{-# LANGUAGE OverloadedLabels #-}
{-# LANGUAGE FlexibleContexts #-}
{-# LANGUAGE ScopedTypeVariables #-}
{-# LANGUAGE MultiWayIf #-}
-- Databases
import Database.Selda (Text, liftIO, (!))
import Data.List (nub, foldl')
import Data.Maybe (mapMaybe)
import Data.Function ((&))
import Data.Default (def)
import Data.Text.Encoding (decodeUtf8)
import Control.Monad (mapM_, when, (>=>))
import Control.Monad.Reader (ReaderT, runReaderT, asks)
import Control.Monad.Except (ExceptT, runExceptT, throwError)
import System.FilePath (joinPath, takeBaseName, (</>))
import Database.Selda (Text, liftIO, (.||), (!))
import Database.Selda.SQLite (withSQLite)
import Control.Monad.Trans.Resource (ResourceT)
import qualified Database.Selda as S
import qualified Database.LevelDB as L
import qualified Database.LevelDB.Streaming as LS
-- Error handling
import Control.Exception as BE
import Control.Monad.Catch as CE
import qualified System.Exit as E
-- Configuration
import qualified Options.Applicative as O
import qualified System.Directory as D
import qualified Data.Configurator as C
-- Text converion
import Data.Text.Encoding (decodeUtf8)
import qualified Data.Text as T
import qualified Data.Text.IO as T
import qualified Data.ByteString as B
-- Version information
import qualified Paths_bisc as Bisc
import Data.Version (showVersion)
import Debug.Trace
-- File locking bypass
import qualified System.Posix.Files as Posix
-- Misc
import Data.List (nub, isInfixOf)
import Data.Maybe (mapMaybe)
import Data.Function ((&))
import Data.Default (def)
import Control.Monad (when)
import Control.Monad.Reader (ReaderT, runReaderT, asks)
import Control.Monad.Except (ExceptT, runExceptT, throwError)
import System.FilePath (joinPath, takeBaseName, (</>))
-- Options
-- | Configuration file settings
-- | Bisc settings
data Settings = Settings
{ webenginePath :: FilePath -- ^ webengine data directory
{ whitelistPath :: FilePath -- ^ whitelist file
, webenginePath :: FilePath -- ^ webengine data directory
, whitelist :: [Text] -- ^ whitelisted domains
, options :: Options -- ^ cli options
-- | Command line options
data Options = Options
{ version :: Bool -- ^ print version number
, dryRun :: Bool -- ^ don't delete anything
, unsafe :: Bool -- ^ ignore locks
, configPath :: FilePath -- ^ config file path
-- | Command line parser
cliParser :: FilePath -> O.ParserInfo Options
cliParser defConfig = (O.helper <*> parser) infos
parser = Options
<$> O.switch
( O.long "version"
<> O.short 'v'
<> "Print the version number and exit"
<*> O.switch
( O.long "dry-run"
<> O.short 'n'
<> ("Don't actually remove anything, "<>
"just show what would be done")
<*> O.switch
( O.long "unsafe"
<> O.short 'u'
<> ("Ignore database locks. " <>
"This will probably corrupt the databases, but " <>
"works while the browser is running.")
