Closed Bug 1727048 Opened 3 years ago Closed 3 years ago

more data are removed when "clear cookies and site data" from address bar, causes some websites and extensions behave abnormal

Categories

(WebExtensions :: Untriaged, defect)

Product:
WebExtensions
Component:
Untriaged
Version:
Firefox 91
Platform:
Unspecified
All
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 1313401

People

(Reporter: pingplug, Unassigned)

Details

Attachments

(1 file)

Troubleshooting Information in about:support
47.36 KB, text/plain
Details

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0

Steps to reproduce:

  1. install LastPass plugin and login with multifactor authentication and check "trust my device in 30 days"
  2. open any website
  3. clear cookies from the lock icon in address bar (just clear cookies for this website)
  4. restart firefox

Actual results:

LastPass asked my multifactor authentication again

Expected results:

LastPass should not ask anything

The Bugbug bot thinks this bug should belong to the 'Firefox::Address Bar' component, and is moving the bug to that component. Please revert this change in case you think the bot is wrong.

Component: Untriaged → Address Bar

This sounds like either a problem with LastPass or just a unfortunate consequence of clearing cookies, but it also sounds like it could be a problem with our extensions API, so I'll move it there for further triage. By LastPass plugin I assume you mean the extension at https://addons.mozilla.org/en-US/firefox/addon/lastpass-password-manager/

Component: Address Bar → Untriaged
Product: Firefox → WebExtensions

(In reply to Drew Willcoxon :adw from comment #2)

This sounds like either a problem with LastPass or just a unfortunate consequence of clearing cookies, but it also sounds like it could be a problem with our extensions API, so I'll move it there for further triage. By LastPass plugin I assume you mean the extension at https://addons.mozilla.org/en-US/firefox/addon/lastpass-password-manager/

  1. There is other plugins behave abnormal, not just LastPass
  2. Yes, it's at https://addons.mozilla.org/en-US/firefox/addon/lastpass-password-manager/

I found some other websites is affected too
https://penguin-stats.io/
https://arkn.lolicon.app/

Steps to reproduce:

  1. open https://penguin-stats.io/ and log in (user ID 90726528, no password needed)
  2. open any website in a new tab (like https://distrowatch.com/)
  3. clear cookies from the lock icon in address bar (just clear cookies for https://distrowatch.com/)
  4. reopen https://penguin-stats.io/

then the log-in state is lost in https://penguin-stats.io/

I've reproduced in troubleshoot mode

Hello,

I was able to reproduce the issue using Firefox 91 on Windows 10, using both scenarios described above, with following mentions :

  1. For first scenario(LastPass), I was able to reproduce only first time after creating a LastPass account. For subsequent tries(with account already created) I was not asked for multifactor pass again

  2. Second scenario is consistently reproducible after every cookie clear.

Status: UNCONFIRMED → NEW
Ever confirmed: true
OS: Unspecified → All
Summary: clear cookies and site data causes some plugin (LastPass for example) function abnormal → more data are removed when "clear cookies and site data" from address bar, causes some websites and extensions behave abnormal

(In reply to pingplug from comment #3)

(In reply to Drew Willcoxon :adw from comment #2)

This sounds like either a problem with LastPass or just a unfortunate consequence of clearing cookies, but it also sounds like it could be a problem with our extensions API, so I'll move it there for further triage. By LastPass plugin I assume you mean the extension at https://addons.mozilla.org/en-US/firefox/addon/lastpass-password-manager/

  1. There is other plugins behave abnormal, not just LastPass

Hi, would you mind to provide the addons.mozilla.org link for the other extensions that are misbehaving for you after clearing cookies for a specific website? (possibly along with an STR to reproduce the issue are you are experiencing it)

Flags: needinfo?(pingplug)

(In reply to vcarciu from comment #4)

  1. Second scenario is consistently reproducible after every cookie clear.

For the record, I was unable to reproduce this on either Beta or Nightly. The user stays logged in after clearing data on unrelated site.

(In reply to Tomislav Jovanovic :zombie from comment #6)

(In reply to vcarciu from comment #4)

  1. Second scenario is consistently reproducible after every cookie clear.

For the record, I was unable to reproduce this on either Beta or Nightly. The user stays logged in after clearing data on unrelated site.

That may be because the NextGen LocalStorage backend is the one enabled in Nightly and more recently in Beta (because this is currently riding the 93 train, see Bug 1599979).

If that's the underlying reason (as it seems based on comment 6), than LastPass may be storing some of his data into the extension pages localStorage webAPI (and the other extensions the reporter did mention in comment 3 may be doing it as well) and this would be a duplicate of Bug 1313401.

(In reply to Luca Greco [:rpl] [:luca] [:lgreco] from comment #5)

(In reply to pingplug from comment #3)

(In reply to Drew Willcoxon :adw from comment #2)

This sounds like either a problem with LastPass or just a unfortunate consequence of clearing cookies, but it also sounds like it could be a problem with our extensions API, so I'll move it there for further triage. By LastPass plugin I assume you mean the extension at https://addons.mozilla.org/en-US/firefox/addon/lastpass-password-manager/

  1. There is other plugins behave abnormal, not just LastPass

Hi, would you mind to provide the addons.mozilla.org link for the other extensions that are misbehaving for you after clearing cookies for a specific website? (possibly along with an STR to reproduce the issue are you are experiencing it)

https://addons.mozilla.org/en-US/firefox/addon/switchyomega/
the default proxy is lost after clearing cookies, but proxy settings are kept.
it seems settings on 'moz-extension://' pages are not affected.

Flags: needinfo?(pingplug)

(In reply to Luca Greco [:rpl] [:luca] [:lgreco] from comment #7)

(In reply to Tomislav Jovanovic :zombie from comment #6)

(In reply to vcarciu from comment #4)

  1. Second scenario is consistently reproducible after every cookie clear.

For the record, I was unable to reproduce this on either Beta or Nightly. The user stays logged in after clearing data on unrelated site.

That may be because the NextGen LocalStorage backend is the one enabled in Nightly and more recently in Beta (because this is currently riding the 93 train, see Bug 1599979).

If that's the underlying reason (as it seems based on comment 6), than LastPass may be storing some of his data into the extension pages localStorage webAPI (and the other extensions the reporter did mention in comment 3 may be doing it as well) and this would be a duplicate of Bug 1313401.

Now I've updated to 92.0, the problem is gone. You're right

Status: NEW → RESOLVED
Closed: 3 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: