Stays logged into gmail after closing browser

VERIFIED DUPLICATE of bug 117222

Status

SeaMonkey
General
--
major
VERIFIED DUPLICATE of bug 117222
14 years ago
2 years ago

People

(Reporter: jith, Unassigned)

Tracking

Trunk
x86
Windows XP

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [sg:nse], URL)

(Reporter)

Description

14 years ago
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5) Gecko/20041107 Firefox/1.0
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5) Gecko/20041107 Firefox/1.0

Hi,

I tried logging in to Gmail.com using a firefox 1.0 . Once logged in i closed
the window without "signing off". after say 5 minutes i opened another firefox
1.0 browser in the same computer and entered gmail.com in the url bar. on me
entering the same gamil shows me the whole inbox without me having to enter my
password. Please not that i have not saved my password in the browser. The same
is the case for hotmail to. the same things occores in the tab option to 

I tried the same on an internet explorer but explorer asks me for the log in
information

Hope this info helps.

Regards
jith


Reproducible: Always
Steps to Reproduce:
1. Open gmail.com
2. Log in
3. Close browser without signing out 
4. Open gamil gain after 5 minutes
5. You can get into the mail box without have to enter the password
1. Open gmail.com
2. Log in
3. Close browser without signing out 
4. Open gamil gain after 5 minutes
5. You can get into the mail box without have to enter the password


Actual Results:  
no authentication is required 

Expected Results:  
Security laps

Nil
> 3. Close browser without signing out 

were any other firefox windows open at this point?

Updated

14 years ago
Summary: Possible security problem in firefox 1.0 while accessing public Web mails → Stays logged into gmail after closing browser
(Reporter)

Comment 2

14 years ago
(In reply to comment #1)
> > 3. Close browser without signing out 
> were any other firefox windows open at this point?

yes , It could be a fresh Window to. 

(Reporter)

Comment 3

14 years ago
(In reply to comment #2)
> (In reply to comment #1)
> > > 3. Close browser without signing out 
> > were any other firefox windows open at this point?
> yes , It could be a fresh Window to. 

Forgot to mention that this works with mail.Yahoo.com but not with hotmail.com

Hotmail prompts for a password if you follow the same procedure
Product: Browser → Seamonkey

Comment 4

14 years ago
gmail gives you a cookie as a favor. ie lets each window maintain some sort of
semi distinct cookie cache. that's just the way things are. if you want to log
off from a site, then you should follow the site's recommended procedures which
would almost certainly include clicking a log out link.
Group: security
Status: UNCONFIRMED → RESOLVED
Last Resolved: 14 years ago
Resolution: --- → INVALID
Whiteboard: [sg:nse]
this is a duplicate, actually...
Status: RESOLVED → UNCONFIRMED
Resolution: INVALID → ---

*** This bug has been marked as a duplicate of 117222 ***
Status: UNCONFIRMED → RESOLVED
Last Resolved: 14 years ago14 years ago
Resolution: --- → DUPLICATE
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.