User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7) Gecko/20040626 Firefox/0.9.1 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7) Gecko/20040626 Firefox/0.9.1 Session cookies are meant to identify a "conversation" between an agent and a webpage in a unique way. Currently (FireFox 0.9.1) a session cookie that is created on one tab, will be sent back to the website when it is accessed by a different tab. Even two separate browser instances seem to "share" session cookies. This is a bug. It is impossible to use 2 separate running copies of FireFox to maintain 2 separate "sessions" on a given website. This is very bad, and needs to be fixed. Reproducible: Always Steps to Reproduce: 1. Visit a webpage that uses a session cookie. 2. Use another instance of FireFox to access the same webpage. 3. Notice that you are using the same "session". Actual Results: Session cookies are shared across browser instances. Expected Results: ANY cookie with a maximum age of 0 should be considered a session cookie, and should only be sent back to the originating website by the window that created it. Other tabs, or running copies of FireFox should NOT send session cookies that they did not originally accept. This may cause much trouble in web-applications because often data is saved to the "session". This can cause any data stored in the session to become available to another browser instance. This is a major flaw that can cause web applications to fail.
*** This bug has been marked as a duplicate of 117222 ***
Status: UNCONFIRMED → RESOLVED
Last Resolved: 14 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.