Entry for Flash Cookies in "Clear recent history..."

RESOLVED WONTFIX

Status

()

Firefox
Bookmarks & History
--
critical
RESOLVED WONTFIX
7 years ago
5 years ago

People

(Reporter: sworddragon2, Unassigned)

Tracking

10 Branch
x86_64
Linux
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

7 years ago
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:6.0) Gecko/20100101 Firefox/6.0
Build ID: 20110805184511

Steps to reproduce:

In the dialog "Clear recent history..." I selected the entry "Cache" and cleared so the history.


Actual results:

Firefox deleted even the Flash Cookies.


Expected results:

Firefox shouldn't delete the Flash Cookies if "Cache" is selected because the user don't know that this will delete the Flash Cookies too (especially because this was not common in previous versions). So Firefox deletes data from the user that he don't wanted to get deleted. In my opinion in the dialog "Clear recent history..." there should be an extra entry for the Flash Cookies.
(Reporter)

Updated

7 years ago
Severity: normal → critical
Component: General → Bookmarks & History
Priority: -- → P2
Are you sure this is what happened? Can you reproduce?

Looking at the code in browser/base/content/sanitize.js, we're only clearing the disk cache and image cache when clearing "Cache", where as "Cookies" has code that's explicitly clearing both browser cookies and plugin data.
(Reporter)

Comment 2

7 years ago
I have checked it again and you are right. It is not the entry "Cache" but "Cookies". At least it doesn't change anything because the user don't expect to loose the flash content in this way if he don't know it (and it is not possible to delete the browser cookies without deleting the flash content).
This is the same behavior as Google Chrome. Deleting cookies will delete the plugin data too. It is intended.

If you feel that the issue still supports discussions, please feel free to comment.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 7 years ago
Resolution: --- → INVALID
(Reporter)

Comment 4

6 years ago
I still see no reason why 2 different options are merged into one. For example there is the following situation:

1. I want to delete cookies for some reasons (for example privacy).
2. I want to keep the flash cookies (for example because they are containing important savegames).
Solution: There is no native one in Firefox. If I want to keep the game data I must allow the cookies to spy on me.

A workaround is to use BetterPrivacy. But this is an unsafe solution because the Addon can get broken (not incompatible). Better Privacy 1.67 get even broken with Firefox 10 Beta.


>This is the same behavior as Google Chrome.

Functions shouldn't be copied if they make things worse. It should be no problem to split this option in 2 seperate ones.
Status: RESOLVED → UNCONFIRMED
Resolution: INVALID → ---
(Reporter)

Updated

6 years ago
Version: 6 Branch → 10 Branch

Updated

6 years ago
Priority: P2 → --

Comment 5

5 years ago
I don't think we should expose this implementation detail just because there's one case where it might be useful.

You should be able to get the result you want from per-site prefs.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 7 years ago5 years ago
Resolution: --- → WONTFIX
(Reporter)

Comment 6

5 years ago
> You should be able to get the result you want from per-site prefs.

What does this do exactly? Is this a "Clear Recent History..." which is set per site? If yes this is not what I want because I'm still not able to delete the cookies with keepeing the flash content then.

I don't know why this get's a WONTFIX. The 1 case is an extremely important case. If you don't want an extra checkbox under "Clear Recent History..." an alternative way is to implement this as a hidden option in about:config. It could be an option that forbids Firefox to delete any file out of the ~/.mozilla folder.
In Flash Player 10.3, Adobe started integrating with Firefox in this way to make LSOs easier to remove. Keep in mind that LSOs can be used in similar ways as cookies with regards to tracking/privacy. For most people, a Flash LSO is simply a cookie and should usually be cleared in the same way.

Flash Player 10.3 Release Notes:
"Integration with browser privacy controls for managing local storage"
http://helpx.adobe.com/flash-player/release-note/release-notes-flash-player-10-3.html#main_lso
(Reporter)

Comment 8

5 years ago
> In Flash Player 10.3, Adobe started integrating with Firefox in this way to make LSOs easier to remove.

But it is still Firefox which is deleting the flash content. Let's check the facts again:

- There are cookies stored somewhere in a firefox profile in ~/.mozilla.
- There is flash content stored in ~/.macromedia.
- Enabling "Cookies" on clearing the history will delete content in both directories -> this could be seen as a malicious action because Firefox should not delete anything out of its own user-directory.
- Possible solutions would be to split up the "Cookies" entry or to integrate an option in about:config which forbids any write access out of its own user-directory.
You need to log in before you can comment on or make changes to this bug.