<*> O.strOption
( O.long "config"
<> O.short 'c'
<> O.value defConfig
<> "Specify a configuration file"
infos =
O.fullDesc <>
O.progDesc "A small tool that clears cookies (and more)"
-- SQL records
quotaOrigins :: S.Table QuotaOrigin
quotaOrigins = S.table "OriginInfoTable" []
-- | Main monad stack
-- * 'ReaderT' for accessing settings
-- | Clears all means of permanent storage
main :: IO ()
main = do
defConfig <- D.getXdgDirectory D.XdgConfig ("bisc" </> "bisc.conf")
opts <- O.execParser (cliParser defConfig)
when (version opts) $ do
putStrLn ("bisc " <> showVersion Bisc.version)
run <- runAction <$> loadSettings opts
numFailures <- sum <$> mapM (uncurry run) actions
if numFailures == 0
then E.exitSuccess
else do
putStrLn ("\nwarning: " <> show numFailures <> " actions have failed")
E.exitWith (E.ExitFailure numFailures)
config <- D.getXdgDirectory D.XdgConfig ("bisc" </> "bisc.conf")
run <- runAction <$> loadSettings config
run "Cookies" deleteCookies
run "QuotaManager" deleteQuotaOrigins
run "IndexedDB" deleteIndexedDB
run "LocalStorage" deleteLocalStorage
run "SessionStorage" deleteSessionStorage
-- | Runs an 'Action' and pretty-prints the results
runAction :: Settings -> Text -> Action Result -> IO Int
runAction :: Settings -> Text -> Action Result -> IO ()
runAction settings name x = do
a <- BE.try $ runExceptT (runReaderT x settings)
case a of
Right (Right res) -> printResult res >> return 0
Right (Left msg) -> printFailed msg >> return 1
Left (err :: BE.IOException) ->
printFailed (T.pack $ BE.displayException err) >> return 1
Right (Right res) -> printResult res
Right (Left msg) -> printFailed msg
Left (err :: BE.IOException) -> printFailed (T.pack $ BE.displayException err)
printFailed msg =
T.putStrLn ("- " <> name <> " cleaning failed:\n " <> msg)
printFailed msg = T.putStrLn ("- " <> name <> " cleaning failed:\n " <> msg)
printResult (n, bad)
| n > 0 = do
T.putStrLn ("- " <> name <> ": " <> verb <>
" " <> T.pack (show n) <> " entries for:")
T.putStrLn ("- " <> name <> ": deleted " <> T.pack (show n) <> " entries for:")
T.putStrLn (T.unlines $ map (" * " <>) bad)
| otherwise = T.putStrLn ("- " <> name <> ": nothing to delete")
verb = if (dryRun . options $ settings)
then "would delete"
else "deleted"
-- * Cleaning actions
-- | List of actions and their names
actions :: [(Text, Action Result)]
actions =
[ ("Cookies", deleteCookies)
, ("QuotaManager", deleteQuotaOrigins)
, ("IndexedDB", deleteIndexedDB)
, ("LocalStorage", deleteLocalStorage)
, ("SessionStorage", deleteSessionStorage)
-- | Deletes records in the Cookies database
deleteCookies :: Action Result
deleteCookies = do
dir <- asks webenginePath
dry <- asks (dryRun . options)
-- check for database
exists <- liftIO $ D.doesFileExist (dir </> "Cookies")
database <- (</> "Cookies") <$> asks webenginePath
exists <- liftIO $ D.doesFileExist database
when (not exists) (throwError "database is missing")
whitelist <- map S.text <$> asks whitelist
withoutLocks "Cookies" $ \database -> do
CE.handle dbErrors $ withSQLite database $ do
bad <- S.query $ do
cookie <- cookies
S.restrict (by whitelist cookie)
return (cookie ! #host_key)
when (not dry) $
S.deleteFrom_ cookies (by whitelist)
return (length bad, nub bad)
n <- S.deleteFrom cookies (by whitelist)
return (n, nub bad)
by set x = S.not_ (x ! #host_key `S.isIn` set)
-- | Deletes records in the QuotaManager API database
deleteQuotaOrigins :: Action Result
deleteQuotaOrigins = do
dir <- asks webenginePath
dry <- asks (dryRun . options)
-- check for database
exists <- liftIO $ D.doesFileExist (dir </> "QuotaManager")
database <- (</> "QuotaManager") <$> asks webenginePath
exists <- liftIO $ D.doesFileExist database
when (not exists) (throwError "database is missing")
whitelist <- map mkPattern <$> asks whitelist
withoutLocks "QuotaManager" $ \database -> do
