We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

为提升您的使用体验,本站正在维护,部分功能暂时无法使用。如果本站文章无法解决您的问题,您想要向社区提问的话,请到 Twitter 上的 @FirefoxSupport 或 Reddit 上的 /r/firefox 提问,我们的支持社区将会很快回复您的疑问。

搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

I am seeing a few persistent cookies that remain after a session has been closed.

  • 4 个回答
  • 1 人有此问题
  • 2 次查看
  • 最后回复者为 bolcrom

more options

I have set my privacy settings to :

-Always accept cookies from sites (including third party)

-Keep cookies until "I close firefox"

-Clear history when firefox closes (checking all item in "Settings for Clearing History" except for "Saved Passwords")

-I do not maintain any list of Exceptions

To the best of my knowledge, this has been working perfectly for a long time now. Earlier today, though, I used CCleaner to examine the cookies on my system. All of my browser sessions were closed in all of my browsers (FF, Chrome, IE, Edge). Therefore, I was surprised to find a few cookies attributed to firefox in the cookies console. They represented no more than four or five domains and I didn't think much of it as I attributed it to possibly an artifact of my recent upgrade to Windows 10. I deleted said cookies. However, out of curiosity, I later visited one of the domains represented - mega.nz - and toyed around for a minute. The site offers registration free uploads from its start page. I uploaded a small junk file and then navigated away from the page to news.google.com. Then I closed the entire firefox session and took a look at the cookie console in CCleaner. Once again, mega.nz 's cookie persisted through the closed session. For comparison, no other cookies from that particular session across several domains were still there.

Now, I wish that I had paid better attention to the persistent cookies that I deleted earlier in the day to better contribute to this knowledgebase. Other than mega.nz, I can only be sure that bostonglobe.com also leaves a persistent cookie. So, it seems that there is a type of non-flash cookie that now persists across Firefox sessions. I invite you to please replicate my observations and confirm them for yourselves. It's my hope that Firefox developers will see this and plug this serious privacy breach. Respect for user privacy has meant everything to me in my continual loyalty to Firefox.

I have set my privacy settings to : -Always accept cookies from sites (including third party) -Keep cookies until "I close firefox" -Clear history when firefox closes (checking all item in "Settings for Clearing History" except for "Saved Passwords") -I do not maintain any list of Exceptions To the best of my knowledge, this has been working perfectly for a long time now. Earlier today, though, I used CCleaner to examine the cookies on my system. All of my browser sessions were closed in all of my browsers (FF, Chrome, IE, Edge). Therefore, I was surprised to find a few cookies attributed to firefox in the cookies console. They represented no more than four or five domains and I didn't think much of it as I attributed it to possibly an artifact of my recent upgrade to Windows 10. I deleted said cookies. However, out of curiosity, I later visited one of the domains represented - mega.nz - and toyed around for a minute. The site offers registration free uploads from its start page. I uploaded a small junk file and then navigated away from the page to news.google.com. Then I closed the entire firefox session and took a look at the cookie console in CCleaner. Once again, mega.nz 's cookie persisted through the closed session. For comparison, no other cookies from that particular session across several domains were still there. Now, I wish that I had paid better attention to the persistent cookies that I deleted earlier in the day to better contribute to this knowledgebase. Other than mega.nz, I can only be sure that bostonglobe.com also leaves a persistent cookie. So, it seems that there is a type of non-flash cookie that now persists across Firefox sessions. I invite you to please replicate my observations and confirm them for yourselves. It's my hope that Firefox developers will see this and plug this serious privacy breach. Respect for user privacy has meant everything to me in my continual loyalty to Firefox.

由bolcrom于修改

所有回复 (4)

more options

bolcrom said

I have set my privacy settings to :
-Always accept cookies from sites (including third party)
-Keep cookies until "I close firefox"
-Clear history when firefox closes (checking all item in "Settings for Clearing History" except for "Saved Passwords")

I believe the way it is supposed to work is as follows:

  • With Keep cookies until "I close Firefox" (and no exceptions) any local storage items collected during your session should be expired/removed at the end of your session.
  • With Clear history when Firefox closes including cookies, any local storage items in the browser should be cleared.

What does CCleaner show is the actual content of the local storage for any sites persisting after you exit Firefox?

more options

It look as though there are some open "bugs" relating to clearing of local storage.

Regarding the setting of cookies expiring at the end of the session:

Bug 886832 – localstorage not deleted when closed even though "[Privacy - Cookies] Keep until I close Firefox" is enabled.

Regarding clearing cookies using the shutdown cleaning, that should remove the stored data. It might not remove the folder or database.

more options

I've included the cookie, sqlite, idb, etc. files remaining on my drive after entire closing a session. I visited bostonglobe.com and mega.nz. I uploaded a small test file on the latter site. I believe the larger chunks (in KB) you see in the attached png are the locally encrypted parts of that file as it was disassembled before being transferred to Mega.

Also, note that the actual cookies for the sites have been "deleted" according to the output in the Ccleaner console. I believe that while the content of the cookie which includes the alphanumeric identifier has been scraped at the session's close, the "shell" of the cookie indicating that you've visited the sites remains.

Thanks for pointing me to the open bug. I don't think it's out of turn to note that that bug has now been open for two years. Mozilla provides us a great free service, but the quality of that service has always hinged on mozilla's unchallenged concern for user privacy. A flaw of this nature nearly breaks that contract for me.

由bolcrom于修改

more options

It's worth noting that Twitter has now started using these super cookies.