Brave.sqlite database should not be accessible from the Documents folder

[tmancey]

Due to UIFileSharingEnabled being set to YES in the info.plist files stored in the Documents directory are accessible using iTunes (even if the device is locked) once the device has been connected to a desktop computer and the device has been trusted. Once a device is trusted the only way to remove that trust is via General > Reset > Reset Location & Privacy on the device.

iOS Storage Best Practices recommends storing user-visible content in the Documents directory and non user-visible content such as databases in the Application Support directory.

The Application Support directory can be hierarchical, is persistent, is included in iCloud and iTunes Backups unless files are marked with NSURLIsExcludedFromBackupKey, and disk space is reported in the Storage Settings UI under the "Documents & Data" total.

iOS does not delete the Application Support directory if the application is offloaded.

Test Plan

1. Install Brave (or use an existing installation)
2. Visit a couple websites (just so there is history in the database)
3. Exit Brave
4. To into the Files app on device
5. See if there are any files named Brave.sqlite or Database, etc... anything that looks remotely suspicious. There may be a downloads folder (this is okay)

[cndouglas]

Is there a reason Brave.sqlite is stored in /Documents/ instead of (for example) /Library/Application Support/?

[tmancey]

@liunkae thank you. I agree and will update the ticket.

[srirambv]

Verification passed on iPhone XR with iOS 13.1 beta 2 running 1.12(19.09.07.03)

• Verified on clean install no Brave.sqlite database file created in file.app
• Verified on upgrade install no Brave.sqlite database file created in file.app
• This is still an issue on beta as it creates profile folders on upgrade (Beta upgrade creates profile.profile files #1505)

Verification PASSED on iPad Air 3rd Generation using iOS 13.1 running 1.12 (19.09.12.28):

• ensured that Brave.sqlite wasn't created on a clean install when checking File.app
• ensured that Brave.sqlite wasn't created when upgrading 1.11.4 (19.8.29.21)to 1.12 (19.09.12.28) when checking File.app

Verification passed on iPhone 7+ with iOS 12.4.1 running 1.12(19.09.13.06)

• Verified on clean install no Brave.sqlite database file created in file.app
• Verified on upgrade install no Brave.sqlite database file created in file.app