whitelist <- map pattern <$> asks whitelist
CE.handle dbErrors $ withSQLite database $ do
bad <- S.query $ do
quota <- quotaOrigins
S.restrict (by whitelist quota)
return (quota ! #origin)
when (not dry) $
S.deleteFrom_ quotaOrigins (by whitelist)
return (length bad, nub bad)
n <- S.deleteFrom quotaOrigins (by whitelist)
return (n, nub bad)
-- check if quota is not whitelisted
by whitelist quota = S.not_ (S.true `S.isIn` matches)
url = quota ! #origin
matches = do
pattern <- S.selectValues (map S.Only whitelist)
S.restrict (url `` S.the pattern)
return S.true
-- check if x ∉ set
by set x = S.not_ . any_ . map ( (x ! #origin)) $ set
-- turns domains into patterns to match a url
mkPattern domain = "http%://%" <> domain <> "/"
pattern domain = S.text ("http%://%" <> domain <> "/")
any_ = foldl' (.||) S.false
-- | Deletes per-domain files under the IndexedDB directory
deleteIndexedDB :: Action Result
deleteIndexedDB = do
webengine <- asks webenginePath
dry <- asks (dryRun . options)
exists <- liftIO $ D.doesDirectoryExist (webengine </> "IndexedDB")
when (not exists) $ throwError "directory is missing"
@ -272,7 +171,6 @@ deleteIndexedDB = do
badFiles = filterMaybe (fmap unlisted . domain) entries
badDomains = mapMaybe domain badFiles
when (not dry) $
liftIO $ mapM_ D.removePathForcibly badFiles
return (length badFiles, nub badDomains)
domain :: FilePath -> Maybe Text
domain = extract . url where
extract [] = Nothing
extract (_:[]) = Nothing
extract (_:xs) = Just $ T.unwords (init xs)
extract (x:[]) = Nothing
extract (x:xs) = Just $ T.unwords (init xs)
url = T.splitOn "_" . T.pack . takeBaseName
whitelist <- asks whitelist
let path = webengine </> "Local Storage" </> "leveldb"
dry <- asks (dryRun . options)
unsafe <- asks (unsafe . options)
when (not dry && unsafe) $ liftIO $ do
-- delete and recreate the lock file to bypass POSIX locks
D.removeFile (path </> "LOCK")
T.writeFile (path </> "LOCK") ""
dbIsOk <- liftIO $ D.doesFileExist (path </> "LOCK")
when (not dbIsOk) (throwError "database is missing or corrupted")
version <- withRetryDB path (\db -> L.get db def "VERSION")
when (version /= Just "1") (throwError "database is empty or the schema unsupported")
-- when dry running replace the delete function with a nop
let delete = if dry then (\_ _ _ -> pure ()) else L.delete
withDB path $ \db -> do
badDomains <- L.withIterator db def $ \i ->
LS.keySlice i LS.AllKeys LS.Asc
& LS.filter (\k -> "META:" `B.isPrefixOf ` k
&& (metaDomain k) `notElem` whitelist)
& LS.mapM (\k -> delete db def k >> return (metaDomain k))
& LS.mapM (\k -> L.delete db def k >> return (metaDomain k))
& LS.toList
n <- L.withIterator db def $ \i ->
@ -339,7 +226,7 @@ deleteLocalStorage = do
& LS.filter (\k -> "_" `B.isPrefixOf` k
&& "\NUL\SOH" `B.isInfixOf` k
&& (recDomain k) `notElem` whitelist)
& LS.mapM (delete db def)
& LS.mapM (L.delete db def)
& LS.length
return (n, badDomains)
whitelist <- asks whitelist
let path = webengine </> "Session Storage"
dry <- asks (dryRun . options)
unsafe <- asks (unsafe . options)
when (not dry && unsafe) $ liftIO $ do
-- delete and recreate the lock file to bypass POSIX locks
D.removeFile (path </> "LOCK")
T.writeFile (path </> "LOCK") ""
dbIsOk <- liftIO $ D.doesFileExist (path </> "LOCK")
when (not dbIsOk) (throwError "database is missing or corrupted")
version <- withRetryDB path (\db -> L.get db def "version")
when (version /= Just "1") (throwError "database is empty or the schema unsupported")
-- when dry running replace the delete function with a nop
let delete = if dry then (\_ _ _ -> pure ()) else L.delete
withDB path $ \db -> do
-- map of id -> isBad
badMap <- L.withIterator db def $ \i ->
@ -395,7 +271,7 @@ deleteSessionStorage = do
LS.keySlice i LS.AllKeys LS.Asc
& LS.filter (B.isPrefixOf "namespace")
& LS.filter (isBad whitelist)
& LS.mapM (\k -> delete db def k >> return (domain k))
