Firefox loses active logins when closed unexpectedly and set to "delete cookies and site data when closed"
Categories
(Toolkit :: Data Sanitization, defect, P1)
Tracking
()
Tracking | Status | |
---|---|---|
firefox-esr91 | --- | unaffected |
firefox100 | --- | unaffected |
firefox101 | --- | unaffected |
firefox102 | + | wontfix |
firefox103 | + | fixed |
People
(Reporter: yoasif, Assigned: h.sofie.p)
References
(Regression)
Details
(Keywords: nightly-community, regression)
Attachments
(1 file)
Recent regression.
Steps to reproduce:
- Login to reddit (or bugzilla, or github, or element - I used reddit)
- enable "Delete cookies and site data when Nightly is closed"
- ensure that the site permission for reddit (via the page info dialog) is set to "allow" for "set cookies"
- kill firefox via a task manager (not a clean quit)
- start Firefox
What happens:
I am logged out from reddit.
Expected result:
I am still logged into reddit, as was the case prior to regression.
7:54.23 INFO: Narrowed integration regression window from [5da87985, cda9c3f8] (3 builds) to [3a23a97d, cda9c3f8] (2 builds) (~1 steps left)
7:54.23 INFO: No more integration revisions, bisection finished.
7:54.23 INFO: Last good revision: 3a23a97debf3c86cf70927df8cefa0e44fdd7e5d
7:54.23 INFO: First bad revision: cda9c3f8950b0fcb826af8f7c0516275c8c0f7b2
7:54.23 INFO: Pushlog:
https://hg.mozilla.org/integration/autoland/pushloghtml?fromchange=3a23a97debf3c86cf70927df8cefa0e44fdd7e5d&tochange=cda9c3f8950b0fcb826af8f7c0516275c8c0f7b2
Reporter | ||
Updated•2 years ago
|
Reporter | ||
Comment 1•2 years ago
|
||
[Tracking Requested - why for this release]: This bug causes data loss in cases where Firefox closes unexpectedly. It is extremely annoying to deal with, especially for users in ram constrained devices where Firefox may be closed by the OS.
Updated•2 years ago
|
Comment 2•2 years ago
|
||
Set release status flags based on info from the regressing bug 1681495
Comment 3•2 years ago
|
||
:hpeuckmann, since you are the author of the regressor, bug 1681495, could you take a look?
For more information, please visit auto_nag documentation.
Reporter | ||
Updated•2 years ago
|
Reporter | ||
Updated•2 years ago
|
Assignee | ||
Comment 4•2 years ago
•
|
||
Please go to the 'History' section in about:preferences#privacy, under settings you can uncheck "Active logins". That should solve the problem. Since Bug 1770881 active logins will not be automatically set anymore when selecting "Delete cookies and site data".
Please report if the problem still exists after unchecking the active logins checkbox.
Comment 5•2 years ago
|
||
Ethan, Hannah, could we get a priority and severity set on this bug to help release management prioritize this issue? Thanks
Reporter | ||
Comment 6•2 years ago
|
||
(In reply to hpeuckmann@mozilla.com from comment #4)
Please go to the 'History' section in about:preferences#privacy, under settings you can uncheck "Active logins". That should solve the problem. Since Bug 1770881 active logins will not be automatically set anymore when selecting "Delete cookies and site data".
Please report if the problem still exists after unchecking the active logins checkbox.
Hannah, in my existing Firefox profile, the "Active logins" checkbox is unchecked, and I still experience the issue, unfortunately.
The only checkboxes checked in my existing profile are: Cookies, Cache, and Offline website data.
Comment 7•2 years ago
•
|
||
Setting preliminary priority / severity flags.
My initial impression is that this is expected behavior, because we want to - even on crash - ensure data is properly cleared when Firefox quits. There is even special code in Sanitizer.jsm to cleanup on startup if the shutdown cleanup has been interrupted. I get that this might be a behavior change from the legacy cookie lifetime policy feature though.
I'll discuss this with Hannah in detail next week and we'll post an update here.
Edit: It's odd that we don't honor the exception though. We should look into that.
Reporter | ||
Comment 8•2 years ago
|
||
(In reply to Paul Zühlcke [:pbz] from comment #7)
Setting preliminary priority / severity flags.
