Open Bug 1773288 Opened 3 years ago Updated 2 years ago

"Clear cookies and site data" in private mode only clears regular browsing data

Categories

(Toolkit :: Data Sanitization, defect, P3)

Product:
Toolkit
Component:
Data Sanitization
Type:
defect

Tracking

()

People

(Reporter: petru, Unassigned)

References

Details

(Keywords: priv-monitor)

This is a ticket broken off from https://bugzilla.mozilla.org/show_bug.cgi?id=1765314 which was reported for Fenix.

But when testing that I saw that the feature for the following scenario:

  • standard ETP
  • login to a website while in private mode
  • tap the lock icon in the url bar
  • tap "Clear cookies and site data"
  • refresh the page or
  • open a new tab for the same website

is broken since the first implementation in Fenix (which calls https://searchfox.org/mozilla-central/rev/7e34cb7a0094a2f325a0c9db720cec0a2f2aca4f/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/StorageController.java#119) and is also currently broken in Firefox desktop (MacOS).

Blocks: 1765314
Component: Security → Untriaged
Product: Core → Firefox

Paul, would you be able to take a look?

Flags: needinfo?(pbz)

I don't think this is a regression. We've had this behavior since the feature was introduced in Bug 1462469.
The reason is that private browsing has a separate storage bucket which isn't touched by this data clearing feature. We have two options here, we can either update the clearing code to support clearing PBM data when called from PBM windows, or we can hide the button in private browsing mode.

I don't know off-hand how difficult it is to do data clearing in PBM mid-session. On the desktop side the SiteDataManager would need to be updated to target a specific (non 0) privateBrowsingId. The clear data button calls this method: https://searchfox.org/mozilla-central/rev/cc98a15c7327d742d283cddddde712a8a3165006/browser/modules/SiteDataManager.jsm#501
We'd also need to check if the ClearDataService supports clearing Private Browsing Mode data.

If we want to hide it, here is the code that determines visibility: https://searchfox.org/mozilla-central/rev/cc98a15c7327d742d283cddddde712a8a3165006/browser/base/content/browser-siteIdentity.js#917-927 We can add a simple PBM check there.

Severity: -- → S3
Component: Untriaged → Data Sanitization
Flags: needinfo?(pbz)
Priority: -- → P3
Product: Firefox → Toolkit
Summary: "Clear cookies and site data" in private mode does not actually clears them → "Clear cookies and site data" in private mode only clears regular browsing data
Depends on: 1462469
Duplicate of this bug: 1811418
Keywords: priv-monitor

This looks like a dub of bug 1754172 - although there is more going here. Still close it as dub and reference the conversation from here over in the other ticket?

See Also: → 1751045
You need to log in before you can comment on or make changes to this bug.