Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Session cookies persist after browser closed

  • 3 replies
  • 2 have this problem
  • 3 views
  • Last reply by jkl

more options

I use a web page that stores session cookies to handle authorization. Once I found it does not ask authorization after a weeks since last one. Cookies view shows one with authorization token with Expires: Session setting. Is it a bug?

Also browser does not clear opened tabs if was not closed manually, but with the system shutdown. Otherwise tabs are cleared OK. Session cookies are not cleared both ways.

Such behaviour appeared near a December 2019, after some Firefox update. How can I fix cookies problem, and if related tabs problem too?

I use a web page that stores session cookies to handle authorization. Once I found it does not ask authorization after a weeks since last one. Cookies view shows one with authorization token with Expires: Session setting. Is it a bug? Also browser does not clear opened tabs if was not closed manually, but with the system shutdown. Otherwise tabs are cleared OK. Session cookies are not cleared both ways. Such behaviour appeared near a December 2019, after some Firefox update. How can I fix cookies problem, and if related tabs problem too?

Modified by jkl

All Replies (3)

more options

You need to logout properly to clear the session ID on the server and close tabs when you exit/quit Firefox because otherwise this session data (cookies) is stored in sessionstore.jsonlz4 and restored on the next start. Letting Windows close the browser will even more likely cause such issues because you aren't closing the session, so session cookies do not expire.

more options

cor-el said

otherwise this session data (cookies) is stored in sessionstore.jsonlz4 and restored on the next start

This violates Expires cookies contract. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie

As I described such behaviour introduced about 2 months ago, so it should be considered as bug.

more options

Any developers can comment here? Or I should open ticket on bugtracker instead?