionError(\n 'NOT_A_BROWSER',\n 'is-incognito-mode can only run in a browser-like environment.',\n );\n }\n\n const browser = detectBrowser({\n userAgent: globals.navigator.userAgent,\n ...(globals.navigator.vendor === undefined\n ? {}\n : { vendor: globals.navigator.vendor }),\n });\n\n return runStrategies(\n browser,\n globals,\n options.privateQuotaThresholdBytes === undefined\n ? {}\n : { privateQuotaThresholdBytes: options.privateQuotaThresholdBytes },\n );\n}\n\n/\n Convenience wrapper around {@link detectIncognito} that resolves to the\n * boolean verdict only. Drop-in compatible with v1's default export.\n \n @example\n * ```ts\n * import { isIncognito } from 'is-incognito-mode';\n \n if (await isIncognito()) {\n * showPaywall();\n * }\n * ```\n \n @throws {IncognitoDetectionError} See {@link detectIncognito}.\n */\nexport async function isIncognito(\n options: DetectIncognitoOptions = {},\n): Promise<boolean> {\n const result = await detectIncognito(options);\n return result.isPrivate;\n}\n\nfunction resolveGlobals(\n overrides: DetectionGlobals \| undefined,\n): DetectionGlobals {\n if (overrides) return overrides;\n // Boundary cast on `window`: the live object carries non-standard properties\n // the detector relies on (notably `performance.memory`) that the standard\n // DOM lib types do not declare.\n return {\n navigator: typeof navigator === 'undefined' ? undefined : navigator,\n window:\n typeof window === 'undefined'\n ? undefined\n : (window as unknown as WindowLike),\n indexedDB: typeof indexedDB === 'undefined' ? undefined : indexedDB,\n };\n}\n\nfunction isBrowserLike(\n globals: DetectionGlobals,\n): globals is DetectionGlobals & {\n navigator: NonNullable<DetectionGlobals['navigator']>;\n} {\n return Boolean(globals.navigator?.userAgent);\n}\n"]}

package/dist/index.d.cts CHANGED Viewed

@@ -10,12 +10,11 @@ type BrowserName = 'chromium' | 'firefox' | 'safari' | 'webkit' | 'edge-legacy'
 /**
  * Qualitative confidence in a detection outcome.
  *
- * - `high` — A direct, hard-to-fake signal (e.g. a storage quota two orders of
- *   magnitude smaller than the device total).
+ * - `high` — A direct, hard-to-fake signal (the Chromium temporary-storage
+ *   quota probe, or an OPFS access rejection in Firefox / Safari private mode).
  * - `medium` — A heuristic that is right the overwhelming majority of the
- *   time but has known false-positive scenarios (small devices, restricted
- *   storage profiles).
- * - `low` — A best-effort fallback (e.g. legacy-browser heuristics).
+ *   time but has known false-positive scenarios.
+ * - `low` — A best-effort fallback (legacy-browser heuristics).
  */
 type DetectionConfidence = 'high' | 'medium' | 'low';
 /**
@@ -29,30 +28,48 @@ interface DetectionResult {
     /** Detector's qualitative confidence in `isPrivate`. */
     readonly confidence: DetectionConfidence;
     /**
-     * Total storage quota reported by `navigator.storage.estimate()`, in bytes,
-     * when that API was available. `null` otherwise.
+     * Storage quota in bytes that informed the verdict, when a quota-based
+     * strategy was used. `null` for strategies that do not read a quota
+     * (OPFS probe, legacy heuristics).
      */
     readonly quota: number | null;
     /** Identifier of the strategy that produced the verdict. */
     readonly strategy: DetectionStrategyName;
 }
 /**
- * Stable identifiers for the strategies. Useful for debugging and analytics.
+ * Stable identifiers for the detection strategies. Useful for debugging and
+ * analytics.
+ *
+ * - `chromium-quota` — Chromium-family: the legacy
+ *   `navigator.webkitTemporaryStorage.queryUsageAndQuota` quota compared to
+ *   `performance.memory.jsHeapSizeLimit`. This is the only Chromium signal
+ *   that still works: modern Chrome fakes `navigator.storage.estimate()` at
+ *   `usage + 10 GiB` in every mode specifically to defeat detection.
+ * - `opfs-probe` — Firefox / Safari: `navigator.storage.getDirectory()`
+ *   (Origin Private File System) is rejected in private mode.
+ * - `firefox-indexeddb` — Older Firefox without OPFS: `indexedDB.open` error.
+ * - `safari-storage` — Older Safari / WebKit without OPFS: `localStorage` +
+ *   `openDatabase` probes.
+ * - `legacy-edge` — Legacy Edge / IE: `PointerEvent` + `indexedDB` heuristic.
  */
-type DetectionStrategyName = 'storage-quota' | 'safari-storage' | 'firefox-indexeddb' | 'legacy-edge';
+type DetectionStrategyName = 'chromium-quota' | 'opfs-probe' | 'firefox-indexeddb' | 'safari-storage' | 'legacy-edge';
 /**
  * Options for {@link detectIncognito}.
  */
 interface DetectIncognitoOptions {
     /**
-     * Override the global `navigator` and `window`/`indexedDB` lookups. Used in
+     * Override the global `navigator` / `window` / `indexedDB` lookups. Used in
      * tests; in production the live globals are used.
      */
     readonly globals?: DetectionGlobals;
     /**
-     * Override the quota cutoff (bytes) below which `storage-quota` classifies
-     * the browser as private. Defaults to **120 MB** which matches the
-     * Chromium / Firefox / Safari thresholds observed in 2023-2026.
+     * **Advanced override.** When set, the Chromium strategy classifies the tab
+     * as private if the legacy temporary-storage quota is below this many bytes,
+     * instead of the default heap-relative heuristic.
+     *
+     * Leave this unset unless you have measured your audience: the default
+     * compares the quota to `performance.memory.jsHeapSizeLimit`, which adapts
+     * to the device automatically and is far more robust than any fixed number.
      */
     readonly privateQuotaThresholdBytes?: number;
 }
@@ -69,20 +86,47 @@ interface NavigatorLike {
     readonly userAgent: string;
     readonly vendor?: string;
     readonly storage?: StorageManagerLike | undefined;
+    /**
+     * Legacy, non-standard quota API. Still present in Chromium and — unlike the
+     * modern Storage API — still reports the *real* per-origin quota, which is
+     * what makes incognito detection possible.
+     */
+    readonly webkitTemporaryStorage?: DeprecatedStorageQuota | undefined;
 }
 interface StorageManagerLike {
     estimate?(): Promise<{
         quota?: number;
         usage?: number;
     }>;
+    /** Origin Private File System root. Rejected in Firefox / Safari private mode. */
+    getDirectory?(): Promise<unknown>;
+}
+/**
+ * The legacy `navigator.webkitTemporaryStorage` shape. `queryUsageAndQuota`
+ * invokes `onSuccess(usedBytes, grantedQuotaBytes)`.
+ */
+interface DeprecatedStorageQuota {
+    queryUsageAndQuota(onSuccess: (usedBytes: number, grantedQuotaBytes: number) => void, onError?: (error: unknown) => void): void;
 }
 interface WindowLike {
     readonly indexedDB?: IDBFactory | undefined;
     readonly localStorage?: StorageLike | undefined;
     readonly PointerEvent?: unknown;
     readonly MSPointerEvent?: unknown;
+    readonly performance?: PerformanceLike | undefined;
     openDatabase?(name: string | null, version: string | null, displayName: string | null, estimatedSize: number | null): unknown;
 }
+/**
+ * Subset of `window.performance`. `memory` is a non-standard Chromium-only
+ * property; `jsHeapSizeLimit` is the per-renderer JS heap ceiling, which is
+ * stable across normal and incognito modes and therefore a reliable
+ * device-relative yardstick.
+ */
+interface PerformanceLike {
+    readonly memory?: {
+        readonly jsHeapSizeLimit?: number;
+    } | undefined;
+}
 interface StorageLike {
     setItem(key: string, value: string): void;
     removeItem(key: string): void;
@@ -164,12 +208,10 @@ declare class IncognitoDetectionError extends Error {
 }
 /**
- * Default cutoff: 120 MB. Below this, every shipping browser we tested in 2024
- * is in a restricted (private) storage context. Above, it is normal.
- *
- * Sources: detectIncognito.js research notes; cross-checked against Chrome
- * 120+, Firefox 121+, Safari 17+.
+ * Fallback JS-heap ceiling (1 GiB) used by the Chromium strategy when
+ * `performance.memory.jsHeapSizeLimit` is unavailable. Also exported as the
+ * reference value for the `privateQuotaThresholdBytes` advanced override.
  */
 declare const DEFAULT_PRIVATE_QUOTA_BYTES: number;
-export { type BrowserName, DEFAULT_PRIVATE_QUOTA_BYTES, type DetectIncognitoOptions, type DetectionConfidence, type DetectionGlobals, type DetectionResult, type DetectionStrategyName, IncognitoDetectionError, type IncognitoDetectionErrorCode, type NavigatorLike, type StorageLike, type StorageManagerLike, type WindowLike, isIncognito as default, detectIncognito, isIncognito };
+export { type BrowserName, DEFAULT_PRIVATE_QUOTA_BYTES, type DeprecatedStorageQuota, type DetectIncognitoOptions, type DetectionConfidence, type DetectionGlobals, type DetectionResult, type DetectionStrategyName, IncognitoDetectionError, type IncognitoDetectionErrorCode, type NavigatorLike, type PerformanceLike, type StorageLike, type StorageManagerLike, type WindowLike, isIncognito as default, detectIncognito, isIncognito };

package/dist/index.d.ts CHANGED Viewed

@@ -10,12 +10,11 @@ type BrowserName = 'chromium' | 'firefox' | 'safari' | 'webkit' | 'edge-legacy'
 /**
  * Qualitative confidence in a detection outcome.
  *
- * - `high` — A direct, hard-to-fake signal (e.g. a storage quota two orders of
- *   magnitude smaller than the device total).
+ * - `high` — A direct, hard-to-fake signal (the Chromium temporary-storage
+ *   quota probe, or an OPFS access rejection in Firefox / Safari private mode).
  * - `medium` — A heuristic that is right the overwhelming majority of the
- *   time but has known false-positive scenarios (small devices, restricted
- *   storage profiles).
- * - `low` — A best-effort fallback (e.g. legacy-browser heuristics).
+ *   time but has known false-positive scenarios.
+ * - `low` — A best-effort fallback (legacy-browser heuristics).
  */
 type DetectionConfidence = 'high' | 'medium' | 'low';
 /**
@@ -29,30 +28,48 @@ interface DetectionResult {
     /** Detector's qualitative confidence in `isPrivate`. */
     readonly confidence: DetectionConfidence;
     /**
-     * Total storage quota reported by `navigator.storage.estimate()`, in bytes,
-     * when that API was available. `null` otherwise.
+     * Storage quota in bytes that informed the verdict, when a quota-based
+     * strategy was used. `null` for strategies that do not read a quota
+     * (OPFS probe, legacy heuristics).
      */
     readonly quota: number | null;
     /** Identifier of the strategy that produced the verdict. */
     readonly strategy: DetectionStrategyName;
 }
 /**
- * Stable identifiers for the strategies. Useful for debugging and analytics.
+ * Stable identifiers for the detection strategies. Useful for debugging and
+ * analytics.
+ *
+ * - `chromium-quota` — Chromium-family: the legacy
+ *   `navigator.webkitTemporaryStorage.queryUsageAndQuota` quota compared to
+ *   `performance.memory.jsHeapSizeLimit`. This is the only Chromium signal
+ *   that still works: modern Chrome fakes `navigator.storage.estimate()` at
+ *   `usage + 10 GiB` in every mode specifically to defeat detection.
+ * - `opfs-probe` — Firefox / Safari: `navigator.storage.getDirectory()`
+ *   (Origin Private File System) is rejected in private mode.
+ * - `firefox-indexeddb` — Older Firefox without OPFS: `indexedDB.open` error.
+ * - `safari-storage` — Older Safari / WebKit without OPFS: `localStorage` +
+ *   `openDatabase` probes.
+ * - `legacy-edge` — Legacy Edge / IE: `PointerEvent` + `indexedDB` heuristic.
  */
-type DetectionStrategyName = 'storage-quota' | 'safari-storage' | 'firefox-indexeddb' | 'legacy-edge';
+type DetectionStrategyName = 'chromium-quota' | 'opfs-probe' | 'firefox-indexeddb' | 'safari-storage' | 'legacy-edge';
 /**
  * Options for {@link detectIncognito}.
  */
 interface DetectIncognitoOptions {
     /**
-     * Override the global `navigator` and `window`/`indexedDB` lookups. Used in
+     * Override the global `navigator` / `window` / `indexedDB` lookups. Used in
      * tests; in production the live globals are used.
      */
     readonly globals?: DetectionGlobals;
     /**
-     * Override the quota cutoff (bytes) below which `storage-quota` classifies
-     * the browser as private. Defaults to **120 MB** which matches the
-     * Chromium / Firefox / Safari thresholds observed in 2023-2026.
+     * **Advanced override.** When set, the Chromium strategy classifies the tab
+     * as private if the legacy temporary-storage quota is below this many bytes,
+     * instead of the default heap-relative heuristic.
+     *
+     * Leave this unset unless you have measured your audience: the default
+     * compares the quota to `performance.memory.jsHeapSizeLimit`, which adapts
+     * to the device automatically and is far more robust than any fixed number.
      */
     readonly privateQuotaThresholdBytes?: number;
 }
@@ -69,20 +86,47 @@ interface NavigatorLike {
     readonly userAgent: string;
     readonly vendor?: string;
     readonly storage?: StorageManagerLike | undefined;
+    /**
+     * Legacy, non-standard quota API. Still present in Chromium and — unlike the
+     * modern Storage API — still reports the *real* per-origin quota, which is
+     * what makes incognito detection possible.
+     */
+    readonly webkitTemporaryStorage?: DeprecatedStorageQuota | undefined;
 }
 interface StorageManagerLike {
     estimate?(): Promise<{
         quota?: number;
         usage?: number;
     }>;
+    /** Origin Private File System root. Rejected in Firefox / Safari private mode. */
+    getDirectory?(): Promise<unknown>;
+}
+/**
+ * The legacy `navigator.webkitTemporaryStorage` shape. `queryUsageAndQuota`
+ * invokes `onSuccess(usedBytes, grantedQuotaBytes)`.
+ */
+interface DeprecatedStorageQuota {
+    queryUsageAndQuota(onSuccess: (usedBytes: number, grantedQuotaBytes: number) => void, onError?: (error: unknown) => void): void;
 }
 interface WindowLike {
     readonly indexedDB?: IDBFactory | undefined;
     readonly localStorage?: StorageLike | undefined;
     readonly PointerEvent?: unknown;
     readonly MSPointerEvent?: unknown;
+    readonly performance?: PerformanceLike | undefined;
     openDatabase?(name: string | null, version: string | null, displayName: string | null, estimatedSize: number | null): unknown;
 }
+/**
+ * Subset of `window.performance`. `memory` is a non-standard Chromium-only
+ * property; `jsHeapSizeLimit` is the per-renderer JS heap ceiling, which is
+ * stable across normal and incognito modes and therefore a reliable
+ * device-relative yardstick.
+ */
+interface PerformanceLike {
+    readonly memory?: {
+        readonly jsHeapSizeLimit?: number;
+    } | undefined;
+}
 interface StorageLike {
     setItem(key: string, value: string): void;
     removeItem(key: string): void;
@@ -164,12 +208,10 @@ declare class IncognitoDetectionError extends Error {
 }
 /**
- * Default cutoff: 120 MB. Below this, every shipping browser we tested in 2024
- * is in a restricted (private) storage context. Above, it is normal.
- *
- * Sources: detectIncognito.js research notes; cross-checked against Chrome
- * 120+, Firefox 121+, Safari 17+.
+ * Fallback JS-heap ceiling (1 GiB) used by the Chromium strategy when
+ * `performance.memory.jsHeapSizeLimit` is unavailable. Also exported as the
+ * reference value for the `privateQuotaThresholdBytes` advanced override.
  */
 declare const DEFAULT_PRIVATE_QUOTA_BYTES: number;
-export { type BrowserName, DEFAULT_PRIVATE_QUOTA_BYTES, type DetectIncognitoOptions, type DetectionConfidence, type DetectionGlobals, type DetectionResult, type DetectionStrategyName, IncognitoDetectionError, type IncognitoDetectionErrorCode, type NavigatorLike, type StorageLike, type StorageManagerLike, type WindowLike, isIncognito as default, detectIncognito, isIncognito };
+export { type BrowserName, DEFAULT_PRIVATE_QUOTA_BYTES, type DeprecatedStorageQuota, type DetectIncognitoOptions, type DetectionConfidence, type DetectionGlobals, type DetectionResult, type DetectionStrategyName, IncognitoDetectionError, type IncognitoDetectionErrorCode, type NavigatorLike, type PerformanceLike, type StorageLike, type StorageManagerLike, type WindowLike, isIncognito as default, detectIncognito, isIncognito };

package/dist/index.js CHANGED Viewed

@@ -27,33 +27,53 @@ var IncognitoDetectionError = class extends Error {
 };
 // src/strategies.ts
-var DEFAULT_PRIVATE_QUOTA_BYTES = 120 * 1024 * 1024;
+var DEFAULT_PRIVATE_QUOTA_BYTES = 1024 * 1024 * 1024;
+var HEAP_QUOTA_MULTIPLIER = 2;
 var PROBE_KEY = "__is_incognito_mode_probe_cd1394e6__";
 async function runStrategies(browser, globals, options) {
   const errors = [];
-  if (canUseStorageEstimate(globals)) {
-    try {
-      const result = await detectViaStorageQuota(browser, globals, options);
-      if (result !== null) return result;
-    } catch (error) {
-      errors.push(error);
-    }
-  }
   switch (browser) {
-    case "safari":
-    case "webkit": {
-      const result = detectViaSafariStorage(browser, globals);
+    case "chromium": {
+      const result = await attempt(
+        () => detectViaChromiumQuota(browser, globals, options),
+        errors
+      );
       if (result !== null) return result;
       break;
     }
     case "firefox": {
-      const result = await detectViaFirefoxIndexedDB(browser, globals);
-      if (result !== null) return result;
+      const opfs = await attempt(
+        () => detectViaOpfsProbe(browser, globals, "Security error"),
+        errors
+      );
+      if (opfs !== null) return opfs;
+      const idb = await attempt(
+        () => detectViaFirefoxIndexedDB(browser, globals),
+        errors
+      );
+      if (idb !== null) return idb;
+      break;
+    }
+    case "safari":
+    case "webkit": {
+      const opfs = await attempt(
+        () => detectViaOpfsProbe(browser, globals, "unknown transient reason"),
+        errors
+      );
+      if (opfs !== null) return opfs;
+      const legacy = await attempt(
+        () => detectViaSafariStorage(browser, globals),
+        errors
+      );
+      if (legacy !== null) return legacy;
       break;
     }
     case "edge-legacy":
     case "ie": {
-      const result = detectViaLegacyEdge(browser, globals);
+      const result = await attempt(
+        () => detectViaLegacyEdge(browser, globals),
+        errors
+      );
       if (result !== null) return result;
       break;
     }
@@ -64,24 +84,75 @@ async function runStrategies(browser, globals, options) {
     errors.length > 0 ? { cause: errors[0] } : void 0
   );
 }
-function canUseStorageEstimate(globals) {
-  return typeof globals.navigator?.storage?.estimate === "function";
+async function attempt(strategy, errors) {
+  try {
+    return await strategy();
+  } catch (error) {
+    errors.push(error);
+    return null;
+  }
 }
-async function detectViaStorageQuota(browser, globals, options) {
-  const storage = globals.navigator?.storage;
-  if (!storage?.estimate) return null;
-  const estimate = await storage.estimate();
-  const quota = typeof estimate.quota === "number" ? estimate.quota : null;
+async function detectViaChromiumQuota(browser, globals, options) {
+  const tempStorage = globals.navigator?.webkitTemporaryStorage;
+  if (typeof tempStorage?.queryUsageAndQuota !== "function") return null;
+  const quota = await new Promise((resolve) => {
+    let settled = false;
+    const settle = (value) => {
+      if (!settled) {
+        settled = true;
+        resolve(value);
+      }
+    };
+    try {
+      tempStorage.queryUsageAndQuota(
+        (_used, grantedQuota) => {
+          settle(typeof grantedQuota === "number" ? grantedQuota : null);
+        },
+        () => {
+          settle(null);
+        }
+      );
+    } catch {
+      settle(null);
+    }
+  });
   if (quota === null) return null;
-  const isPrivate = quota < options.privateQuotaThresholdBytes;
+  const isPrivate = options.privateQuotaThresholdBytes === void 0 ? quota < chromiumHeapLimit(globals) * HEAP_QUOTA_MULTIPLIER : quota < options.privateQuotaThresholdBytes;
   return {
     isPrivate,
     browser,
     confidence: "high",
     quota,
-    strategy: "storage-quota"
+    strategy: "chromium-quota"
   };
 }
+function chromiumHeapLimit(globals) {
+  const limit = globals.window?.performance?.memory?.jsHeapSizeLimit;
+  return typeof limit === "number" && limit > 0 ? limit : DEFAULT_PRIVATE_QUOTA_BYTES;
+}
+async function detectViaOpfsProbe(browser, globals, privateErrorFragment) {
+  const storage = globals.navigator?.storage;
+  if (typeof storage?.getDirectory !== "function") return null;
+  try {
+    await storage.getDirectory();
+    return {
+      isPrivate: false,
+      browser,
+      confidence: "high",
+      quota: null,
+      strategy: "opfs-probe"
+    };
+  } catch (error) {
+    const message = error instanceof Error ? error.message : String(error);
+    return {
+      isPrivate: message.includes(privateErrorFragment),
+      browser,
+      confidence: "high",
+      quota: null,
+      strategy: "opfs-probe"
+    };
+  }
+}
 function detectViaSafariStorage(browser, globals) {
   const storage = globals.window?.localStorage;
   if (!storage) {
@@ -182,17 +253,8 @@ function detectViaLegacyEdge(browser, globals) {
   if (!win) return null;
   const hasIndexedDB = Boolean(win.indexedDB ?? globals.indexedDB);
   const hasPointer = Boolean(win.PointerEvent ?? win.MSPointerEvent);
-  if (!hasIndexedDB && hasPointer) {
-    return {
-      isPrivate: true,
-      browser,
-      confidence: "low",
-      quota: null,
-      strategy: "legacy-edge"
-    };
-  }
   return {
-    isPrivate: false,
+    isPrivate: !hasIndexedDB && hasPointer,
     browser,
     confidence: "low",
     quota: null,
@@ -213,10 +275,11 @@ async function detectIncognito(options = {}) {
     userAgent: globals.navigator.userAgent,
     ...globals.navigator.vendor === void 0 ? {} : { vendor: globals.navigator.vendor }
   });
-  const threshold = options.privateQuotaThresholdBytes ?? DEFAULT_PRIVATE_QUOTA_BYTES;
-  return runStrategies(browser, globals, {
-    privateQuotaThresholdBytes: threshold
-  });
+  return runStrategies(
+    browser,
+    globals,
+    options.privateQuotaThresholdBytes === void 0 ? {} : { privateQuotaThresholdBytes: options.privateQuotaThresholdBytes }
+  );
 }
 async function isIncognito(options = {}) {
   const result = await detectIncognito(options);

package/dist/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../src/browser.ts","../src/errors.ts","../src/strategies.ts","../src/detect.ts"],"names":["indexedDB"],"mappings":";AAqBA,IAAM,iBAAiB,CAAC,SAAA,EAAW,QAAA,EAAU,WAAA,EAAa,QAAQ,MAAM,CAAA;AAQjE,SAAS,cAAc,MAAA,EAAuC;AACnE,EAAA,MAAM,EAAA,GAAA,CAAM,MAAA,EAAQ,SAAA,IAAa,EAAA,EAAI,WAAA,EAAY;AACjD,EAAA,MAAM,MAAA,GAAA,CAAU,MAAA,EAAQ,MAAA,IAAU,EAAA,EAAI,WAAA,EAAY;AAElD,EAAA,IAAI,CAAC,IAAI,OAAO,SAAA;AAEhB,EAAA,IAAI,EAAA,CAAG,SAAS,OAAO,CAAA,IAAK,GAAG,QAAA,CAAS,UAAU,GAAG,OAAO,IAAA;AAC5D,EAAA,IAAI,EAAA,CAAG,QAAA,CAAS,OAAO,CAAA,EAAG,OAAO,aAAA;AACjC,EAAA,IAAI,EAAA,CAAG,SAAS,UAAU,CAAA,IAAK,GAAG,QAAA,CAAS,QAAQ,GAAG,OAAO,SAAA;AAE7D,EAAA,MAAM,iBAAA,GAAoB,eAAe,IAAA,CAAK,CAAC,SAAS,EAAA,CAAG,QAAA,CAAS,IAAI,CAAC,CAAA;AACzE,EAAA,IAAI,mBAAmB,OAAO,UAAA;AAK9B,EAAA,IAAI,EAAA,CAAG,SAAS,SAAS,CAAA,KAAM,OAAO,QAAA,CAAS,OAAO,CAAA,IAAK,CAAC,MAAA,CAAA,EAAS;AACnE,IAAA,OAAO,QAAA;AAAA,EACT;AACA,EAAA,IAAI,EAAA,CAAG,QAAA,CAAS,cAAc,CAAA,EAAG,OAAO,QAAA;AAExC,EAAA,OAAO,SAAA;AACT;;;ACtBO,IAAM,uBAAA,GAAN,cAAsC,KAAA,CAAM;AAAA,EAC/B,IAAA,GAAO,yBAAA;AAAA,EAChB,IAAA;AAAA,EAET,WAAA,CACE,IAAA,EACA,OAAA,EACA,OAAA,EACA;AACA,IAAA,KAAA,CAAM,SAAS,OAAO,CAAA;AACtB,IAAA,IAAA,CAAK,IAAA,GAAO,IAAA;AAAA,EACd;AACF;;;AC1BO,IAAM,2BAAA,GAA8B,MAAM,IAAA,GAAO;AAMxD,IAAM,SAAA,GAAY,sCAAA;AAOlB,eAAsB,aAAA,CACpB,OAAA,EACA,OAAA,EACA,OAAA,EAC0B;AAC1B,EAAA,MAAM,SAAoB,EAAC;AAG3B,EAAA,IAAI,qBAAA,CAAsB,OAAO,CAAA,EAAG;AAClC,IAAA,IAAI;AACF,MAAA,MAAM,MAAA,GAAS,MAAM,qBAAA,CAAsB,OAAA,EAAS,SAAS,OAAO,CAAA;AACpE,MAAA,IAAI,MAAA,KAAW,MAAM,OAAO,MAAA;AAAA,IAC9B,SAAS,KAAA,EAAO;AACd,MAAA,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,IACnB;AAAA,EACF;AAGA,EAAA,QAAQ,OAAA;AAAS,IACf,KAAK,QAAA;AAAA,IACL,KAAK,QAAA,EAAU;AACb,MAAA,MAAM,MAAA,GAAS,sBAAA,CAAuB,OAAA,EAAS,OAAO,CAAA;AACtD,MAAA,IAAI,MAAA,KAAW,MAAM,OAAO,MAAA;AAC5B,MAAA;AAAA,IACF;AAAA,IACA,KAAK,SAAA,EAAW;AACd,MAAA,MAAM,MAAA,GAAS,MAAM,yBAAA,CAA0B,OAAA,EAAS,OAAO,CAAA;AAC/D,MAAA,IAAI,MAAA,KAAW,MAAM,OAAO,MAAA;AAC5B,MAAA;AAAA,IACF;AAAA,IACA,KAAK,aAAA;AAAA,IACL,KAAK,IAAA,EAAM;AACT,MAAA,MAAM,MAAA,GAAS,mBAAA,CAAoB,OAAA,EAAS,OAAO,CAAA;AACnD,MAAA,IAAI,MAAA,KAAW,MAAM,OAAO,MAAA;AAC5B,MAAA;AAAA,IACF;AAIA;AAGF,EAAA,MAAM,IAAI,uBAAA;AAAA,IACR,OAAA,KAAY,YAAY,qBAAA,GAAwB,cAAA;AAAA,IAChD,yDAAyD,OAAO,CAAA,EAAA,CAAA;AAAA,IAChE,MAAA,CAAO,SAAS,CAAA,GAAI,EAAE,OAAO,MAAA,CAAO,CAAC,GAAE,GAAI;AAAA,GAC7C;AACF;AAEA,SAAS,sBAAsB,OAAA,EAAoC;AACjE,EAAA,OAAO,OAAO,OAAA,CAAQ,SAAA,EAAW,OAAA,EAAS,QAAA,KAAa,UAAA;AACzD;AAEA,eAAe,qBAAA,CACb,OAAA,EACA,OAAA,EACA,OAAA,EACiC;AACjC,EAAA,MAAM,OAAA,GAAU,QAAQ,SAAA,EAAW,OAAA;AACnC,EAAA,IAAI,CAAC,OAAA,EAAS,QAAA,EAAU,OAAO,IAAA;AAE/B,EAAA,MAAM,QAAA,GAAW,MAAM,OAAA,CAAQ,QAAA,EAAS;AACxC,EAAA,MAAM,QAAQ,OAAO,QAAA,CAAS,KAAA,KAAU,QAAA,GAAW,SAAS,KAAA,GAAQ,IAAA;AACpE,EAAA,IAAI,KAAA,KAAU,MAAM,OAAO,IAAA;AAE3B,EAAA,MAAM,SAAA,GAAY,QAAQ,OAAA,CAAQ,0BAAA;AAClC,EAAA,OAAO;AAAA,IACL,SAAA;AAAA,IACA,OAAA;AAAA,IACA,UAAA,EAAY,MAAA;AAAA,IACZ,KAAA;AAAA,IACA,QAAA,EAAU;AAAA,GACZ;AACF;AAEA,SAAS,sBAAA,CACP,SACA,OAAA,EACwB;AACxB,EAAA,MAAM,OAAA,GAAU,QAAQ,MAAA,EAAQ,YAAA;AAChC,EAAA,IAAI,CAAC,OAAA,EAAS;AAEZ,IAAA,OAAO;AAAA,MACL,SAAA,EAAW,IAAA;AAAA,MACX,OAAA;AAAA,MACA,UAAA,EAAY,KAAA;AAAA,MACZ,KAAA,EAAO,IAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACZ;AAAA,EACF;AAEA,EAAA,IAAI;AACF,IAAA,OAAA,CAAQ,OAAA,CAAQ,WAAW,GAAG,CAAA;AAC9B,IAAA,OAAA,CAAQ,WAAW,SAAS,CAAA;AAAA,EAC9B,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO;AAAA,MACL,SAAA,EAAW,IAAA;AAAA,MACX,OAAA;AAAA,MACA,UAAA,EAAY,QAAA;AAAA,MACZ,KAAA,EAAO,IAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACZ;AAAA,EACF;AAEA,EAAA,MAAM,MAAM,OAAA,CAAQ,MAAA;AACpB,EAAA,IAAI,OAAO,GAAA,CAAI,YAAA,KAAiB,UAAA,EAAY;AAC1C,IAAA,IAAI;AACF,MAAA,GAAA,CAAI,YAAA,CAAa,IAAA,EAAM,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,IACzC,CAAA,CAAA,MAAQ;AACN,MAAA,OAAO;AAAA,QACL,SAAA,EAAW,IAAA;AAAA,QACX,OAAA;AAAA,QACA,UAAA,EAAY,KAAA;AAAA,QACZ,KAAA,EAAO,IAAA;AAAA,QACP,QAAA,EAAU;AAAA,OACZ;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO;AAAA,IACL,SAAA,EAAW,KAAA;AAAA,IACX,OAAA;AAAA,IACA,UAAA,EAAY,KAAA;AAAA,IACZ,KAAA,EAAO,IAAA;AAAA,IACP,QAAA,EAAU;AAAA,GACZ;AACF;AAEA,eAAe,yBAAA,CACb,SACA,OAAA,EACiC;AACjC,EAAA,MAAMA,UAAAA,GAAY,OAAA,CAAQ,SAAA,IAAa,OAAA,CAAQ,MAAA,EAAQ,SAAA;AACvD,EAAA,IAAI,CAACA,UAAAA,EAAW;AACd,IAAA,OAAO;AAAA,MACL,SAAA,EAAW,IAAA;AAAA,MACX,OAAA;AAAA,MACA,UAAA,EAAY,KAAA;AAAA,MACZ,KAAA,EAAO,IAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACZ;AAAA,EACF;AAEA,EAAA,OAAO,IAAI,OAAA,CAAyB,CAAC,OAAA,KAAY;AAC/C,IAAA,IAAI,OAAA;AACJ,IAAA,IAAI;AACF,MAAA,OAAA,GAAUA,UAAAA,CAAU,KAAK,SAAS,CAAA;AAAA,IACpC,CAAA,CAAA,MAAQ;AACN,MAAA,OAAA,CAAQ;AAAA,QACN,SAAA,EAAW,IAAA;AAAA,QACX,OAAA;AAAA,QACA,UAAA,EAAY,KAAA;AAAA,QACZ,KAAA,EAAO,IAAA;AAAA,QACP,QAAA,EAAU;AAAA,OACX,CAAA;AACD,MAAA;AAAA,IACF;AAEA,IAAA,OAAA,CAAQ,gBAAA,CAAiB,SAAS,MAAM;AACtC,MAAA,OAAA,CAAQ;AAAA,QACN,SAAA,EAAW,IAAA;AAAA,QACX,OAAA;AAAA,QACA,UAAA,EAAY,KAAA;AAAA,QACZ,KAAA,EAAO,IAAA;AAAA,QACP,QAAA,EAAU;AAAA,OACX,CAAA;AAAA,IACH,CAAC,CAAA;AACD,IAAA,OAAA,CAAQ,gBAAA,CAAiB,WAAW,MAAM;AACxC,MAAA,IAAI;AACF,QAAA,OAAA,CAAQ,OAAO,KAAA,EAAM;AACrB,QAAAA,UAAAA,CAAU,eAAe,SAAS,CAAA;AAAA,MACpC,CAAA,CAAA,MAAQ;AAAA,MAER;AACA,MAAA,OAAA,CAAQ;AAAA,QACN,SAAA,EAAW,KAAA;AAAA,QACX,OAAA;AAAA,QACA,UAAA,EAAY,KAAA;AAAA,QACZ,KAAA,EAAO,IAAA;AAAA,QACP,QAAA,EAAU;AAAA,OACX,CAAA;AAAA,IACH,CAAC,CAAA;AAAA,EACH,CAAC,CAAA;AACH;AAEA,SAAS,mBAAA,CACP,SACA,OAAA,EACwB;AACxB,EAAA,MAAM,MAAM,OAAA,CAAQ,MAAA;AACpB,EAAA,IAAI,CAAC,KAAK,OAAO,IAAA;AACjB,EAAA,MAAM,YAAA,GAAe,OAAA,CAAQ,GAAA,CAAI,SAAA,IAAa,QAAQ,SAAS,CAAA;AAC/D,EAAA,MAAM,UAAA,GAAa,OAAA,CAAQ,GAAA,CAAI,YAAA,IAAgB,IAAI,cAAc,CAAA;AACjE,EAAA,IAAI,CAAC,gBAAgB,UAAA,EAAY;AAC/B,IAAA,OAAO;AAAA,MACL,SAAA,EAAW,IAAA;AAAA,MACX,OAAA;AAAA,MACA,UAAA,EAAY,KAAA;AAAA,MACZ,KAAA,EAAO,IAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACZ;AAAA,EACF;AACA,EAAA,OAAO;AAAA,IACL,SAAA,EAAW,KAAA;AAAA,IACX,OAAA;AAAA,IACA,UAAA,EAAY,KAAA;AAAA,IACZ,KAAA,EAAO,IAAA;AAAA,IACP,QAAA,EAAU;AAAA,GACZ;AACF;;;AC/MA,eAAsB,eAAA,CACpB,OAAA,GAAkC,EAAC,EACT;AAC1B,EAAA,MAAM,OAAA,GAAU,cAAA,CAAe,OAAA,CAAQ,OAAO,CAAA;AAC9C,EAAA,IAAI,CAAC,aAAA,CAAc,OAAO,CAAA,EAAG;AAC3B,IAAA,MAAM,IAAI,uBAAA;AAAA,MACR,eAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF;AAEA,EAAA,MAAM,UAAU,aAAA,CAAc;AAAA,IAC5B,SAAA,EAAW,QAAQ,SAAA,CAAU,SAAA;AAAA,IAC7B,GAAI,OAAA,CAAQ,SAAA,CAAU,MAAA,KAAW,MAAA,GAC7B,EAAC,GACD,EAAE,MAAA,EAAQ,OAAA,CAAQ,SAAA,CAAU,MAAA;AAAO,GACxC,CAAA;AAED,EAAA,MAAM,SAAA,GACJ,QAAQ,0BAAA,IAA8B,2BAAA;AAExC,EAAA,OAAO,aAAA,CAAc,SAAS,OAAA,EAAS;AAAA,IACrC,0BAAA,EAA4B;AAAA,GAC7B,CAAA;AACH;AAiBA,eAAsB,WAAA,CACpB,OAAA,GAAkC,EAAC,EACjB;AAClB,EAAA,MAAM,MAAA,GAAS,MAAM,eAAA,CAAgB,OAAO,CAAA;AAC5C,EAAA,OAAO,MAAA,CAAO,SAAA;AAChB;AAEA,SAAS,eACP,SAAA,EACkB;AAClB,EAAA,IAAI,WAAW,OAAO,SAAA;AACtB,EAAA,OAAO;AAAA,IACL,SAAA,EAAW,OAAO,SAAA,KAAc,WAAA,GAAc,MAAA,GAAY,SAAA;AAAA,IAC1D,MAAA,EAAQ,OAAO,MAAA,KAAW,WAAA,GAAc,MAAA,GAAY,MAAA;AAAA,IACpD,SAAA,EAAW,OAAO,SAAA,KAAc,WAAA,GAAc,MAAA,GAAY;AAAA,GAC5D;AACF;AAEA,SAAS,cACP,OAAA,EAGA;AACA,EAAA,OAAO,OAAA,CAAQ,OAAA,CAAQ,SAAA,EAAW,SAAS,CAAA;AAC7C","file":"index.js","sourcesContent":["/*\n Coarse browser-engine identifiers used to pick a detection strategy.\n \n We deliberately do not export brand names like \"Brave\" or \"Vivaldi\" — they\n * are all Chromium under the hood and the relevant private-mode behaviour\n * matches the engine, not the brand.\n /\nexport type BrowserName =\n \| 'chromium'\n \| 'firefox'\n \| 'safari'\n \| 'webkit'\n \| 'edge-legacy'\n \| 'ie'\n \| 'unknown';\n\ninterface UserAgentSource {\n readonly userAgent: string;\n readonly vendor?: string;\n}\n\nconst CHROMIUM_HINTS = ['chrome/', 'crios/', 'chromium/', 'edg/', 'opr/'];\n\n/\n Classify the current navigator into a coarse browser engine.\n \n Pure function — accepts an optional `source` so it can be unit-tested\n * without polluting globals. In production we read from `navigator` directly.\n /\nexport function detectBrowser(source?: UserAgentSource): BrowserName {\n const ua = (source?.userAgent ?? '').toLowerCase();\n const vendor = (source?.vendor ?? '').toLowerCase();\n\n if (!ua) return 'unknown';\n\n if (ua.includes('msie ') \|\| ua.includes('trident/')) return 'ie';\n if (ua.includes('edge/')) return 'edge-legacy';\n if (ua.includes('firefox/') \|\| ua.includes('fxios/')) return 'firefox';\n\n const looksLikeChromium = CHROMIUM_HINTS.some((hint) => ua.includes(hint));\n if (looksLikeChromium) return 'chromium';\n\n // Safari sets `vendor === 'apple computer, inc.'`. iOS-Chrome/Firefox also\n // run on WebKit but advertise different UAs, so we reach this branch only\n // for \"real\" Safari and other WebKit shells.\n if (ua.includes('safari/') && (vendor.includes('apple') \|\| !vendor)) {\n return 'safari';\n }\n if (ua.includes('applewebkit/')) return 'webkit';\n\n return 'unknown';\n}\n","/\n Stable identifiers for {@link IncognitoDetectionError} causes.\n \n Branching on `code` is safer than parsing `message` strings.\n /\nexport type IncognitoDetectionErrorCode =\n /* Invoked in a non-browser context (Node, worker without globals, etc.). /\n \| 'NOT_A_BROWSER'\n /* Browser detected but no supported detection strategy applies. /\n \| 'UNSUPPORTED_BROWSER'\n /* A probe threw before it could produce a definitive result. /\n \| 'PROBE_FAILED';\n\n/\n Thrown when private-mode cannot be determined.\n \n @example\n * ```ts\n * import { isIncognito, IncognitoDetectionError } from 'is-incognito-mode';\n \n try {\n * await isIncognito();\n * } catch (error) {\n * if (error instanceof IncognitoDetectionError) {\n * console.warn(error.code, error.message);\n * }\n * }\n * ```\n /\nexport class IncognitoDetectionError extends Error {\n override readonly name = 'IncognitoDetectionError';\n readonly code: IncognitoDetectionErrorCode;\n\n constructor(\n code: IncognitoDetectionErrorCode,\n message: string,\n options?: { cause?: unknown },\n ) {\n super(message, options);\n this.code = code;\n }\n}\n","import type { BrowserName } from './browser.ts';\nimport { IncognitoDetectionError } from './errors.ts';\nimport type {\n DetectIncognitoOptions,\n DetectionGlobals,\n DetectionResult,\n} from './types.ts';\n\n/\n Default cutoff: 120 MB. Below this, every shipping browser we tested in 2024\n * is in a restricted (private) storage context. Above, it is normal.\n \n Sources: detectIncognito.js research notes; cross-checked against Chrome\n * 120+, Firefox 121+, Safari 17+.\n /\nexport const DEFAULT_PRIVATE_QUOTA_BYTES = 120 1024 * 1024;\n\n/*\n Sentinel key used by the legacy localStorage probe. Random enough that\n * collisions with real user keys are impossible.\n /\nconst PROBE_KEY = '__is_incognito_mode_probe_cd1394e6__';\n\n/\n Try strategies in priority order, returning the first one that produces a\n * definitive answer. Throws {@link IncognitoDetectionError} if every strategy\n * declines.\n /\nexport async function runStrategies(\n browser: BrowserName,\n globals: DetectionGlobals,\n options: Required<Pick<DetectIncognitoOptions, 'privateQuotaThresholdBytes'>>,\n): Promise<DetectionResult> {\n const errors: unknown[] = [];\n\n // 1. navigator.storage.estimate — the modern, vendor-blessed-ish signal.