Closed Bug 665336 Opened 13 years ago Closed 13 years ago

SeaMonkey clears all LSOs (Flash Cookies) when clearing cache only

Categories

(SeaMonkey :: Passwords & Permissions, defect)

x86
Windows XP
defect
Not set
major

Tracking

(seamonkey2.2 fixed, seamonkey2.3 fixed)

RESOLVED FIXED
seamonkey2.4
Tracking Status
seamonkey2.2 --- fixed
seamonkey2.3 --- fixed

People

(Reporter: hhofer42, Assigned: InvisibleSmiley)

References

Details

(Keywords: dataloss)

Attachments

(1 file)

User-Agent:       Mozilla/5.0 (Windows NT 5.1; rv:2.0.1) Gecko/20110608 Firefox/4.0.1 SeaMonkey/2.1
Build Identifier: Mozilla/5.0 (Windows NT 5.1; rv:2.0.1) Gecko/20110608 Firefox/4.0.1 SeaMonkey/2.1

When clearing the cache only in 'Clear Private Data...', all LSOs are removed, too.

Reproducible: Always

Steps to Reproduce:
1. Visit a site that stores LSOs (e.g. http://youtube.com)
2. Use a LSO-viewer to verify LSOs exist (e.g. http://www.nirsoft.net/utils/flash_cookies_view.html)
3. Use 'Clear Private Data...' to clear *only* the cache
4. Use the LSO-viewer again.

Actual Results:  
All LSOs have been deleted.

Expected Results:  
No LSOs should have been cleared. Only if 'Cookies' would have been selected in 'Clear Private Data...', they should have been deleted.

Seems like the call to
  Sanitizer._clearPluginData("FLAG_CLEAR_CACHE");
in Sanitizer.jsm doesn't really respect the flags...
Version: unspecified → SeaMonkey 2.1 Branch
The backend code eventually just sends the clear cache flag to the flash plugin. So I guess the flashplayer code itself considers LSOs cache data. Not too surprising since that was the original intention of LSOs (which can store any data) and websites then started making use of these to store cookie like data.
But i still think, SeaMonkey doesn't behave as expected (FireFox does).

As annoying as LSOs are, I usually want to keep them. And when doing
web development, cache clearing occurs quite frequently.
Yeah sounds reasonable => NEW.
Status: UNCONFIRMED → NEW
Depends on: 632746
Ever confirmed: true
OK, so we gambled (made assumptions about nsIPluginHost flags) and lost. When we added this code, no version of Flash with support for this had been available yet, so we couldn't test it. Firefox never did what we did, so this brings us back in line with what they implemented.

This should probably land on aurora (and beta, if there's still time), too.
Assignee: nobody → jh
Status: NEW → ASSIGNED
Attachment #540591 - Flags: review?(neil)
Severity: normal → major
Keywords: dataloss
Version: SeaMonkey 2.1 Branch → Trunk
[leftover empty line removed locally]
Comment on attachment 540591 [details] [diff] [review]
stop calling clearSiteData for cache [Checkin: comment 9]

Bah, so Firefox creates a flag, doesn't use it, then Flash doesn't implement it correctly, and we lose :-(

> 
>-        Sanitizer._clearPluginData("FLAG_CLEAR_CACHE");
Nit: the blank line can go too.
Attachment #540591 - Flags: review?(neil) → review+
Comment on attachment 540591 [details] [diff] [review]
stop calling clearSiteData for cache [Checkin: comment 9]

Unless we do a respin this is too late for 2.2. 2.3 it should be, then.
Attachment #540591 - Flags: approval-comm-aurora?
Comment on attachment 540591 [details] [diff] [review]
stop calling clearSiteData for cache [Checkin: comment 9]

We will surely do another build for final 2.2 (if only to pick up the rest of the locales), and this seems safe and important enough to make that.
Attachment #540591 - Flags: approval-comm-beta+
Attachment #540591 - Flags: approval-comm-aurora?
Attachment #540591 - Flags: approval-comm-aurora+
Comment on attachment 540591 [details] [diff] [review]
stop calling clearSiteData for cache [Checkin: comment 9]

http://hg.mozilla.org/comm-central/rev/fd5a6fd35d15
http://hg.mozilla.org/releases/comm-aurora/rev/f362e79303f2
http://hg.mozilla.org/releases/comm-beta/rev/b6b64d48ac25
Attachment #540591 - Attachment description: stop calling clearSiteData for cache → stop calling clearSiteData for cache [Checkin: comment 9]
Status: ASSIGNED → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Target Milestone: --- → seamonkey2.2
Target Milestone: seamonkey2.2 → seamonkey2.4
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: