Using "New Private Window" no longer keeps session data private/separate from the non-private windows open
Older versions worked like this:
1. open firefox 2. log into some site 3. open "new private window" 4. navigate to same site 5. able to log in as a different user (browser did not pass the already logged in info from the other browser)
New behavior:
1. open firefox 2. log into some site 3. open "new private window" 4. navigate to same site 5. site automatically logs me in as the user I logged in as in the other window
Please fix this.
All Replies (9)
hal07 said
Older versions worked like this: 1. open firefox 2. log into some site 3. open "new private window" 4. navigate to same site 5. able to log in as a different user (browser did not pass the already logged in info from the other browser) New behavior: 1. open firefox 2. log into some site 3. open "new private window" 4. navigate to same site 5. site automatically logs me in as the user I logged in as in the other window Please fix this.
I have the same problem. Besides, I have set Firefox to remove all private data (history, storage, cookies, etc...) when closing window. But when I close a private window where I was logged in, I'm still logged on the not private window when visiting the same site.
I expect all data to be deleted when closing any private window.
Any help with that?
Modified
Firefox has two cookie jars: regular windows, and private windows. If you close a private window and discover that your private window cookies till exist in a new private window, most likely there is still at least one other private window open.
If you want two cookie jars, make sure Firefox is not set to use ONLY private windows. You can check that here:
- Windows: "3-bar" menu button (or Tools menu) > Options
- Mac: "3-bar" menu button (or Firefox menu) > Preferences
- Linux: "3-bar" menu button (or Edit menu) > Preferences
In the left column, click Privacy. Then on the right side, check the setting:
(1) Firefox will: Remember history - this is the default and should work
(2) Firefox will: Never remember history - Firefox has no normal windows, all windows are private windows, hence only one cookie jar, and no non-private history is cleaned at shutdown
- To switch to another setting, see #3
(3) Firefox will: Use custom settings for history
- If "Always use private browsing mode" is checked, see #2 for the effects, and uncheck the box to have both regular and private windows, and manage history settings on an individual basis
jscher2000 said
Firefox has two cookie jars: regular windows, and private windows. If you close a private window and discover that your private window cookies till exist in a new private window, most likely there is still at least one other private window open. If you want two cookie jars, make sure Firefox is not set to use ONLY private windows. You can check that here:In the left column, click Privacy. Then on the right side, check the setting: (1) Firefox will: Remember history - this is the default and should work (2) Firefox will: Never remember history - Firefox has no normal windows, all windows are private windows, hence only one cookie jar, and no non-private history is cleaned at shutdown
- Windows: "3-bar" menu button (or Tools menu) > Options
- Mac: "3-bar" menu button (or Firefox menu) > Preferences
- Linux: "3-bar" menu button (or Edit menu) > Preferences
(3) Firefox will: Use custom settings for history
- To switch to another setting, see #3
- If "Always use private browsing mode" is checked, see #2 for the effects, and uncheck the box to have both regular and private windows, and manage history settings on an individual basis
Well, in my case I discovered that private window cookies still exist in a existing normal window, not private. That is my problem.
In Settings -> Privacy tab, I have "Use custom settings for history" and I checked to delete all at close. Also "Always use private browsing mode" is not checked.
Piiru32 said
Well, in my case I discovered that private window cookies still exist in a existing normal window, not private. That is my problem.
That definitely should not happen.
Are you sure you weren't already logged in in the regular window before launching the private window?
Do you use any extensions that might possibly modify how Firefox works in relation to site logins?
Some sites use browser identification techniques to be able to spot visits from different modes and different browsers, such as Flash Local Storage Objects (LSO's, sometimes called supercookies) and fingerprinting, and use that information to re-add the cookies. But it's rare, and in most cases you would not find sites able to copy cookies across from one jar to the other.
jscher2000 said
Piiru32 saidWell, in my case I discovered that private window cookies still exist in a existing normal window, not private. That is my problem.That definitely should not happen.
Are you sure you weren't already logged in in the regular window before launching the private window?
Do you use any extensions that might possibly modify how Firefox works in relation to site logins?
Some sites use browser identification techniques to be able to spot visits from different modes and different browsers, such as Flash Local Storage Objects (LSO's, sometimes called supercookies) and fingerprinting, and use that information to re-add the cookies. But it's rare, and in most cases you would not find sites able to copy cookies across from one jar to the other.
Yes I thought about that. I use many extensions (https://i.imgur.com/JulOuPz.png). Do you think any of that could do something like that?
Modified
Piiru32 said
jscher2000 saidDo you use any extensions that might possibly modify how Firefox works in relation to site logins?I use many extensions (https://i.imgur.com/JulOuPz.png). Do you think any of that could do something like that?
Well, KeeFox is a password manager, but it looks like it's disabled (since it's in the second A-Z list).
I don't use most of your other extensions.
I don't think a Greasemonkey userscript can modify the cookies for a carefully designed site (using "http only" cookies puts them off-limits to local scripts), but user scripts can operate from a single data store of their own between private and non-private windows (separate from a website's local storage/session storage/offline storage), so possibly could leak some data across?
Are you sure that Private Browsing mode is entered?
Do you get the about:privatebrowsing page when you open a New Private Window?
cor-el said
Are you sure that Private Browsing mode is entered? Do you get the about:privatebrowsing page when you open a New Private Window?
Yes I get that page.
jscher2000 said
Piiru32 saidjscher2000 saidDo you use any extensions that might possibly modify how Firefox works in relation to site logins?I use many extensions (https://i.imgur.com/JulOuPz.png). Do you think any of that could do something like that?
Well, KeeFox is a password manager, but it looks like it's disabled (since it's in the second A-Z list).
I don't use most of your other extensions.
I don't think a Greasemonkey userscript can modify the cookies for a carefully designed site (using "http only" cookies puts them off-limits to local scripts), but user scripts can operate from a single data store of their own between private and non-private windows (separate from a website's local storage/session storage/offline storage), so possibly could leak some data across?
Ok now I'll try to disable user scripts and I'll see. Thanks