\n if (canUseStorageEstimate(globals)) {\n try {\n const result = await detectViaStorageQuota(browser, globals, options);\n if (result !== null) return result;\n } catch (error) {\n errors.push(error);\n }\n }\n\n // 2. Per-engine fallbacks for older versions / restricted runtimes.\n switch (browser) {\n case 'safari':\n case 'webkit': {\n const result = detectViaSafariStorage(browser, globals);\n if (result !== null) return result;\n break;\n }\n case 'firefox': {\n const result = await detectViaFirefoxIndexedDB(browser, globals);\n if (result !== null) return result;\n break;\n }\n case 'edge-legacy':\n case 'ie': {\n const result = detectViaLegacyEdge(browser, globals);\n if (result !== null) return result;\n break;\n }\n case 'chromium':\n case 'unknown': {\n break;\n }\n }\n\n throw new IncognitoDetectionError(\n browser === 'unknown' ? 'UNSUPPORTED_BROWSER' : 'PROBE_FAILED',\n `No detection strategy produced a verdict for browser \"${browser}\".`,\n errors.length > 0 ? { cause: errors[0] } : undefined,\n );\n}\n\nfunction canUseStorageEstimate(globals: DetectionGlobals): boolean {\n return typeof globals.navigator?.storage?.estimate === 'function';\n}\n\nasync function detectViaStorageQuota(\n browser: BrowserName,\n globals: DetectionGlobals,\n options: Required<Pick<DetectIncognitoOptions, 'privateQuotaThresholdBytes'>>,\n): Promise<DetectionResult \| null> {\n const storage = globals.navigator?.storage;\n if (!storage?.estimate) return null;\n\n const estimate = await storage.estimate();\n const quota = typeof estimate.quota === 'number' ? estimate.quota : null;\n if (quota === null) return null;\n\n const isPrivate = quota < options.privateQuotaThresholdBytes;\n return {\n isPrivate,\n browser,\n confidence: 'high',\n quota,\n strategy: 'storage-quota',\n };\n}\n\nfunction detectViaSafariStorage(\n browser: BrowserName,\n globals: DetectionGlobals,\n): DetectionResult \| null {\n const storage = globals.window?.localStorage;\n if (!storage) {\n // No localStorage at all is itself a strong signal on Safari < 11 private.\n return {\n isPrivate: true,\n browser,\n confidence: 'low',\n quota: null,\n strategy: 'safari-storage',\n };\n }\n\n try {\n storage.setItem(PROBE_KEY, '1');\n storage.removeItem(PROBE_KEY);\n } catch {\n return {\n isPrivate: true,\n browser,\n confidence: 'medium',\n quota: null,\n strategy: 'safari-storage',\n };\n }\n\n const win = globals.window;\n if (typeof win.openDatabase === 'function') {\n try {\n win.openDatabase(null, null, null, null);\n } catch {\n return {\n isPrivate: true,\n browser,\n confidence: 'low',\n quota: null,\n strategy: 'safari-storage',\n };\n }\n }\n\n return {\n isPrivate: false,\n browser,\n confidence: 'low',\n quota: null,\n strategy: 'safari-storage',\n };\n}\n\nasync function detectViaFirefoxIndexedDB(\n browser: BrowserName,\n globals: DetectionGlobals,\n): Promise<DetectionResult \| null> {\n const indexedDB = globals.indexedDB ?? globals.window?.indexedDB;\n if (!indexedDB) {\n return {\n isPrivate: true,\n browser,\n confidence: 'low',\n quota: null,\n strategy: 'firefox-indexeddb',\n };\n }\n\n return new Promise<DetectionResult>((resolve) => {\n let request: IDBOpenDBRequest;\n try {\n request = indexedDB.open(PROBE_KEY);\n } catch {\n resolve({\n isPrivate: true,\n browser,\n confidence: 'low',\n quota: null,\n strategy: 'firefox-indexeddb',\n });\n return;\n }\n\n request.addEventListener('error', () => {\n resolve({\n isPrivate: true,\n browser,\n confidence: 'low',\n quota: null,\n strategy: 'firefox-indexeddb',\n });\n });\n request.addEventListener('success', () => {\n try {\n request.result.close();\n indexedDB.deleteDatabase(PROBE_KEY);\n } catch {\n / best-effort cleanup /\n }\n resolve({\n isPrivate: false,\n browser,\n confidence: 'low',\n quota: null,\n strategy: 'firefox-indexeddb',\n });\n });\n });\n}\n\nfunction detectViaLegacyEdge(\n browser: BrowserName,\n globals: DetectionGlobals,\n): DetectionResult \| null {\n const win = globals.window;\n if (!win) return null;\n const hasIndexedDB = Boolean(win.indexedDB ?? globals.indexedDB);\n const hasPointer = Boolean(win.PointerEvent ?? win.MSPointerEvent);\n if (!hasIndexedDB && hasPointer) {\n return {\n isPrivate: true,\n browser,\n confidence: 'low',\n quota: null,\n strategy: 'legacy-edge',\n };\n }\n return {\n isPrivate: false,\n browser,\n confidence: 'low',\n quota: null,\n strategy: 'legacy-edge',\n };\n}\n","import { detectBrowser } from './browser.ts';\nimport { IncognitoDetectionError } from './errors.ts';\nimport { DEFAULT_PRIVATE_QUOTA_BYTES, runStrategies } from './strategies.ts';\nimport type {\n DetectIncognitoOptions,\n DetectionGlobals,\n DetectionResult,\n} from './types.ts';\n\n/\n Detect whether the current browser is in private / incognito mode.\n \n Returns a rich {@link DetectionResult}. Most callers want the thinner\n * {@link isIncognito} convenience instead.\n \n @throws {IncognitoDetectionError}\n * - `NOT_A_BROWSER` when invoked outside a browser-like environment.\n * - `UNSUPPORTED_BROWSER` when the browser was classified as `unknown` and\n * no fallback strategy applied.\n * - `PROBE_FAILED` when every applicable strategy threw before producing a\n * definitive answer.\n \n @example\n * ```ts\n * import { detectIncognito } from 'is-incognito-mode';\n \n const { isPrivate, browser, confidence, quota } = await detectIncognito();\n * console.log(`${browser} (${confidence} confidence, quota: ${quota ?? '?'})`);\n * ```\n /\nexport async function detectIncognito(\n options: DetectIncognitoOptions = {},\n): Promise<DetectionResult> {\n const globals = resolveGlobals(options.globals);\n if (!isBrowserLike(globals)) {\n throw new IncognitoDetectionError(\n 'NOT_A_BROWSER',\n 'is-incognito-mode can only run in a browser-like environment.',\n );\n }\n\n const browser = detectBrowser({\n userAgent: globals.navigator.userAgent,\n ...(globals.navigator.vendor === undefined\n ? {}\n : { vendor: globals.navigator.vendor }),\n });\n\n const threshold =\n options.privateQuotaThresholdBytes ?? DEFAULT_PRIVATE_QUOTA_BYTES;\n\n return runStrategies(browser, globals, {\n privateQuotaThresholdBytes: threshold,\n });\n}\n\n/\n Convenience wrapper around {@link detectIncognito} that resolves to the\n * boolean verdict only. Drop-in compatible with v1's default export.\n \n @example\n * ```ts\n * import { isIncognito } from 'is-incognito-mode';\n \n if (await isIncognito()) {\n * showPaywall();\n * }\n * ```\n \n @throws {IncognitoDetectionError} See {@link detectIncognito}.\n */\nexport async function isIncognito(\n options: DetectIncognitoOptions = {},\n): Promise<boolean> {\n const result = await detectIncognito(options);\n return result.isPrivate;\n}\n\nfunction resolveGlobals(\n overrides: DetectionGlobals \| undefined,\n): DetectionGlobals {\n if (overrides) return overrides;\n return {\n navigator: typeof navigator === 'undefined' ? undefined : navigator,\n window: typeof window === 'undefined' ? undefined : window,\n indexedDB: typeof indexedDB === 'undefined' ? undefined : indexedDB,\n };\n}\n\nfunction isBrowserLike(\n globals: DetectionGlobals,\n): globals is DetectionGlobals & {\n navigator: NonNullable<DetectionGlobals['navigator']>;\n} {\n return Boolean(globals.navigator?.userAgent);\n}\n"]}
1	+ {"version":3,"sources":["../src/browser.ts","../src/errors.ts","../src/strategies.ts","../src/detect.ts"],"names":["indexedDB"],"mappings":";AAqBA,IAAM,iBAAiB,CAAC,SAAA,EAAW,QAAA,EAAU,WAAA,EAAa,QAAQ,MAAM,CAAA;AAQjE,SAAS,cAAc,MAAA,EAAuC;AACnE,EAAA,MAAM,EAAA,GAAA,CAAM,MAAA,EAAQ,SAAA,IAAa,EAAA,EAAI,WAAA,EAAY;AACjD,EAAA,MAAM,MAAA,GAAA,CAAU,MAAA,EAAQ,MAAA,IAAU,EAAA,EAAI,WAAA,EAAY;AAElD,EAAA,IAAI,CAAC,IAAI,OAAO,SAAA;AAEhB,EAAA,IAAI,EAAA,CAAG,SAAS,OAAO,CAAA,IAAK,GAAG,QAAA,CAAS,UAAU,GAAG,OAAO,IAAA;AAC5D,EAAA,IAAI,EAAA,CAAG,QAAA,CAAS,OAAO,CAAA,EAAG,OAAO,aAAA;AACjC,EAAA,IAAI,EAAA,CAAG,SAAS,UAAU,CAAA,IAAK,GAAG,QAAA,CAAS,QAAQ,GAAG,OAAO,SAAA;AAE7D,EAAA,MAAM,iBAAA,GAAoB,eAAe,IAAA,CAAK,CAAC,SAAS,EAAA,CAAG,QAAA,CAAS,IAAI,CAAC,CAAA;AACzE,EAAA,IAAI,mBAAmB,OAAO,UAAA;AAK9B,EAAA,IAAI,EAAA,CAAG,SAAS,SAAS,CAAA,KAAM,OAAO,QAAA,CAAS,OAAO,CAAA,IAAK,CAAC,MAAA,CAAA,EAAS;AACnE,IAAA,OAAO,QAAA;AAAA,EACT;AACA,EAAA,IAAI,EAAA,CAAG,QAAA,CAAS,cAAc,CAAA,EAAG,OAAO,QAAA;AAExC,EAAA,OAAO,SAAA;AACT;;;ACtBO,IAAM,uBAAA,GAAN,cAAsC,KAAA,CAAM;AAAA,EAC/B,IAAA,GAAO,yBAAA;AAAA,EAChB,IAAA;AAAA,EAET,WAAA,CACE,IAAA,EACA,OAAA,EACA,OAAA,EACA;AACA,IAAA,KAAA,CAAM,SAAS,OAAO,CAAA;AACtB,IAAA,IAAA,CAAK,IAAA,GAAO,IAAA;AAAA,EACd;AACF;;;AC5BO,IAAM,2BAAA,GAA8B,OAAO,IAAA,GAAO;AAOzD,IAAM,qBAAA,GAAwB,CAAA;AAM9B,IAAM,SAAA,GAAY,sCAAA;AAOlB,eAAsB,aAAA,CACpB,OAAA,EACA,OAAA,EACA,OAAA,EAC0B;AAC1B,EAAA,MAAM,SAAoB,EAAC;AAE3B,EAAA,QAAQ,OAAA;AAAS,IACf,KAAK,UAAA,EAAY;AACf,MAAA,MAAM,SAAS,MAAM,OAAA;AAAA,QACnB,MAAM,sBAAA,CAAuB,OAAA,EAAS,OAAA,EAAS,OAAO,CAAA;AAAA,QACtD;AAAA,OACF;AACA,MAAA,IAAI,MAAA,KAAW,MAAM,OAAO,MAAA;AAC5B,MAAA;AAAA,IACF;AAAA,IACA,KAAK,SAAA,EAAW;AACd,MAAA,MAAM,OAAO,MAAM,OAAA;AAAA,QACjB,MAAM,kBAAA,CAAmB,OAAA,EAAS,OAAA,EAAS,gBAAgB,CAAA;AAAA,QAC3D;AAAA,OACF;AACA,MAAA,IAAI,IAAA,KAAS,MAAM,OAAO,IAAA;AAC1B,MAAA,MAAM,MAAM,MAAM,OAAA;AAAA,QAChB,MAAM,yBAAA,CAA0B,OAAA,EAAS,OAAO,CAAA;AAAA,QAChD;AAAA,OACF;AACA,MAAA,IAAI,GAAA,KAAQ,MAAM,OAAO,GAAA;AACzB,MAAA;AAAA,IACF;AAAA,IACA,KAAK,QAAA;AAAA,IACL,KAAK,QAAA,EAAU;AACb,MAAA,MAAM,OAAO,MAAM,OAAA;AAAA,QACjB,MAAM,kBAAA,CAAmB,OAAA,EAAS,OAAA,EAAS,0BAA0B,CAAA;AAAA,QACrE;AAAA,OACF;AACA,MAAA,IAAI,IAAA,KAAS,MAAM,OAAO,IAAA;AAC1B,MAAA,MAAM,SAAS,MAAM,OAAA;AAAA,QACnB,MAAM,sBAAA,CAAuB,OAAA,EAAS,OAAO,CAAA;AAAA,QAC7C;AAAA,OACF;AACA,MAAA,IAAI,MAAA,KAAW,MAAM,OAAO,MAAA;AAC5B,MAAA;AAAA,IACF;AAAA,IACA,KAAK,aAAA;AAAA,IACL,KAAK,IAAA,EAAM;AACT,MAAA,MAAM,SAAS,MAAM,OAAA;AAAA,QACnB,MAAM,mBAAA,CAAoB,OAAA,EAAS,OAAO,CAAA;AAAA,QAC1C;AAAA,OACF;AACA,MAAA,IAAI,MAAA,KAAW,MAAM,OAAO,MAAA;AAC5B,MAAA;AAAA,IACF;AAGA;AAGF,EAAA,MAAM,IAAI,uBAAA;AAAA,IACR,OAAA,KAAY,YAAY,qBAAA,GAAwB,cAAA;AAAA,IAChD,yDAAyD,OAAO,CAAA,EAAA,CAAA;AAAA,IAChE,MAAA,CAAO,SAAS,CAAA,GAAI,EAAE,OAAO,MAAA,CAAO,CAAC,GAAE,GAAI;AAAA,GAC7C;AACF;AAEA,eAAe,OAAA,CACb,UACA,MAAA,EACiC;AACjC,EAAA,IAAI;AACF,IAAA,OAAO,MAAM,QAAA,EAAS;AAAA,EACxB,SAAS,KAAA,EAAO;AACd,IAAA,MAAA,CAAO,KAAK,KAAK,CAAA;AACjB,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAeA,eAAe,sBAAA,CACb,OAAA,EACA,OAAA,EACA,OAAA,EACiC;AACjC,EAAA,MAAM,WAAA,GAAc,QAAQ,SAAA,EAAW,sBAAA;AACvC,EAAA,IAAI,OAAO,WAAA,EAAa,kBAAA,KAAuB,UAAA,EAAY,OAAO,IAAA;AAElE,EAAA,MAAM,KAAA,GAAQ,MAAM,IAAI,OAAA,CAAuB,CAAC,OAAA,KAAY;AAC1D,IAAA,IAAI,OAAA,GAAU,KAAA;AACd,IAAA,MAAM,MAAA,GAAS,CAAC,KAAA,KAA+B;AAC7C,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,OAAA,GAAU,IAAA;AACV,QAAA,OAAA,CAAQ,KAAK,CAAA;AAAA,MACf;AAAA,IACF,CAAA;AACA,IAAA,IAAI;AACF,MAAA,WAAA,CAAY,kBAAA;AAAA,QACV,CAAC,OAAO,YAAA,KAAiB;AACvB,UAAA,MAAA,CAAO,OAAO,YAAA,KAAiB,QAAA,GAAW,YAAA,GAAe,IAAI,CAAA;AAAA,QAC/D,CAAA;AAAA,QACA,MAAM;AACJ,UAAA,MAAA,CAAO,IAAI,CAAA;AAAA,QACb;AAAA,OACF;AAAA,IACF,CAAA,CAAA,MAAQ;AACN,MAAA,MAAA,CAAO,IAAI,CAAA;AAAA,IACb;AAAA,EACF,CAAC,CAAA;AACD,EAAA,IAAI,KAAA,KAAU,MAAM,OAAO,IAAA;AAE3B,EAAA,MAAM,SAAA,GACJ,OAAA,CAAQ,0BAAA,KAA+B,MAAA,GACnC,KAAA,GAAQ,kBAAkB,OAAO,CAAA,GAAI,qBAAA,GACrC,KAAA,GAAQ,OAAA,CAAQ,0BAAA;AAEtB,EAAA,OAAO;AAAA,IACL,SAAA;AAAA,IACA,OAAA;AAAA,IACA,UAAA,EAAY,MAAA;AAAA,IACZ,KAAA;AAAA,IACA,QAAA,EAAU;AAAA,GACZ;AACF;AAEA,SAAS,kBAAkB,OAAA,EAAmC;AAC5D,EAAA,MAAM,KAAA,GAAQ,OAAA,CAAQ,MAAA,EAAQ,WAAA,EAAa,MAAA,EAAQ,eAAA;AACnD,EAAA,OAAO,OAAO,KAAA,KAAU,QAAA,IAAY,KAAA,GAAQ,IACxC,KAAA,GACA,2BAAA;AACN;AASA,eAAe,kBAAA,CACb,OAAA,EACA,OAAA,EACA,oBAAA,EACiC;AACjC,EAAA,MAAM,OAAA,GAAU,QAAQ,SAAA,EAAW,OAAA;AACnC,EAAA,IAAI,OAAO,OAAA,EAAS,YAAA,KAAiB,UAAA,EAAY,OAAO,IAAA;AAExD,EAAA,IAAI;AACF,IAAA,MAAM,QAAQ,YAAA,EAAa;AAC3B,IAAA,OAAO;AAAA,MACL,SAAA,EAAW,KAAA;AAAA,MACX,OAAA;AAAA,MACA,UAAA,EAAY,MAAA;AAAA,MACZ,KAAA,EAAO,IAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACZ;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,MAAM,UAAU,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK,CAAA;AACrE,IAAA,OAAO;AAAA,MACL,SAAA,EAAW,OAAA,CAAQ,QAAA,CAAS,oBAAoB,CAAA;AAAA,MAChD,OAAA;AAAA,MACA,UAAA,EAAY,MAAA;AAAA,MACZ,KAAA,EAAO,IAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACZ;AAAA,EACF;AACF;AAGA,SAAS,sBAAA,CACP,SACA,OAAA,EACwB;AACxB,EAAA,MAAM,OAAA,GAAU,QAAQ,MAAA,EAAQ,YAAA;AAChC,EAAA,IAAI,CAAC,OAAA,EAAS;AAEZ,IAAA,OAAO;AAAA,MACL,SAAA,EAAW,IAAA;AAAA,MACX,OAAA;AAAA,MACA,UAAA,EAAY,KAAA;AAAA,MACZ,KAAA,EAAO,IAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACZ;AAAA,EACF;AAEA,EAAA,IAAI;AACF,IAAA,OAAA,CAAQ,OAAA,CAAQ,WAAW,GAAG,CAAA;AAC9B,IAAA,OAAA,CAAQ,WAAW,SAAS,CAAA;AAAA,EAC9B,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO;AAAA,MACL,SAAA,EAAW,IAAA;AAAA,MACX,OAAA;AAAA,MACA,UAAA,EAAY,QAAA;AAAA,MACZ,KAAA,EAAO,IAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACZ;AAAA,EACF;AAEA,EAAA,MAAM,MAAM,OAAA,CAAQ,MAAA;AACpB,EAAA,IAAI,OAAO,GAAA,CAAI,YAAA,KAAiB,UAAA,EAAY;AAC1C,IAAA,IAAI;AACF,MAAA,GAAA,CAAI,YAAA,CAAa,IAAA,EAAM,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,IACzC,CAAA,CAAA,MAAQ;AACN,MAAA,OAAO;AAAA,QACL,SAAA,EAAW,IAAA;AAAA,QACX,OAAA;AAAA,QACA,UAAA,EAAY,KAAA;AAAA,QACZ,KAAA,EAAO,IAAA;AAAA,QACP,QAAA,EAAU;AAAA,OACZ;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO;AAAA,IACL,SAAA,EAAW,KAAA;AAAA,IACX,OAAA;AAAA,IACA,UAAA,EAAY,KAAA;AAAA,IACZ,KAAA,EAAO,IAAA;AAAA,IACP,QAAA,EAAU;AAAA,GACZ;AACF;AAGA,eAAe,yBAAA,CACb,SACA,OAAA,EACiC;AACjC,EAAA,MAAMA,UAAAA,GAAY,OAAA,CAAQ,SAAA,IAAa,OAAA,CAAQ,MAAA,EAAQ,SAAA;AACvD,EAAA,IAAI,CAACA,UAAAA,EAAW;AACd,IAAA,OAAO;AAAA,MACL,SAAA,EAAW,IAAA;AAAA,MACX,OAAA;AAAA,MACA,UAAA,EAAY,KAAA;AAAA,MACZ,KAAA,EAAO,IAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACZ;AAAA,EACF;AAEA,EAAA,OAAO,IAAI,OAAA,CAAyB,CAAC,OAAA,KAAY;AAC/C,IAAA,IAAI,OAAA;AACJ,IAAA,IAAI;AACF,MAAA,OAAA,GAAUA,UAAAA,CAAU,KAAK,SAAS,CAAA;AAAA,IACpC,CAAA,CAAA,MAAQ;AACN,MAAA,OAAA,CAAQ;AAAA,QACN,SAAA,EAAW,IAAA;AAAA,QACX,OAAA;AAAA,QACA,UAAA,EAAY,KAAA;AAAA,QACZ,KAAA,EAAO,IAAA;AAAA,QACP,QAAA,EAAU;AAAA,OACX,CAAA;AACD,MAAA;AAAA,IACF;AAEA,IAAA,OAAA,CAAQ,gBAAA,CAAiB,SAAS,MAAM;AACtC,MAAA,OAAA,CAAQ;AAAA,QACN,SAAA,EAAW,IAAA;AAAA,QACX,OAAA;AAAA,QACA,UAAA,EAAY,KAAA;AAAA,QACZ,KAAA,EAAO,IAAA;AAAA,QACP,QAAA,EAAU;AAAA,OACX,CAAA;AAAA,IACH,CAAC,CAAA;AACD,IAAA,OAAA,CAAQ,gBAAA,CAAiB,WAAW,MAAM;AACxC,MAAA,IAAI;AACF,QAAA,OAAA,CAAQ,OAAO,KAAA,EAAM;AACrB,QAAAA,UAAAA,CAAU,eAAe,SAAS,CAAA;AAAA,MACpC,CAAA,CAAA,MAAQ;AAAA,MAER;AACA,MAAA,OAAA,CAAQ;AAAA,QACN,SAAA,EAAW,KAAA;AAAA,QACX,OAAA;AAAA,QACA,UAAA,EAAY,KAAA;AAAA,QACZ,KAAA,EAAO,IAAA;AAAA,QACP,QAAA,EAAU;AAAA,OACX,CAAA;AAAA,IACH,CAAC,CAAA;AAAA,EACH,CAAC,CAAA;AACH;AAGA,SAAS,mBAAA,CACP,SACA,OAAA,EACwB;AACxB,EAAA,MAAM,MAAM,OAAA,CAAQ,MAAA;AACpB,EAAA,IAAI,CAAC,KAAK,OAAO,IAAA;AACjB,EAAA,MAAM,YAAA,GAAe,OAAA,CAAQ,GAAA,CAAI,SAAA,IAAa,QAAQ,SAAS,CAAA;AAC/D,EAAA,MAAM,UAAA,GAAa,OAAA,CAAQ,GAAA,CAAI,YAAA,IAAgB,IAAI,cAAc,CAAA;AACjE,EAAA,OAAO;AAAA,IACL,SAAA,EAAW,CAAC,YAAA,IAAgB,UAAA;AAAA,IAC5B,OAAA;AAAA,IACA,UAAA,EAAY,KAAA;AAAA,IACZ,KAAA,EAAO,IAAA;AAAA,IACP,QAAA,EAAU;AAAA,GACZ;AACF;;;ACnTA,eAAsB,eAAA,CACpB,OAAA,GAAkC,EAAC,EACT;AAC1B,EAAA,MAAM,OAAA,GAAU,cAAA,CAAe,OAAA,CAAQ,OAAO,CAAA;AAC9C,EAAA,IAAI,CAAC,aAAA,CAAc,OAAO,CAAA,EAAG;AAC3B,IAAA,MAAM,IAAI,uBAAA;AAAA,MACR,eAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF;AAEA,EAAA,MAAM,UAAU,aAAA,CAAc;AAAA,IAC5B,SAAA,EAAW,QAAQ,SAAA,CAAU,SAAA;AAAA,IAC7B,GAAI,OAAA,CAAQ,SAAA,CAAU,MAAA,KAAW,MAAA,GAC7B,EAAC,GACD,EAAE,MAAA,EAAQ,OAAA,CAAQ,SAAA,CAAU,MAAA;AAAO,GACxC,CAAA;AAED,EAAA,OAAO,aAAA;AAAA,IACL,OAAA;AAAA,IACA,OAAA;AAAA,IACA,OAAA,CAAQ,+BAA+B,MAAA,GACnC,KACA,EAAE,0BAAA,EAA4B,QAAQ,0BAAA;AAA2B,GACvE;AACF;AAiBA,eAAsB,WAAA,CACpB,OAAA,GAAkC,EAAC,EACjB;AAClB,EAAA,MAAM,MAAA,GAAS,MAAM,eAAA,CAAgB,OAAO,CAAA;AAC5C,EAAA,OAAO,MAAA,CAAO,SAAA;AAChB;AAEA,SAAS,eACP,SAAA,EACkB;AAClB,EAAA,IAAI,WAAW,OAAO,SAAA;AAItB,EAAA,OAAO;AAAA,IACL,SAAA,EAAW,OAAO,SAAA,KAAc,WAAA,GAAc,MAAA,GAAY,SAAA;AAAA,IAC1D,MAAA,EACE,OAAO,MAAA,KAAW,WAAA,GACd,MAAA,GACC,MAAA;AAAA,IACP,SAAA,EAAW,OAAO,SAAA,KAAc,WAAA,GAAc,MAAA,GAAY;AAAA,GAC5D;AACF;AAEA,SAAS,cACP,OAAA,EAGA;AACA,EAAA,OAAO,OAAA,CAAQ,OAAA,CAAQ,SAAA,EAAW,SAAS,CAAA;AAC7C","file":"index.js","sourcesContent":["/*\n Coarse browser-engine identifiers used to pick a detection strategy.