& LS.mapM (\k -> L.delete db def k >> return (domain k))
& LS.toList
-- and their records
@ -404,7 +280,7 @@ deleteSessionStorage = do
& LS.filter (B.isPrefixOf "map-")
& LS.mapM (\k ->
case lookup (originId k) badMap of
Just True -> delete db def k >> return 1
Just True -> L.delete db def k >> return 1
_ -> return 0)
& LS.sum
return (n, nub badDomains)
-- * Helper functions
-- | Loads a leveldb database and runs a resourceT action
withDB :: FilePath -> (L.DB -> ResourceT IO a) -> Action a
-- withDB :: FilePath -> (L.DB -> ResourceT IO a) -> Action a
withDB path f = liftIO $ L.runResourceT ( path def >>= f)
-- | Like 'withDB' but retry the action after repairing the db
withRetryDB :: FilePath -> (L.DB -> ResourceT IO a) -> Action a
-- withRetryDB :: FilePath -> (L.DB -> ResourceT IO a) -> Action a
withRetryDB path action = do
res <- CE.try (withDB path action)
case res of
Right b -> return b
Left (e :: BE.IOException) ->
if | "Corruption" `T.isInfixOf` msg -> do
-- try repairing before giving up
liftIO $ path def
withDB path action
| "unavailable" `T.isInfixOf` msg ->
throwError "database is locked (in use by another process)"
| otherwise ->
throwError ("error opening the database:\n " <> msg)
if not ("Corruption" `T.isInfixOf` msg)
then throwError ("error opening the database:\n " <> msg)
else liftIO $ path def >> withDB path action
where msg = T.pack (BE.displayException e)
-- | Bypass SQLite locking mechanism
-- SQLite manages concurrent access via POSIX locks: these are tied to a
-- specific file and pid. They can be bypassed by simply creating a hard
-- link (pointing to the same inode), editing the link and then removing it.
withoutLocks :: String -> (FilePath -> Action a) -> Action a
withoutLocks dbName cont = do
dir <- asks webenginePath
unsafe <- asks (unsafe . options)
real = dir </> dbName
link = real <> "-bypass"
-- bypass the SQLite POSIX locks with hard links
when unsafe $ liftIO (Posix.createLink real link)
res <- cont (if unsafe then link else real)
-- remove the hard links
when unsafe $ liftIO (Posix.removeLink link)
return res
-- | Loads the config file/cli options
loadSettings :: Options -> IO Settings
loadSettings opts = do
-- | Loads the config from a file
loadSettings :: FilePath -> IO Settings
loadSettings path = do
configdir <- D.getXdgDirectory D.XdgConfig "qutebrowser"
datadir <- D.getXdgDirectory D.XdgData "qutebrowser"
defaultWhitelist = joinPath [configdir, "whitelists", "cookies"]
defaultWebengine = joinPath [datadir, "webengine"]
config <- C.load [C.Optional (configPath opts)]
config <- C.load [C.Optional path]
whitelist <- C.lookupDefault defaultWhitelist config "whitelist-path"
webengine <- C.lookupDefault defaultWebengine config "webengine-path"
domains <- T.lines <$> T.readFile whitelist
return (Settings webengine domains opts)
return (Settings whitelist webengine domains)
-- | Catches any Selda error
dbErrors :: S.SeldaError -> Action a
dbErrors (S.DbError msg) = throwError $ "error opening database: " <> T.pack msg
dbErrors e =
if "ErrorBusy" `isInfixOf` msg
then throwError "database is locked (in use by another process)"
else throwError $ "database operation failed: " <> T.pack msg
where msg = BE.displayException e
dbErrors e = throwError $
"database operation failed: " <> T.pack (BE.displayException e)
### A small tool that clears cookies (and more)
Websites can store unwanted data using all sorts of methods: besides the usual
cookies, there are also the local and session storage, the IndexedDB API and
more caches as well.
Websites can store unwanted data using all sorts of methods: besides
the usual cookies, there are also the local and session storage, the
IndexedDB API and more caches as well.
bisc will try to go through each of them and remove all information from
websites that are not explicitly allowed (ie. a whitelist of domains).
