Closed Bug 1891929 Opened 1 year ago Closed 1 year ago

Cookies in developer tools are the same for both normal and private windows

Categories

(DevTools :: Storage Inspector, defect)

Product:
DevTools
Component:
Storage Inspector
Version:
Firefox 116
Type:
defect

Tracking

(firefox128 affected)

Status:
RESOLVED DUPLICATE of bug 1856645
Tracking Flags:
Tracking Status
firefox128 --- affected

People

(Reporter: mazoin22, Unassigned)

Details

Attachments

(2 files)

bugzilla.png
117.99 KB, image/png
Details
2024-04-17_10-24ff.png
117.44 KB, image/png
Details
Attached image bugzilla.png

Steps to reproduce:

I went to the same site using a normal window and private window. When I log in I get a PHPSESSID cookie.

Actual results:

When switching between the normal and private windows the cookies look the same in the developer tools (they may be different in memory though) so it is not possible to distinguish which account is logged in based on the cookie value so copying the cookie's value is useless.

Expected results:

Each window should have its own values for the cookies visible.

115.5.0esr 64 bit, kali 1.0, it may affect higher versions as well.

Attached image 2024-04-17_10-24ff.png

The Bugbug bot thinks this bug should belong to the 'Firefox::Private Browsing' component, and is moving the bug to that component. Please correct in case you think the bot is wrong.

Component: Untriaged → Private Browsing

Could you please provide the website that you have tested this with. As we need that to be able to reproduce the issue.

Flags: needinfo?(mazoin22)

I think I ran into this issue too. There area few odd things that seem to matter to make it work. So follow the steps in order.

  1. Open a normal browser and go to example.com
  2. Open developer tools and go to storage, verify there is no cookie for example.com in the normal window.
  3. Open a private window, go to example.com and open the console.
  4. In the private tab console run document.cookie = "foo=bar"
  5. Check the original window, it should have inherited the cookie.
  6. Close the private window, now the cookie in the original window will disapear

A few oddities about this bug.

  • Order of windows opening seems to matter.
  • Cookie travels cross containers also
  • Dev tools needs to be open in the window where the cookie travels too
  • The cookie does not need to be set in dev tools, JS running in the website can set the cookie. Not sure about a cookie header.

Dev tools being open as a requirement implies to me that it's a dev tools bug.

Thanks. I tested this, it seems to be a visual bug with dev tools as the cookie does not actually exist in the normal browsing window.

Flags: needinfo?(mazoin22)
status-firefox128: --- → affected
Component: Private Browsing → Storage Inspector
Product: Firefox → DevTools

Thanks for the report, I think this is the same bug as https://bugzilla.mozilla.org/show_bug.cgi?id=1856645#c4

Status: UNCONFIRMED → RESOLVED
Closed: 1 year ago
Duplicate of bug: 1856645
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: