Eheka Pytyvõha

Emboyke pytyvõha apovai. Ndorojeruremo’ãi ehenói térã eñe’ẽmondóvo pumbyrýpe ha emoherakuãvo marandu nemba’etéva. Emombe’u tembiapo imarãkuaáva ko “Marandu iñañáva” rupive.

Kuaave

"deleted all cookies", Cleared CACHE & ACTIVE LOGINS, yet I "do not need to log back into Facebook !

  • 13 Mbohovái
  • 19 oguereko ko apañuãi
  • 8 Hecha
  • Mbohovái ipaháva alscotch

more options

I deleted all cookies , Cleared CACHE, ACTIVE LOGINS, and OFFLINE WEBSITE DATA yet I "do not need to log back into Facebook"

It used to be that I always needed to log back into Facebook after deleting all cookies.

I deleted all cookies , Cleared CACHE, ACTIVE LOGINS, and OFFLINE WEBSITE DATA yet I "do not need to log back into Facebook" It used to be that I always needed to log back into Facebook after deleting all cookies.

Ñemoĩporã poravopyre

alscotch said

I had killed Firefox ( something I do frequently , followed by RESTORE SESSION ) so , no, I never LOGGED OUT. But if THAT doesn't automatically log u out -- what will?

The session history file stores some session cookies. Whether cookies for HTTPS sites are available depends on your settings and whether Firefox goes through a clean shutdown.

Assuming Firefox shuts down normally:

  • If you have Firefox set to start with your windows and tabs from your previous session, cookies for HTTPS sites are preserved in the file. This provides the most seamless experience.
  • If you have Firefox set to start with a blank tab or home page, cookies for HTTPS sites are removed from the file. Because you are not necessarily expecting a perfect restore, this offers higher security.

But in a crash, there's no shutdown cleanup.

To block Firefox from saving cookies for HTTPS sites in the session history file, you can try editing a setting here (I say try because in a crash scenario, you still might have those cookies in the file, I haven't tested):

(1) In a new tab, type or paste about:config in the address bar and press Enter. Click the button promising to be careful.

(2) In the search box above the list, type or paste sess and pause while the list is filtered

(3) Double-click the browser.sessionstore.privacy_level preference and change it from 0 to 1 (zero saves both HTTP and HTTPS, 1 saves only HTTP, when you shut down Firefox).

Emoñe’ẽ ko mbohavái ejeregua reheve 👍 2

Opaite Mbohovái (13)

more options

Is this a regular window or a private browsing window?

I wonder whether Facebook is using Flash local storage objects (sometimes called Flash supercookies) or some other technology as a backup for cookies?


Did you log out of your Facebook session? That would be the safest thing and in that case if you got right in I would suspect:

Firefox may saved your login. Could you check for that here:

"3-bar" menu button (or Tools menu) > Options > Security

Click the "Saved Passwords" button to see whether Facebook is in there

more options

Meanwhile all other sites needed a relogin ( incl. yahoo mail)

more options

No SAVED PASSWORDS ( by the way, I wouldn't dare use that for anything)

I had killed Firefox ( something I do frequently , followed by RESTORE SESSION ) so , no, I never LOGGED OUT. But if THAT doesn't automatically log u out -- what will? It always used to work.

more options

But after I RESTORE SESSION I delete all cookies , Clear CACHE, ACTIVE LOGINS, and OFFLINE WEBSITE DATA.

Note that if I do a normal EXIT FIREFOX + RESTORE SESSION, I DO need to relogin to Facebook. (even without deleting cookies).

FIREFOX windows browser v 39.0

more options

Ñemoĩporã poravopyre

alscotch said

I had killed Firefox ( something I do frequently , followed by RESTORE SESSION ) so , no, I never LOGGED OUT. But if THAT doesn't automatically log u out -- what will?

The session history file stores some session cookies. Whether cookies for HTTPS sites are available depends on your settings and whether Firefox goes through a clean shutdown.

