"Show my windows and tabs from last time" overrides "Keep cookies until: I close Firefox"
I have set Firefox to restore tabs, but also want to delete cookies on close.
When I restart Firefox, any webpages with cookies (e.g. GMail) still have their cookies and log me in again, despite having set Firefox to delete cookies on close.
I appreciate that some users will want the convenience of keeping cookies for open tabs from the last session, but this is not explicitly stated and is not the behaviour I want. I consider it a UX/security bug.
I think it would be best to add an option to either keep or remove the cookies for the tabs from last session when "Show my windows and tabs from last time" is set.
Thanks everyone! :)
Saafara biñ tànn
Are you automatically reopening tabs and windows from the previous session via session restore?
- Tools > Options > General > Startup: "When Firefox Starts": "Show my windows and tabs from last time"
Firefox stores cookies used in tabs that are currently open in the sessionstore.js file as part of saved session data, so those cookies will be restored if Firefox is closed without first closing these tabs.
You can set browser.sessionstore.privacy_level to 2 (never) or 1 (non-HTTPS) on the about:config page to disable saving cookies via session restore in the sessionstore.js file. The browser.sessionstore.privacy_level_deferred pref is used when you do not reopen the previous session automatically via "Show my windows and tabs from last time" and uses the same values.
Jàng tontu lii ci fi mu bokk 👍 4All Replies (2)
Saafara yiñ Tànn
Are you automatically reopening tabs and windows from the previous session via session restore?
- Tools > Options > General > Startup: "When Firefox Starts": "Show my windows and tabs from last time"
Firefox stores cookies used in tabs that are currently open in the sessionstore.js file as part of saved session data, so those cookies will be restored if Firefox is closed without first closing these tabs.
You can set browser.sessionstore.privacy_level to 2 (never) or 1 (non-HTTPS) on the about:config page to disable saving cookies via session restore in the sessionstore.js file. The browser.sessionstore.privacy_level_deferred pref is used when you do not reopen the previous session automatically via "Show my windows and tabs from last time" and uses the same values.
@cor-el: That's exactly what I wanted, thanks! :)