Programs that respect your privacy

Downloaded File Locations

Update

With the release of Privacy Browser 2.9, most of the following information is now obsolete.  Privacy Browser 2.9 includes the WRITE_EXTERNAL_STORAGE permission.  On devices running Android Lollipop (API 22) and older and on devices running Android Marshmallow (API 23) and newer that allow the storage permission, downloads will now be saved in the public Download folder.  On devices running Marshmallow and newer that disable the storage permission, downloads will continue to be stored in the Privacy Browser’s Download folder.


From time to time I have received questions regarding file downloads and their locations. Instead of answering each question individually, I thought it would make more sense to post a definitive set of answers here.

The download location of files varies by Android version. Privacy Browser uses Android’s built-in download manager to download files. In KitKat (version 4.4.x, API 19) and Lollipop (version 5.x, APIs 21-22) downloads are stored in

/data/data/com.android.providers.downloads/cache

which is download manager’s private location. Only apps that have root permissions can access these files directly. In Marshmallow (version 6.x, API 23) and Nougat (version 7.x, APIs 24-25) the downloads are stored in Privacy Browser’s Download folder, which for the standard flavor is

/sdcard/Android/data/com.stoutner.privacybrowser.standard/files/Download

and for the free flavor is

/sdcard/Android/data/com.stoutner.privacybrowser.free/files/Download

These locations are available to any app on Android that requests permissions to read external storage.

For Marshmallow and newer, download manager also has a built-in option to copy the downloaded file to any public location.

The long term plan is to make the standard Download folder the default file download location and allow the user to set any public location as their default download folder in the settings. Doing so will require the addition of the WRITE_EXTERNAL_STORAGE permission. As I have written previously, I have been contacted by users requesting that I don’t add this permission at this time. The reason being that, for users on API <= 22 (KitKat and Lollipop), there is no way to disable this permission if it is listed in the Manifest file. The concern is that a malicious website will be able to exploit a flaw in Android’s WebView and gain access to the file system. Beginning with Marshmallow, users can disable this permission if desired.

Based on statistics from Google Play, currently 41.03% of standard installs and 52.31% of free installs are on API <= 22. This compares favorably to the general Android version distribution of 58% on API 19-22 (not to mention those below API 19), but it is still a significantly large portion of the userbase.

Long term, Privacy Browser will add both READ_EXTERNAL_STORAGE and WRITE_EXTERNAL_STORAGE permissions. There are several planned features that require these, like uploading of file to websites and import/export/synchronization of encrypted settings between devices. So far I have focused on developing features that do not require these permissions, hoping that by the time I have implemented all the features that don’t require them a larger percentage of the userbase will be on API >= 23. However, I realize that this diminishes the usefulness of file downloads for older devices. I have created a feature request to give users the opportunity to voice their opinion as to when these permissions should be added.

Just to round out the discussion of file downloads, there is a bug (now fixed) that prevents Privacy Browser from downloading files from websites that require authentication. This is because Privacy Browser doesn’t pass off the authenticated session information to Android’s download manager. I haven’t looked deeply into this bug, but it is possibly I might need to implement my own download mechanism at some point in the future.

Last updated


One response to “Downloaded File Locations”

  1. […] since the beginning of the project. But I have delayed their implementation at the request of users because of potential security implications on devices running versions of Android older than Marshmallow (API < 23). No other permissions […]