I want to start with a question. When was the last time you actually looked at what a website has stored on your device?
Not just cookies. Everything. IndexedDB. Local storage. Cache storage. Service workers. Form data.
Most people haven't. And honestly most people don't even know these things exist let alone that every site they visit is quietly writing data to their device through all of them.
This bothered me enough that I built something about it.
How it started
I was poking around in Chrome DevTools one day looking at what a fairly ordinary news site had stored on my device. The list was long. Really long. And it wasn't just cookies. There were local storage entries I didn't recognise service workers registered that I had no idea about and IndexedDB entries that had clearly been there for months.
I started checking other sites and the same pattern kept showing up. Loads of data quietly sitting there and no easy way to get an overview of it all or do anything about it without going through DevTools site by site.
So I built Permission Trail.
What it does
Permission Trail is a browser extension that runs silently in the background while you browse. It detects everything websites store on your device locally and feeds it into a private dashboard where you can actually see what's going on.
The dashboard gives you a summary across all sites you've visited including total tracker count stored data types service workers and an average trust score. Below that you get a per site breakdown with a one click delete button to wipe everything a site has stored.
But the part I find most interesting is the advanced analytics view. You can drill into any site and see the exact items stored broken down by type with severity indicators for each category.
That screenshot is the advanced analytics view for Daily Mail. Cookies rated medium. Local storage rated high. Service workers rated medium. You can see every individual cookie name sitting there on your device. Most people have visited a site like that hundreds of times and have no idea any of this is happening.
The notification system
One of the features I'm most happy with is the real time notification system. While you're browsing if a site is storing more trackers than a threshold you configure yourself it will alert you immediately. You can delete the data directly from the notification without even opening the dashboard.
That notification fired on the Daily Mail after detecting 83 trackers. It also gives you the option to automatically delete the site's data when you close the tab which is a setting I personally have on for a handful of sites.
What I learned building this
The technical side of reading all these different storage APIs across sites consistently was messier than I expected. Each storage mechanism works differently and has different access patterns from the extension context. Getting them all surfaced reliably and quickly without slowing down browsing took a lot of iteration.
The bigger challenge was the UX. There is a lot of data and it is very easy to overwhelm people with it. I went through several versions of the dashboard before landing on something that feels digestible. The severity labels on the advanced analytics view were a late addition and I think they do a lot of work in helping people understand what they're looking at without needing to know what IndexedDB actually is.
Try it
Permission Trail is free to download and you can create a free account to get started at permissiontrail.co.uk
If you do try it I'd genuinely love to know what you find on the first site you check. Would also love feedback from other devs on the approach, what's missing, and anything you'd do differently.
Top comments (0)