Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Firefox 65: Can't stay logged in after firefox restarts

  • 6 replies
  • 1 has this problem
  • 65 views
  • Last reply by af32vxl

more options

I routinely block all cookies and only allow those in my exception list. After upgrading firefox to 65, the exception list seems to regard "allow" as "allow for session". The observable effect is that I can't stay logged in for any website after restarting firefox. This has been tested on Google and other websites. Disabling all addons and deleting cookie files in the profile folder couldn't solve the problem either.

I also tested it on a new profile which actually worked well. How should I 'manually upgrade' my profile so it can still stay logged in after firefox restarts please? Btw, I'm using Ubuntu 18 LTS.

Chosen solution

hi af32vxl, currently we're aware of a regression in firefox 65, where in case you have set a particular cookie permission for a subdomain (like https://site.example.com), this will override any permission like "allow" you might have set for the top level domain (https://example.com). is this the case in your setup for sites where you don't stay logged in across sessions as well?

Read this answer in context 👍 1

All Replies (6)

more options

Chosen Solution

hi af32vxl, currently we're aware of a regression in firefox 65, where in case you have set a particular cookie permission for a subdomain (like https://site.example.com), this will override any permission like "allow" you might have set for the top level domain (https://example.com). is this the case in your setup for sites where you don't stay logged in across sessions as well?

more options

Hmm. Not totally sure if that's the reason. Say, does it prevent google to stay logged in?

Based on your explanation, it's hard to tell exactly how the regression works when websites have a central subdomain for authentication (e.g. accounts.google.com). Although other subdomains should look for cookies from accounts.google.com, these cookies are set by accounts.google.com. So, as long as accounts.google.com has "allow" permission, other subdomains with "allow for session" should also work, right?

more options

not entirely sure. in order to try to replicate your setup could you tell exactly, what kind of cookie permissions you have set for all *.google.com domains?

more options

I managed to reproduce the problem on a new profile. The regression seems to be the cause and is more severe than I expected.

First add accounts.google.com, drive.google.com, and www.google.com as allow cookies. The login remains after restarts. Then add another hypothetical subdomain, say do-not-exist.google.com as allow for session. The login can no longer be maintained after restart.

The bug is solved in the nightly build.

Do you have suggestions on the possible solutions, and their pros & cons?

more options

thanks for checking that nightly fixes the problem - it received a patch for it yesterday. it's looking likely that that fix will also be uplifted to 66.0b in the coming days but doubtful if it would still end up on a dot release version of 65.0.

at the moment i see no other solution on release than tweaking the permissions and removing any "blocked" or "allow for session only" for google subdomains to work around that problem on release unfortunately.

more options

Thanks, philipp. That should be the solution for the problem at the moment.

However, I'm having another problem that prevents me from changing some of the permissions (https://support.mozilla.org/en-US/questions/1249232). Seems that complications arise when you have an aging profile. Would you mind having a look too?