My initial impression is that this is expected behavior, because we want to - even on crash - ensure data is properly cleared when Firefox quits. There is even special code in Sanitizer.jsm to cleanup on startup if the shutdown cleanup has been interrupted. I get that this might be a behavior change from the legacy cookie lifetime policy feature though.Edit: It's odd that we don't honor the exception though. We should look into that.
Not honoring the exception makes it completely unexpected. If it were expected, the same behavior would occur when quitting normally. That isn't the case.
Updated•2 years ago
|
Reporter | ||
Comment 9•2 years ago
|
||
@Pascal, I ask that you reconsider not tracking this bug for 102, since I am now seeing reports that Firefox being killed by systemd-oomd is becoming more common as distributions move to it.
I had previously filed bug 1768765 in regards to the systemd-oomd issues I was experiencing, but I think the social media posts I posted in that bug are relevant in understanding that this issue if released in release Firefox is likely to cause real dissatisfaction and data loss:
- https://www.reddit.com/r/linux/comments/uyl572/ubuntu_2204s_new_oom_killing_system_is_killing/
- https://www.reddit.com/r/Ubuntu/comments/uyl4i6/ubuntu_2204s_new_oom_killing_system_is_killing/
Given that we know about this issue prior to release, and the fact that the improvement afforded in the regressing bug is essentially a tech-debt/cleanup item that works without significant bugs (like this one), I think it makes sense to revert the change until it can be made safer.
Comment 10•2 years ago
|
||
Paul, Hannah, how about backing out bug 1681495 from central now or from beta before we build 102 beta 1 if you think that the risk is acceptable for nightly?
Comment 11•2 years ago
|
||
After talking with Paul,; we are keeping the patch in nightly but will back it out from Beta 102 to give us more time to investigate the issue, thanks!
Reporter | ||
Comment 12•2 years ago
|
||
Appreciate your responsiveness, team.
Assignee | ||
Updated•2 years ago
|
Assignee | ||
Comment 13•2 years ago
|
||
Updated•2 years ago
|
Updated•2 years ago
|
Comment 14•2 years ago
|
||
(In reply to hpeuckmann@mozilla.com from comment #4)
Please go to the 'History' section in about:preferences#privacy, under settings you can uncheck "Active logins". That should solve the problem.
Just to clarify ... AFAIK "Active logins" (privacy.clearOnShutdown.sessions
) relates to HTTP Basic Authentication, not retaining logins via "cookies and site data" (cookies, offlineApps)
Comment 15•2 years ago
|
||
(In reply to Simon Mainey from comment #14)
(In reply to hpeuckmann@mozilla.com from comment #4)
Please go to the 'History' section in about:preferences#privacy, under settings you can uncheck "Active logins". That should solve the problem.
Just to clarify ... AFAIK "Active logins" (
privacy.clearOnShutdown.sessions
) relates to HTTP Basic Authentication, not retaining logins via "cookies and site data" (cookies, offlineApps)
That's right. These categories are quite old and confusing. We want to clean this up in Bug 1765533.
Comment 16•2 years ago
|
||
backout bugherder uplift |
Backed out 8 changesets (bug 1770874) on beta, large refactoring during soft code freeze, needs nightly bake time a=backout
https://hg.mozilla.org/releases/mozilla-beta/rev/9399b62c86fb
Updated•2 years ago
|
Updated•2 years ago
|
Comment 17•2 years ago
|
||
Pushed by hpeuckmann@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/a46093483742 Cleaning per principal when sanitizer is run on startup. r=pbz
Comment 18•2 years ago
|
||
bugherder |
Comment 19•2 years ago
|
||
This bug is marked as fixed for 102 but I can reproduce the exact same problem on 102.0
Comment 20•2 years ago
|
||
This is tangentially related to the partial backout that caused Bug 1777419. We're migrating users to Sanitizer, but the Sanitizer fix for this bug landed in 103, not 102. The Sanitizer didn't use to support exceptions, but now that we're migrating users over from the cookie lifetime policy, which did support them, this is unexpected. Marking 102 as affected.
Updated•2 years ago
|
Description
•