Cookies in developer tools are the same for both normal and private windows
Categories
(DevTools :: Storage Inspector, defect)
Tracking
(firefox128 affected)
| Tracking | Status | |
|---|---|---|
| firefox128 | --- | affected |
People
(Reporter: mazoin22, Unassigned)
Details
Attachments
(2 files)
Steps to reproduce:
I went to the same site using a normal window and private window. When I log in I get a PHPSESSID cookie.
Actual results:
When switching between the normal and private windows the cookies look the same in the developer tools (they may be different in memory though) so it is not possible to distinguish which account is logged in based on the cookie value so copying the cookie's value is useless.
Expected results:
Each window should have its own values for the cookies visible.
115.5.0esr 64 bit, kali 1.0, it may affect higher versions as well.
Comment 2•1 year ago
|
||
The Bugbug bot thinks this bug should belong to the 'Firefox::Private Browsing' component, and is moving the bug to that component. Please correct in case you think the bot is wrong.
Comment 3•1 year ago
|
||
Could you please provide the website that you have tested this with. As we need that to be able to reproduce the issue.
I think I ran into this issue too. There area few odd things that seem to matter to make it work. So follow the steps in order.
- Open a normal browser and go to example.com
- Open developer tools and go to storage, verify there is no cookie for example.com in the normal window.
- Open a private window, go to example.com and open the console.
- In the private tab console run
document.cookie = "foo=bar" - Check the original window, it should have inherited the cookie.
- Close the private window, now the cookie in the original window will disapear
A few oddities about this bug.
- Order of windows opening seems to matter.
- Cookie travels cross containers also
- Dev tools needs to be open in the window where the cookie travels too
- The cookie does not need to be set in dev tools, JS running in the website can set the cookie. Not sure about a cookie header.
Dev tools being open as a requirement implies to me that it's a dev tools bug.
Comment 5•1 year ago
|
||
Thanks. I tested this, it seems to be a visual bug with dev tools as the cookie does not actually exist in the normal browsing window.
Updated•1 year ago
|
Comment 6•1 year ago
|
||
Thanks for the report, I think this is the same bug as https://bugzilla.mozilla.org/show_bug.cgi?id=1856645#c4
Description
•