Steps: 1- goto google.com 2- sign in 3- sign out Expected outcome: session is closed Actual outcome: session is still open I've tried with both WK1 and WK2, and no significant changes happened in libsoup so we must have broken the session and/or redirection code.
I will check this issue further, hoping not stepping on anyone's toes here. :)
It's also broken for MS's live.com. I'm raising the importance.
I reproduced the steps in google.com. I only tried WK2. I couldn't reproduce the bug. The latest commit I have is r165232.
I tried the steps for www.google.com in WebkiGTK+ MiniBrowser. But could not reproduce the issue. The session is being closed properly.
I've found the cause of this problem, it's the DoNotTrack header, and that's the reson why it doesn't happen in MiniBrowser. Try disabling the DNT setting in ephy.
(In reply to comment #5) > I've found the cause of this problem, it's the DoNotTrack header, and that's the reson why it doesn't happen in MiniBrowser. Try disabling the DNT setting in ephy. Hmm, so we're getting the opposite effect, we send the DNT and as a consequence the session is never closed, so the user is tracked :) We must be doing something terribly wrong with the cookies, because I've set up Firefox to send the DNT and the session management just works. Maybe we should redirect this to epiphany though...
Ok, so the problem is not the DNT header in the end, but the analytics removal ephy does when DNT setting is enabled. So, yes this is definitely an ephy bug.