WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED INVALID
128730
[GTK] Broken session management in google.com and live.com
https://bugs.webkit.org/show_bug.cgi?id=128730
Summary
[GTK] Broken session management in google.com and live.com
Sergio Villar Senin
Reported
2014-02-13 02:27:17 PST
Steps: 1- goto google.com 2- sign in 3- sign out Expected outcome: session is closed Actual outcome: session is still open I've tried with both WK1 and WK2, and no significant changes happened in libsoup so we must have broken the session and/or redirection code.
Attachments
Add attachment
proposed patch, testcase, etc.
mayurk.vk
Comment 1
2014-02-28 01:11:04 PST
I will check this issue further, hoping not stepping on anyone's toes here. :)
Sergio Villar Senin
Comment 2
2014-02-28 03:39:53 PST
It's also broken for MS's live.com. I'm raising the importance.
Diego Pino
Comment 3
2014-03-07 15:06:36 PST
I reproduced the steps in google.com. I only tried WK2. I couldn't reproduce the bug. The latest commit I have is
r165232
.
mayurk.vk
Comment 4
2014-04-27 12:07:43 PDT
I tried the steps for www.google.com in WebkiGTK+ MiniBrowser. But could not reproduce the issue. The session is being closed properly.
Carlos Garcia Campos
Comment 5
2014-05-20 00:33:24 PDT
I've found the cause of this problem, it's the DoNotTrack header, and that's the reson why it doesn't happen in MiniBrowser. Try disabling the DNT setting in ephy.
Sergio Villar Senin
Comment 6
2014-05-20 07:11:25 PDT
(In reply to
comment #5
)
> I've found the cause of this problem, it's the DoNotTrack header, and that's the reson why it doesn't happen in MiniBrowser. Try disabling the DNT setting in ephy.
Hmm, so we're getting the opposite effect, we send the DNT and as a consequence the session is never closed, so the user is tracked :) We must be doing something terribly wrong with the cookies, because I've set up Firefox to send the DNT and the session management just works. Maybe we should redirect this to epiphany though...
Carlos Garcia Campos
Comment 7
2014-05-20 09:23:04 PDT
Ok, so the problem is not the DNT header in the end, but the analytics removal ephy does when DNT setting is enabled. So, yes this is definitely an ephy bug.
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug