Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

check some override recipe things #1293

Closed
Thorin-Oakenpants opened this issue Dec 7, 2021 · 11 comments
Closed

check some override recipe things #1293

Thorin-Oakenpants opened this issue Dec 7, 2021 · 11 comments

Comments

@Thorin-Oakenpants
Copy link
Contributor

enable session restore recipe:

  • SR actually works with places.history.enabled=false
  • Cookies are restored even with browser.sessionstore.privacy_level=2 (note that I don't use network.cookie.lifetimePolicy=2).
  • browser.sessionstore.privacy_level=0 restores formdata even with privacy.clearOnShutdown.formdata=true.

Originally posted by @rusty-snake in #1277 (comment)

@LtqxWYEG
Copy link

LtqxWYEG commented Dec 10, 2021

Don't forget

user_pref("privacy.clearOnShutdown.offlineApps", false);
user_pref("privacy.cpd.offlineApps", false);

was ripping my hairs out because I had this set to true in my overrides. The behavior just changed with the last FF version, I guess?

Originally posted by @Thorin-Oakenpants in #1291 (comment)

@Thorin-Oakenpants
Copy link
Contributor Author

@fxbrit
Copy link
Collaborator

fxbrit commented Jan 18, 2022

SR actually works with places.history.enabled=false

confirmed. I only needed:

user_pref("browser.startup.page", 3);
user_pref("privacy.clearOnShutdown.history", false);

both can be set using the settings UI in FF btw.

Cookies are restored even with browser.sessionstore.privacy_level=2

confirmed, as long as network.cookie.lifetimePolicy=0 as reported above.

to test this:

  • enable session restore with the two flips above.
  • go to duckduckgo.com.
  • click on settings and set the dark theme for the website.
  • close and re-open the browser.

if the cookie was actually cleared the theme would be set to white because of RFP, instead it is still dark.

@Thorin-Oakenpants
Copy link
Contributor Author

SR actually works with places.history.enabled=false

this is a great comment - the intersection of SR and history and sanitizing (and where form data and history come regards privacy/sanitizing) has never been clear cut

I can't for sure say what the old behavior was (ignoring PB mode) - but we had that there for a reason, so I guess behavior changed. SR files are created and maintained in case of a crash, and if you allow SR then it just doesn't wipe it on close.

I guess I could test my FF set in a binary fashion until I find when it changed

@fxbrit
Copy link
Collaborator

fxbrit commented Jan 28, 2022

I guess I could test my FF set in a binary fashion until I find when it changed

found this comment from 2018 that suggest the behavior has been the same one for a while -> #575 (comment)

confirmed, as long as network.cookie.lifetimePolicy=0 as reported above.

I want to re-test this once that pref is deprecated.

@fxbrit
Copy link
Collaborator

fxbrit commented Feb 14, 2022

are we still looking for something in here?

given this issue I propose changing enable session restore recipe to:

/* override recipe: enable session restore ***/
user_pref("browser.startup.page", 3); // 0102
  // user_pref("browser.privatebrowsing.autostart", false); // 0110 required if you had it set as true
  // user_pref("browser.sessionstore.privacy_level", 0); // 1003 to restore formdata, optional
user_pref("privacy.clearOnShutdown.history", false); // 2811
  // user_pref("privacy.cpd.history", false); //  2812 to match when you use Ctrl-Shift-Del, optional

@Thorin-Oakenpants
Copy link
Contributor Author

are we still looking for something in here?

yes. i will get to it when i get to it - the longer i leave it, the higher the chance there is nothing to do

@Thorin-Oakenpants
Copy link
Contributor Author

are we still looking for something in here?

updated the recipe, this is not something I will ever test or can be bothered about, but at least the recipe looks cleaner

@fxbrit
Copy link
Collaborator

fxbrit commented Jul 3, 2022

#1293 (comment)

I re-tested this both in 102 and 103 (where the lifetime pref doesn't even exist anymore), and in both cases I simply had to set an exception for cookies to not be cleared. so browser.sessionstore.privacy_level value still doesn't matter and cookies are not automatically restored with open tabs if sanitize on close is enabled.

@Thorin-Oakenpants
Copy link
Contributor Author

so we're good then? nothing to do?

@fxbrit
Copy link
Collaborator

fxbrit commented Jul 4, 2022

yup, we're good.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

No branches or pull requests

3 participants