Assuming Firefox shuts down normally:

  • If you have Firefox set to start with your windows and tabs from your previous session, cookies for HTTPS sites are preserved in the file. This provides the most seamless experience.
  • If you have Firefox set to start with a blank tab or home page, cookies for HTTPS sites are removed from the file. Because you are not necessarily expecting a perfect restore, this offers higher security.

But in a crash, there's no shutdown cleanup.

To block Firefox from saving cookies for HTTPS sites in the session history file, you can try editing a setting here (I say try because in a crash scenario, you still might have those cookies in the file, I haven't tested):

(1) In a new tab, type or paste about:config in the address bar and press Enter. Click the button promising to be careful.

(2) In the search box above the list, type or paste sess and pause while the list is filtered

(3) Double-click the browser.sessionstore.privacy_level preference and change it from 0 to 1 (zero saves both HTTP and HTTPS, 1 saves only HTTP, when you shut down Firefox).

more options

alscotch said

But after I RESTORE SESSION I delete all cookies , Clear CACHE, ACTIVE LOGINS, and OFFLINE WEBSITE DATA.

That should work. I don't know why Facebook would be an exception.

more options

Note that your System Details list shows that you have a user.js file in the profile folder to initialize prefs each time Firefox starts. The user.js file will only be present if you or other software has created this file and normally won't be present.

You can check its content with a plain text editor (right-click: "Open with"; do not double-click). The user.js file is read each time Firefox is started and initializes preferences to the value specified in this file, so preferences set via user.js can only be changed temporarily for the current session.

You can delete the user.js file if you didn't create this file yourself.

You can use this button to go to the current Firefox profile folder:

  • Help > Troubleshooting Information > Profile Directory: Show Folder (Linux: Open Directory; Mac: Show in Finder)
more options

this was in my user.js <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< user_pref("extentions.y2layers.installId", "f917254a-d987-4217-99c2-be40ec3e0e87"); user_pref("extentions.y2layers.defaultEnableAppsList", "DropDownDeals,buzzdock,YontooNewOffers");

user_pref("extensions.autoDisableScopes", 14); >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

more options

Changing browser.sessionstore.privacy_level preference from 0 to 1 seems to have worked, thankyou

more options

I kinda pissed that DELETE ALL COOKIES doesn't !

more options

alscotch said

this was in my user.js

That looks sort of malware-ish.

alscotch said

I kinda pissed that DELETE ALL COOKIES doesn't !

I had another thought: what if you were clearing cookies before you "activated" the "restored" Facebook tab. (I put those words in quotes because they might not be technically correct but I think we understand what they mean: reloading background tabs in a window is deferred until you make them the active tab.) In that case, Firefox might have imported the FB cookie from the file after you cleared all cookies in the cookie database.

In this hypothesis, I'm speculating that clearing cookies either doesn't go into the session history file and clear the cookies for tabs that haven't yet been restored, or if it does, that Firefox also is holding them as a pending action somewhere that isn't getting cleared.

That seems like a gap in the function to clear cookies but perhaps a difficult one to fix? Someone probably should file a bug for it, if there isn't one already, to see what the developers think.

Of course, if the FB page had already reloaded when you cleared the cookies, this hypothesis would not be relevant.

more options

It looks that the user.js got created by some malware. It wouldn't hurt to do a malware check with at least AdwCleaner and Malwarebytes' Anti-Malware in cases like this.

Do a malware check with several malware scanning programs on the Windows computer.

Please scan with all programs because each program detects different malware. All these programs have free versions.

Make sure that you update each program to get the latest version of their databases before doing a scan.

You can also do a check for a rootkit infection with TDSSKiller.

See also:

more options

All a website needs to do is use https ( instead of http) to never have its cookie deleted. Just like Facebook is doing. Not good !

Mozilla -- please fix.

I run Norton and recently installed latest Windows updates which runs its own Malware detector. ( I deleted the user.js file)