I've mentioned this problem previously to morse and dwitte, but hadn't got around to filing a bug about it. Ever since 1994, Navigator has had a hard limit on the total number of cookies allowed, MAX_NUMBER_OF_COOKIES, which is 300. Recently, I began noticing that I was being logged out of sites (e.g., bugzilla) seemingly at random. After investigating, I found the problem was this. I have accumulated about 275 persistent cookies, with 3/4 of them having an expiry date of 6 months to 30 years in the future, more than 95% with expiry date of more than 14 days. So, when I start the browser, it doesn't take long before a variety of session cookies get added to the list and I hit MAX_NUMBER_OF_COOKIES (300). The cookie code then goes to remove the oldest cookie, based on last access time. But since I just started the browser, most have a last access time of 0, and essentially the decision on which cookie to remove becomes a random choice. And that is the reason for my "random" logouts. dwitte mentioned an idea that came up when he met with darin about cookie stuff, which was to write the cookies to disk in order of last access (and read them in, assigning a incremental time value as they are read in). That would seem to be a good, short-term solution. There may be a later decision to change the cookie format, but I'd like to leave this bug for the simple, compatible solution (write out in order).
-> dwitte (figuring you might include this with your backend rewrite, or at least it should probably be fixed after your patch lands. feel free to send this back to me.)
Thanks for filing this one jrgm. darin, I can take this. I might need help deciding whether to use your suggestion (writing cookies in order) or altering the file format, I'll chat to you when I've looked at the problem more.
I'm not sure if this is the problem I'm seeing, but basically, every once in a while, I find that I'm not logged in to bugzilla when I visit. When I go to look at the Cookie Manager, though, I can see all the bugzilla cookies are still there, including the login cookie. The cookie dates are all set for years in the future. It doesn't look like I have anywhere near 300 cookies, though.
There are two limits - one is the total number of cookies, which is 300. The other is the maximum number of cookies from one host, which is 20. If you have less than 300 cookies, _and_ you have less than 20 cookies from bugzilla.mozilla.org, then this isn't the problem you're seeing.
*** Bug 187349 has been marked as a duplicate of this bug. ***
marking reso/fixed per bug 195908.
*** Bug 199603 has been marked as a duplicate of this bug. ***
we can fix this in a more performant way if we ever change the fileformat. see bug 230933.