\n \n We deliberately do not export brand names like \"Brave\" or \"Vivaldi\" — they\n * are all Chromium under the hood and the relevant private-mode behaviour\n * matches the engine, not the brand.\n /\nexport type BrowserName =\n \| 'chromium'\n \| 'firefox'\n \| 'safari'\n \| 'webkit'\n \| 'edge-legacy'\n \| 'ie'\n \| 'unknown';\n\ninterface UserAgentSource {\n readonly userAgent: string;\n readonly vendor?: string;\n}\n\nconst CHROMIUM_HINTS = ['chrome/', 'crios/', 'chromium/', 'edg/', 'opr/'];\n\n/\n Classify the current navigator into a coarse browser engine.\n \n Pure function — accepts an optional `source` so it can be unit-tested\n * without polluting globals. In production we read from `navigator` directly.\n /\nexport function detectBrowser(source?: UserAgentSource): BrowserName {\n const ua = (source?.userAgent ?? '').toLowerCase();\n const vendor = (source?.vendor ?? '').toLowerCase();\n\n if (!ua) return 'unknown';\n\n if (ua.includes('msie ') \|\| ua.includes('trident/')) return 'ie';\n if (ua.includes('edge/')) return 'edge-legacy';\n if (ua.includes('firefox/') \|\| ua.includes('fxios/')) return 'firefox';\n\n const looksLikeChromium = CHROMIUM_HINTS.some((hint) => ua.includes(hint));\n if (looksLikeChromium) return 'chromium';\n\n // Safari sets `vendor === 'apple computer, inc.'`. iOS-Chrome/Firefox also\n // run on WebKit but advertise different UAs, so we reach this branch only\n // for \"real\" Safari and other WebKit shells.\n if (ua.includes('safari/') && (vendor.includes('apple') \|\| !vendor)) {\n return 'safari';\n }\n if (ua.includes('applewebkit/')) return 'webkit';\n\n return 'unknown';\n}\n","/\n Stable identifiers for {@link IncognitoDetectionError} causes.\n \n Branching on `code` is safer than parsing `message` strings.\n /\nexport type IncognitoDetectionErrorCode =\n /* Invoked in a non-browser context (Node, worker without globals, etc.). /\n \| 'NOT_A_BROWSER'\n /* Browser detected but no supported detection strategy applies. /\n \| 'UNSUPPORTED_BROWSER'\n /* A probe threw before it could produce a definitive result. /\n \| 'PROBE_FAILED';\n\n/\n Thrown when private-mode cannot be determined.\n \n @example\n * ```ts\n * import { isIncognito, IncognitoDetectionError } from 'is-incognito-mode';\n \n try {\n * await isIncognito();\n * } catch (error) {\n * if (error instanceof IncognitoDetectionError) {\n * console.warn(error.code, error.message);\n * }\n * }\n * ```\n /\nexport class IncognitoDetectionError extends Error {\n override readonly name = 'IncognitoDetectionError';\n readonly code: IncognitoDetectionErrorCode;\n\n constructor(\n code: IncognitoDetectionErrorCode,\n message: string,\n options?: { cause?: unknown },\n ) {\n super(message, options);\n this.code = code;\n }\n}\n","import type { BrowserName } from './browser.ts';\nimport { IncognitoDetectionError } from './errors.ts';\nimport type {\n DetectIncognitoOptions,\n DetectionGlobals,\n DetectionResult,\n} from './types.ts';\n\n/\n Fallback JS-heap ceiling (1 GiB) used by the Chromium strategy when\n * `performance.memory.jsHeapSizeLimit` is unavailable. Also exported as the\n * reference value for the `privateQuotaThresholdBytes` advanced override.\n /\nexport const DEFAULT_PRIVATE_QUOTA_BYTES = 1024 1024 * 1024;\n\n/*\n The Chromium temporary-storage quota in an incognito tab stays below roughly\n * twice the JS-heap ceiling (it is memory-bound, not disk-bound). Normal tabs\n * are disk-bound and far above it.\n /\nconst HEAP_QUOTA_MULTIPLIER = 2;\n\n/\n Sentinel key used by the legacy localStorage / indexedDB probes. Random\n * enough that collisions with real user keys are impossible.\n /\nconst PROBE_KEY = '__is_incognito_mode_probe_cd1394e6__';\n\n/\n Try strategies in priority order, returning the first one that produces a\n * definitive answer. Throws {@link IncognitoDetectionError} if every strategy\n * declines.\n /\nexport async function runStrategies(\n browser: BrowserName,\n globals: DetectionGlobals,\n options: Pick<DetectIncognitoOptions, 'privateQuotaThresholdBytes'>,\n): Promise<DetectionResult> {\n const errors: unknown[] = [];\n\n switch (browser) {\n case 'chromium': {\n const result = await attempt(\n () => detectViaChromiumQuota(browser, globals, options),\n errors,\n );\n if (result !== null) return result;\n break;\n }\n case 'firefox': {\n const opfs = await attempt(\n () => detectViaOpfsProbe(browser, globals, 'Security error'),\n errors,\n );\n if (opfs !== null) return opfs;\n const idb = await attempt(\n () => detectViaFirefoxIndexedDB(browser, globals),\n errors,\n );\n if (idb !== null) return idb;\n break;\n }\n case 'safari':\n case 'webkit': {\n const opfs = await attempt(\n () => detectViaOpfsProbe(browser, globals, 'unknown transient reason'),\n errors,\n );\n if (opfs !== null) return opfs;\n const legacy = await attempt(\n () => detectViaSafariStorage(browser, globals),\n errors,\n );\n if (legacy !== null) return legacy;\n break;\n }\n case 'edge-legacy':\n case 'ie': {\n const result = await attempt(\n () => detectViaLegacyEdge(browser, globals),\n errors,\n );\n if (result !== null) return result;\n break;\n }\n case 'unknown': {\n break;\n }\n }\n\n throw new IncognitoDetectionError(\n browser === 'unknown' ? 'UNSUPPORTED_BROWSER' : 'PROBE_FAILED',\n `No detection strategy produced a verdict for browser \"${browser}\".`,\n errors.length > 0 ? { cause: errors[0] } : undefined,\n );\n}\n\nasync function attempt(\n strategy: () => DetectionResult \| null \| Promise<DetectionResult \| null>,\n errors: unknown[],\n): Promise<DetectionResult \| null> {\n try {\n return await strategy();\n } catch (error) {\n errors.push(error);\n return null;\n }\n}\n\n/\n Chromium family (Chrome, Edge, Brave, Opera, …).\n \n Modern Chrome deliberately fakes `navigator.storage.estimate().quota` at\n * `usage + 10 GiB` in every mode to defeat detection — so that API is\n * useless here. The legacy `navigator.webkitTemporaryStorage` API was not\n * given the same treatment and still reports the real per-origin quota:\n * disk-bound (huge) in normal mode, memory-bound (small) in incognito.\n \n We compare it to `performance.memory.jsHeapSizeLimit` — a per-renderer\n * constant that does not change between modes — so the test adapts to the\n * device instead of relying on a brittle fixed byte count.\n /\nasync function detectViaChromiumQuota(\n browser: BrowserName,\n globals: DetectionGlobals,\n options: Pick<DetectIncognitoOptions, 'privateQuotaThresholdBytes'>,\n): Promise<DetectionResult \| null> {\n const tempStorage = globals.navigator?.webkitTemporaryStorage;\n if (typeof tempStorage?.queryUsageAndQuota !