Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How to persist login using containers #1548

Closed
spike-hue opened this issue Sep 17, 2022 · 11 comments
Closed

How to persist login using containers #1548

spike-hue opened this issue Sep 17, 2022 · 11 comments

Comments

@spike-hue
Copy link

Hi, new here!

I'm using Firefox's Multi-Account Container extension (https://addons.mozilla.org/en-US/firefox/addon/multi-account-containers/). I have a container called Twitter Personal to sign into my personal Twitter account. I want this login within the container persisted when Firefox is closed. However, any other cookies/logins I want deleted.

Note:

Any suggestions to set in the user-overrides.js file to allow this to happen?
@rusty-snake
Copy link
Contributor

#1543

@spike-hue
Copy link
Author

Thanks for response!

I just tried this and it does not work:

user_pref("permissions.isolateBy.userContext", true);

I tried adding this to my preexisting user-overrides.js file but did not work.

Then to start from clean slate, my entire user-overrides.js file now just contains and still doesn't work:

user_pref("permissions.isolateBy.userContext", true);

@rusty-snake
Copy link
Contributor

Die you just add it to user-overrides.js or did you anything more (updater, restart, ...)?

Did you added the exception with ctrl-i?

@spike-hue
Copy link
Author

spike-hue commented Sep 17, 2022
edited
Loading

Here are the steps I took:

  1. Quit Firefox
  2. Deleted everything in user-overrides.js
  3. Added user_pref("permissions.isolateBy.userContext", true);. I did this by copying/pasting from https://codeberg.org/rusty-snake/firefox-config/src/commit/ea079491d22113843d61b3d93455518cdd00abad/assets/user-overrides.js#L25-L26. I am using Visual Studio Code which is plain text so no italicize.
  4. I ran ./updater.sh
  5. I ran ./prefsCleaner.sh
  6. Opened Firefox -> opened a custom container -> signed into Twitter -> Quit Firefox -> Opened Firefox -> Opened custom container and Twitter is logged out

Note:

@rusty-snake
Copy link
Contributor

rusty-snake commented Sep 17, 2022
edited
Loading

You need to add an cookie exception.

user.js/user.js

Lines 768 to 778 in 3f09afd

/** SANITIZE ON SHUTDOWN: RESPECTS "ALLOW" SITE EXCEPTIONS FF103+ ***/
/* 2815: set "Cookies" and "Site Data" to clear on shutdown (if 2810 is true) [SETUP-CHROME]
* [NOTE] Exceptions: A "cookie" block permission also controls "offlineApps" (see note below).
* serviceWorkers require an "Allow" permission. For cross-domain logins, add exceptions for
* both sites e.g. https://www.youtube.com (site) + https://accounts.google.com (single sign on)
* [NOTE] "offlineApps": Offline Website Data: localStorage, service worker cache, QuotaManager (IndexedDB, asm-cache)
* [WARNING] Be selective with what sites you "Allow", as they also disable partitioning (1767271)
* [SETTING] to add site exceptions: Ctrl+I>Permissions>Cookies>Allow (when on the website in question)
* [SETTING] to manage site exceptions: Options>Privacy & Security>Permissions>Settings ***/
user_pref("privacy.clearOnShutdown.cookies", true); // Cookies
user_pref("privacy.clearOnShutdown.offlineApps", true); // Site Data

edit: https://github.com/arkenfox/user.js/wiki/3.2-Overrides-%5BCommon%5D#-keep-logins

@spike-hue
Copy link
Author

spike-hue commented Sep 17, 2022
edited
Loading

Ah I think it works now! So just to outline what I did:

  1. For clean slate, deleted everything and just added user_pref("permissions.isolateBy.userContext", true) to user-overrides.js
  2. Run ./updater.sh and then ./prefsCleaner.sh
  3. Go to ☰ Settings > Privacy & Security > Cookies & Site Data > Manage Exceptions
  4. Enter https://www.google.com (or Twitter, etc)
  5. Create a container using https://addons.mozilla.org/en-US/firefox/addon/multi-account-containers/
  6. Signin to Google within custom container
  7. Quit Firefox -> Reopen Firefox -> Go to container and should be logged into Google

I have one other question for this:

  • Since I allowed https://www.google.com cookies, will these be deleted in every tab after quitting Firefox? I would like them to be deleted except for the custom container. Please let me know if need other setting in user-overrides.js to do this if necessary? Seems like cookies persist

@Thorin-Oakenpants Thorin-Oakenpants mentioned this issue Sep 18, 2022
Closed
@Thorin-Oakenpants Thorin-Oakenpants changed the title How to persist login using Firefox Multi-Account Container extension How to persist login using containers Sep 18, 2022
@Thorin-Oakenpants
Copy link
Contributor

@rusty-snake I don't use containers

two questions

  • without the pref, are exceptions not kept?
    • i.e containers are not treated as a different origin
    • e.g. if I always open abc.com in a set container and exempt it, then it just works? yes?
  • with the pref, do you need to add a contextId
    • e.g. if you have two containers for two gmail accounts

Perhaps we should add permissions.isolateBy.userContext to the user.js (and mod the wiki) with some info

@rusty-snake
Copy link
Contributor

Sorry I don't get your question.

What I found out yet by testing in my Nightly

  • containers always isolate cookies, exceptions do not stop this (tested by changeing theme on DDG)
  • Permissions are bound to a container and get a ^userContextId=
    • e.g. block camera in one container (via ctrl-i), same site in other container will show camera prompt.
  • New to me: cookie/storageAccessAPI permissions are special (since when?) and shared between all containers (sAA have an ^userContextId= but is implicitly propagated into/out-of containers)

@Thorin-Oakenpants
Copy link
Contributor

Sorry I don't get your question.

you're the one telling users to add a pref - the least you could do is explain it

@1Naim
Copy link

1Naim commented Sep 19, 2022
edited
Loading

Sorry I don't get your question.

What I found out yet by testing in my Nightly

  • containers always isolate cookies, exceptions do not stop this (tested by changeing theme on DDG)

  • Permissions are bound to a container and get a ^userContextId=

    • e.g. block camera in one container (via ctrl-i), same site in other container will show camera prompt.

  • New to me: cookie/storageAccessAPI permissions are special (since when?) and shared between all containers (sAA have an ^userContextId= but is implicitly propagated into/out-of containers)

Same behaviour here on stable. Camera and microphone (and I assume other permissions too) get a UserContextId when setting the permission when the pref is flipped. Cookie perms don't get a ContextId tho, could be a bug as I'm pretty sure it's supposed to behave like other perms as well.

@Thorin-Oakenpants
Copy link
Contributor

closing after 25 days - if there is a need or want to add permissions.isolateBy.userContext and document it, or there is a need to know how to persist logins per container (doesn't it just work?) then feel free to re-open and explain it

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@spike-hue @Thorin-Oakenpants @rusty-snake @1Naim