User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; hu-HU; rv:1.7.8) Gecko/20050511 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.0; hu-HU; rv:1.7.8) Gecko/20050511 I open URL which use session. After when I close that window, the cookie still exist while I don't close all mozilla applications! In Internet Explorer the cookies still opened only for the child windows, but the outer windows couldn't acces the session cookies. For example: - If I open a new IE browser (from "Start menu" or desktop) the another window's session cookies couldn't accessable. But! If I open a new window from exist browser's window (Ctrl+N, popup window, frames), the new window inherit the session. - Another side: In Mozilla the new window allways inherited the session cookies from all opened windows, don't seperate the sessions! Reproducible: Always Steps to Reproduce: 1. Open a new browser-window (from Start menu) and Open any URL wich use session and login to site. 2. Open another browser-window (from Start menu) and open another URL. 3. Close first window. 4. Open 3rd browser-window (from Start menu) and open the URL which use first window. Actual Results: In the 3rd browser-window the user still logged in to the site! In the internet coffee-s (or "one computer for lot's people" style workplace, internet access point, etc.) this is big security hole, because not enough to close used browser-windows, must be close all mozzila application (mail, browser, calendar, composer). Expected Results: The "session-inherit" must work only the child-opened windows (ie. new tab, popup windows, frames, iframes), but the "master-opened" windows (from start menu) don't inherited the previously opened windows sessions.
duplicate of old bug that's not security sensitive. clearing flag. *** This bug has been marked as a duplicate of 117222 ***
Status: UNCONFIRMED → RESOLVED
Last Resolved: 13 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.