Exactly which storage types (IndexedDB, service workers, localStorage) are preserved by DuckDuckGo Fireproofing on Android and iOS?
This fact-check may be outdated. Consider refreshing it to get the most current information.
Executive summary
DuckDuckGo’s “Fireproof” feature intentionally exempts a site’s first‑party cookies and related site storage from the app’s one‑tap purge so users can stay signed‑in (DuckDuckGo Help) [1]. Independent testing and forensic writeups of the Android app report that cookies are the primary artifact preserved for fireproofed sites and that other site data (history, cache, other site storage) is still cleared [2] [3].
1. What DuckDuckGo says: “1st‑party cookies and storage” are preserved
DuckDuckGo’s official help text states that Fireproofing keeps “1st‑party cookies and storage” around so users can remain signed in and avoid the Fire Button wiping those items [1]. The same documentation warns that the Fire Button will not clear 1st‑party cookies and storage for Fireproof Sites, while it will clear other data unless explicitly excluded [1]. This is the company’s only explicit claim in the provided materials about which categories of site data are preserved [1].
2. Independent reporting: cookies specifically called out as preserved
A detailed exploratory post examining DuckDuckGo’s Android artifacts concluded that cookies are the only artifact left intact for fireproof sites and that browsing history, cache, and other site data are still cleared even when a site is fireproofed [2]. Reviews and hands‑on pieces likewise describe the feature in terms of preventing logout by preserving cookies or login state while still purging history and general site data [3] [4]. These independent reports consistently highlight cookies as the preserved element [2] [3].
3. What is not documented or confirmed in the available reporting: IndexedDB, service workers, localStorage
None of the provided official documentation or independent writeups explicitly enumerate IndexedDB, service workers, or localStorage as preserved by Fireproofing; DuckDuckGo’s phrase “storage” is used but not broken down into web platform primitives [1] [2]. The forensic blog reports “other site data” are cleared for fireproof sites and specifies cookies as preserved, implying other storage types were not observed as preserved, but it does not present a definitive list naming IndexedDB, service workers, or localStorage [2]. Therefore, the public sources do not conclusively state whether IndexedDB, service workers, or localStorage are preserved on Android or iOS [1] [2].
4. Reasonable inference and limits of evidence
Given DuckDuckGo’s explicit emphasis on first‑party cookies and independent findings that cookies are the retained artifact, the safest reading of the evidence is that Fireproofing was designed primarily to preserve login cookies and the session state they carry [1] [2]. Independent testers reporting that “other site data” gets cleared suggests IndexedDB/localStorage/service‑worker caches are likely not preserved, but that is an inference from absence of evidence rather than a documented fact in the supplied reporting [2]. The documentation’s single term “storage” could technically include IndexedDB or localStorage, but without explicit confirmation by DuckDuckGo or low‑level forensic results that enumerate those stores, the claim cannot be verified from the provided sources [1] [2].
5. Alternative viewpoints, possible motivations, and what to watch for
DuckDuckGo’s marketing and help pages emphasize preserving site functionality while blocking trackers, and “storage” is used as a convenience framing for users who want to stay signed in [1]. That framing benefits usability and may intentionally avoid technical specificity for non‑technical users; alternatively, avoiding detail could be to retain flexibility in implementation across platforms [1]. Independent blog and review authors focus on cookies because they’re visible, practical, and relevant to login state; forensic testing of mobile apps is more likely to flag cookie databases than to exhaustively test every web storage API unless explicitly targeted [2] [3].
6. Bottom line — what can be stated with confidence
From the available official and independent reporting, Fireproofing preserves first‑party cookies (and thereby login state) for fireproofed sites on DuckDuckGo’s mobile apps [1] [2] [3]. There is no clear, sourced confirmation in the provided materials that IndexedDB, service workers, or localStorage are preserved; forensic reporting suggests “other site data” is cleared, implying those are likely not preserved, but that implication is not proven by the sources given [2] [1]. Absent a more granular statement from DuckDuckGo or a focused forensic test enumerating web storage APIs on Android and iOS, the exact preservation status of IndexedDB, service workers, and localStorage remains unconfirmed in the available reporting [1] [2].