It was created for qutebrowser, but it actually supports the storage format
used by Chromium-based browsers, which (sadly) means almost every one nowadays.
It was created for qutebrowser, but it actually supports the storage
format used by Chromium-based browsers, which (sadly) means almost
every one nowadays.
## Installation
bisc is a Haskell program available on [Hackage][hackage] and can be installed
with one of the Haskell package managers. For example, with
[cabal-install][cabal] you would do
bisc is a Haskell program available on [Hackage][hackage] and can
be installed with one of the Haskell package managers. For
example, with [cabal-install][cabal] you would do
cabal install bisc
and similarly for [stack][stack].
Alternatively, if you are using Nix or NixOS, bisc is available under the
attribute `haskellPackages.bisc`. It should also be in the Nix binary cache so
you don't have to build from source.
Alternatively, if you are using Nix or NixOS, bisc is available
under the attribute `haskellPackages.bisc`. It should also be in
the Nix binary cache so you don't have to build from source.
Finally, statically compiled binaries can be found in the
## Configuration
The bisc configuration file is `$XDG_CONFIG_HOME/bisc/bisc.conf`. It allows to
change the paths of the QtWebEngine/Chromium directory and the whitelist file.
The bisc configuration file is `$XDG_CONFIG_HOME/bisc/bisc.conf`.
It allows to change the paths of the QtWebEngine/Chromium
directory and the whitelist file.
The default settings are:
whitelist-path = "$(XDG_CONFIG_HOME)/qutebrowser/whitelists/cookies"
webengine-path = "$(XDG_DATA_HOME)/qutebrowser/webengine"
If you want a different location for the configuration file, you can change it
using the `--config` command line option.
## Usage
- Create an empty whitelist file and write the domains of the allowed cookies,
one per line.
Create an empty whitelist file and write the domains of the
allowed cookies, one per line.
- Run `bisc --dry-run` to see what would be deleted without actually doing it.
- Run `bisc` to delete all non-whitelisted data from qutebrowser.
Run `bisc` to delete all non-whitelisted data from qutebrowser.
Note that running bisc while the browser is open is not safe: this means it
could possibly **corrupt** the databases. Hoever, corruption in the sqllite
@ -66,7 +64,7 @@ corrupt more often, are automatically repaired by bisc.
## License
Copyright (C) 2022 Michele Guerini Rocco
Copyright (C) 2021 Michele Guerini Rocco
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
name: bisc
synopsis: A small tool that clears cookies (and more).
license-file: LICENSE
author: Michele Guerini Rocco
copyright: Copyright (C) 2022 Michele Guerini Rocco
copyright: Copyright (C) 2021 Michele Guerini Rocco
category: Utility
build-type: Simple
extra-source-files:, man/bisc.1 man/bisc.conf.5
cabal-version: >=1.10
source-repository head
type: git
flag static
default: False
description: Create a statically-linked binary
executable bisc
main-is: Main.hs
build-depends: base ==4.* , selda ==0.*,
selda-sqlite ==0.*,
leveldb-haskell ==0.*, resourcet,
filepath, directory, text, unix,
leveldb-haskell ==0.*,
filepath, directory, text,
mtl, configurator, exceptions,
data-default, bytestring,
data-default, bytestring
default-language: Haskell2010
ghc-options: -Wall -Wno-name-shadowing -O2
if flag(static)
extra-libraries: snappy stdc++
basepkgs = import nixpkgs { inherit system; };
pkgs = if static then basepkgs.pkgsStatic else basepkgs.pkgs;
ghc = if static then pkgs.haskell.packages.integer-simple.ghc901
f = { mkDerivation, base, bytestring, configurator, data-default
, directory, exceptions, filepath, leveldb-haskell, mtl, selda
, selda-sqlite , lib, text, snappy
mkDerivation {
pname = "bisc";
version = "";
src = ./.;
isLibrary = false;
isExecutable = true;
executableHaskellDepends = [
base bytestring configurator data-default directory exceptions