== 'function') return null;\n\n const quota = await new Promise<number \| null>((resolve) => {\n let settled = false;\n const settle = (value: number \| null): void => {\n if (!settled) {\n settled = true;\n resolve(value);\n }\n };\n try {\n tempStorage.queryUsageAndQuota(\n (_used, grantedQuota) => {\n settle(typeof grantedQuota === 'number' ? grantedQuota : null);\n },\n () => {\n settle(null);\n },\n );\n } catch {\n settle(null);\n }\n });\n if (quota === null) return null;\n\n const isPrivate =\n options.privateQuotaThresholdBytes === undefined\n ? quota < chromiumHeapLimit(globals) HEAP_QUOTA_MULTIPLIER\n : quota < options.privateQuotaThresholdBytes;\n\n return {\n isPrivate,\n browser,\n confidence: 'high',\n quota,\n strategy: 'chromium-quota',\n };\n}\n\nfunction chromiumHeapLimit(globals: DetectionGlobals): number {\n const limit = globals.window?.performance?.memory?.jsHeapSizeLimit;\n return typeof limit === 'number' && limit > 0\n ? limit\n : DEFAULT_PRIVATE_QUOTA_BYTES;\n}\n\n/*\n Firefox and Safari: the Origin Private File System\n * (`navigator.storage.getDirectory()`) is rejected in private mode. The\n * rejection message differs per engine — Firefox says `Security error`,\n * Safari says `unknown transient reason` — so the caller passes the fragment\n * to match. A successful resolve means a normal window.\n /\nasync function detectViaOpfsProbe(\n browser: BrowserName,\n globals: DetectionGlobals,\n privateErrorFragment: string,\n): Promise<DetectionResult \| null> {\n const storage = globals.navigator?.storage;\n if (typeof storage?.getDirectory !== 'function') return null;\n\n try {\n await storage.getDirectory();\n return {\n isPrivate: false,\n browser,\n confidence: 'high',\n quota: null,\n strategy: 'opfs-probe',\n };\n } catch (error) {\n const message = error instanceof Error ? error.message : String(error);\n return {\n isPrivate: message.includes(privateErrorFragment),\n browser,\n confidence: 'high',\n quota: null,\n strategy: 'opfs-probe',\n };\n }\n}\n\n/* Older Safari / WebKit without OPFS: localStorage + openDatabase probes. /\nfunction detectViaSafariStorage(\n browser: BrowserName,\n globals: DetectionGlobals,\n): DetectionResult \| null {\n const storage = globals.window?.localStorage;\n if (!storage) {\n // No localStorage at all is a strong signal on Safari < 11 private.\n return {\n isPrivate: true,\n browser,\n confidence: 'low',\n quota: null,\n strategy: 'safari-storage',\n };\n }\n\n try {\n storage.setItem(PROBE_KEY, '1');\n storage.removeItem(PROBE_KEY);\n } catch {\n return {\n isPrivate: true,\n browser,\n confidence: 'medium',\n quota: null,\n strategy: 'safari-storage',\n };\n }\n\n const win = globals.window;\n if (typeof win.openDatabase === 'function') {\n try {\n win.openDatabase(null, null, null, null);\n } catch {\n return {\n isPrivate: true,\n browser,\n confidence: 'low',\n quota: null,\n strategy: 'safari-storage',\n };\n }\n }\n\n return {\n isPrivate: false,\n browser,\n confidence: 'low',\n quota: null,\n strategy: 'safari-storage',\n };\n}\n\n/* Older Firefox without OPFS: `indexedDB.open` fails in private mode. /\nasync function detectViaFirefoxIndexedDB(\n browser: BrowserName,\n globals: DetectionGlobals,\n): Promise<DetectionResult \| null> {\n const indexedDB = globals.indexedDB ?? globals.window?.indexedDB;\n if (!indexedDB) {\n return {\n isPrivate: true,\n browser,\n confidence: 'low',\n quota: null,\n strategy: 'firefox-indexeddb',\n };\n }\n\n return new Promise<DetectionResult>((resolve) => {\n let request: IDBOpenDBRequest;\n try {\n request = indexedDB.open(PROBE_KEY);\n } catch {\n resolve({\n isPrivate: true,\n browser,\n confidence: 'low',\n quota: null,\n strategy: 'firefox-indexeddb',\n });\n return;\n }\n\n request.addEventListener('error', () => {\n resolve({\n isPrivate: true,\n browser,\n confidence: 'low',\n quota: null,\n strategy: 'firefox-indexeddb',\n });\n });\n request.addEventListener('success', () => {\n try {\n request.result.close();\n indexedDB.deleteDatabase(PROBE_KEY);\n } catch {\n / best-effort cleanup /\n }\n resolve({\n isPrivate: false,\n browser,\n confidence: 'low',\n quota: null,\n strategy: 'firefox-indexeddb',\n });\n });\n });\n}\n\n/* Legacy Edge / IE: no `indexedDB` while `PointerEvent` exists → private. /\nfunction detectViaLegacyEdge(\n browser: BrowserName,\n globals: DetectionGlobals,\n): DetectionResult \| null {\n const win = globals.window;\n if (!win) return null;\n const hasIndexedDB = Boolean(win.indexedDB ?? globals.indexedDB);\n const hasPointer = Boolean(win.PointerEvent ?? win.MSPointerEvent);\n return {\n isPrivate: !hasIndexedDB && hasPointer,\n browser,\n confidence: 'low',\n quota: null,\n strategy: 'legacy-edge',\n };\n}\n","import { detectBrowser } from './browser.ts';\nimport { IncognitoDetectionError } from './errors.ts';\nimport { runStrategies } from './strategies.ts';\nimport type {\n DetectIncognitoOptions,\n DetectionGlobals,\n DetectionResult,\n WindowLike,\n} from './types.ts';\n\n/\n Detect whether the current browser is in private / incognito mode.\n \n Returns a rich {@link DetectionResult}. Most callers want the thinner\n * {@link isIncognito} convenience instead.\n \n @throws {IncognitoDetectionError}\n * - `NOT_A_BROWSER` when invoked outside a browser-like environment.\n * - `UNSUPPORTED_BROWSER` when the browser was classified as `unknown` and\n * no fallback strategy applied.\n * - `PROBE_FAILED` when every applicable strategy threw before producing a\n * definitive answer.\n \n @example\n * ```ts\n * import { detectIncognito } from 'is-incognito-mode';\n \n const { isPrivate, browser, confidence, quota } = await detectIncognito();\n * console.log(`${browser} (${confidence} confidence, quota: ${quota ?? '?'})`);\n * ```\n /\nexport async function detectIncognito(\n options: DetectIncognitoOptions = {},\n): Promise<DetectionResult> {\n const globals = resolveGlobals(options.globals);\n if (!isBrowserLike(globals)) {\n throw new IncognitoDetectionError(\n 'NOT_A_BROWSER',\n 'is-incognito-mode can only run in a browser-like environment.',\n );\n }\n\n const browser = detectBrowser({\n userAgent: globals.navigator.userAgent,\n ...(globals.navigator.vendor === undefined\n ? {}\n : { vendor: globals.navigator.vendor }),\n });\n\n return runStrategies(\n browser,\n globals,\n options.privateQuotaThresholdBytes === undefined\n ? {}\n : { privateQuotaThresholdBytes: options.privateQuotaThresholdBytes },\n );\n}\n\n/\n Convenience wrapper around {@link detectIncognito} that resolves to the\n * boolean verdict only. Drop-in compatible with v1's default export.\n \n @example\n * ```ts\n * import { isIncognito } from 'is-incognito-mode';\n \n if (await isIncognito()) {\n * showPaywall();\n * }\n * ```\n \n @throws {IncognitoDetectionError} See {@link detectIncognito}.\n */\nexport async function isIncognito(\n options: DetectIncognitoOptions = {},\n): Promise<boolean> {\n const result = await detectIncognito(options);\n return result.isPrivate;\n}\n\nfunction resolveGlobals(\n overrides: DetectionGlobals \| undefined,\n): DetectionGlobals {\n if (overrides) return overrides;\n // Boundary cast on `window`: the live object carries non-standard properties\n // the detector relies on (notably `performance.memory`) that the standard\n // DOM lib types do not declare.\n return {\n navigator: typeof navigator === 'undefined' ? undefined : navigator,\n window:\n typeof window === 'undefined'\n ? undefined\n : (window as unknown as WindowLike),\n indexedDB: typeof indexedDB === 'undefined' ? undefined : indexedDB,\n };\n}\n\nfunction isBrowserLike(\n globals: DetectionGlobals,\n): globals is DetectionGlobals & {\n navigator: NonNullable<DetectionGlobals['navigator']>;\n} {\n return Boolean(globals.navigator?.userAgent);\n}\n"]}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "is-incognito-mode",
-  "version": "2.0.1",
+  "version": "2.1.0",
   "description": "Reliably detect whether the user's browser is in private / incognito mode. Zero dependencies, dual ESM + CJS, fully typed.",
   "keywords": [
     "incognito",