filepath leveldb-haskell mtl selda selda-sqlite text
executableSystemDepends = [ snappy ];
buildFlags = lib.optionals static [
homepage = "";
description = "A small tool that clears cookies (and more)";
license = lib.licenses.gpl3;
ghc = if static then pkgs.haskell.packages.integer-simple.ghc8104
else if compiler == "default" then pkgs.haskellPackages
else pkgs.haskell.packages.${compiler};
variant = if doBenchmark then pkgs.haskell.lib.doBenchmark else;
drv = variant (override (ghc.callPackage ./bisc.nix {}));
override = drv: pkgs.haskell.lib.overrideCabal drv (old: with pkgs.lib; {
buildTools = [ pkgs.installShellFiles ];
configureFlags = optional static "-f static";
buildFlags = optionals static [
postInstall = ''
# generate completion
$out/bin/bisc --bash-completion-script "$out/bin/bisc" > bisc.bash
$out/bin/bisc --fish-completion-script "$out/bin/bisc" >
$out/bin/bisc --zsh-completion-script "$out/bin/bisc" > bisc.zsh
installShellCompletion bisc.{bash,fish,zsh}
installManPage man/*.[0-9]
postFixup = optionalString static "rm -r $out/nix-support";
drv = variant (ghc.callPackage f {});
.TH bisc 1 "January 11, 2022" "bisc 0.4.1" "User Commands"
bisc - a small tool that clears cookies (and more)
.B bisc
.RI [ option ]
Websites can store unwanted data using all sorts of methods: besides the usual
cookies, there are also the local and session storage, the IndexedDB API and
more caches as well.
Bisc will try to go through each of them and remove all information from
websites that are not explicitly allowed (ie. a whitelist of domains).
It was created for qutebrowser, but it actually supports the storage format
used by Chromium-based browsers, which (sadly) means almost every one nowadays.
.IP \(bu 2
Create an empty whitelist file (see the FILES section) and write the domains of
the allowed cookies, one per line. For example:
.IP \(bu 2
Run \fCbisc --dry-run\fR to see what would be deleted without actually
doing it.
.IP \(bu 2
Run \fCbisc\fR to delete all non-whitelisted data from qutebrowser.
.BR -c ","\ --config\ FILE
Use FILE as the configuration file.
.BR -n ","\ --dry-run
Don't actually remove anything, just show what would be done.
.BR -u ","\ --unsafe
Ignore database locks.
This will probably corrupt the databases, but works while the browser is
.BR -h ","\ --help
Show the program information and help screen.
.I $XDG_CONFIG_HOME/bisc/bisc.conf
Bisc configuration
.I $XDG_CONFIG_HOME/qutebrowser/whitelists/cookies
Domain whitelist
.I $XDG_DATA_HOME/qutebrowser/webengine
Chromium/QtWebEngine state directory
Note: when the variable $XDG_CONFIG_HOME or $XDG_DATA_HOME is not set,
$HOME/.config and $HOME/.local/share respectively, will be used instead.
\fBbisc.conf\fR(5) for the bisc configuration file
Copyright © 2022 Michele Guerini Rocco.
.TP 0
Released under the GPL, version 3 or greater.
This software carries no warranty of any kind.
@ -1,49 +0,0 @@
.TH bisc.conf 5 "January 11, 2022" "bisc 0.4.1"
bisc.conf - bisc configuration file
The bisc configuration file, found at the following locations, unless specified
via the \fC-c\fR command line option:
.IP \(bu 3
.IP \(bu 3
$HOME/.config/bisc/bisc.conf (when $XDG_CONFIG_HOME is not set)
The bisc.conf file allows to change the default location of a couple of files
used by bisc.
.TP 4
.BR "webengine-path" " (default " "$(XDG_DATA_HOME)/qutebrowser/webengine")
The location of the Chromium/QtWebEngine state directory.
.TP 4
.BR "whitelist-path" " (default " "$(XDG_CONFIG_HOME)/qutebrowser/whitelists/cookies")
The location of the domain whitelist.
This is an example configuration:
# This is a comment
whitelist-path = "/home/alice/docs/cookie-whitelist"
# You can also access environment variables:
webengine-path = "$(HOME)/.local/qutebrowser/webengine"
\fBbisc\fR(1) for the bisc command
Copyright © 2022 Michele Guerini Rocco.
.TP 0
Released under the GPL, version 3 or greater.
This software carries no warranty of any kind.
