-
-
Notifications
You must be signed in to change notification settings - Fork 112
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Google cookies are not deleted #83
Comments
This is on the addon page
Another option, if you get annoyed with the notifications, put google.de in the Related Firefox bug: |
Also you need to refresh the |
Ah I see, sorry for bothering then. I didn't know that firefox sends stuff to google non-stop... I assume they have to give them every URL I'm visiting to check whether it's "safe"? Kind of disturbing... Do you know whether this can be turned off? |
That's not true. See this excellent article by @fmarier as to how Safe Browsing (SB) works. Francois is a Mozilla engineer who works in this area (tracking protection, safe browsing, private browsing mode etc). SB works by using local lists (yes these are curated and maintained by a third party: google), and IF an URLs needs checking, only a part URLs, hashed, and hidden with extra "noise"/traffic is ever sent, etc (and I think it now uses Mozilla APIs?, or at least a new version with even more safeguards) .. but wait, there's more ... Mozilla strip out any extra parameters from google that could be used in any way for ID'ing, as well as using a separate cookie jar and so on. A LOT of work has gone into this, especially over the last couple of years. This separate cookie jar for SB should be protected I believe - maybe Francois can elaborate on that. Using google as the source means a couple of things which should be no-brainers. Google is in a prime position to amass this information and get it right with their resources - so the quality should be great. And it saves duplication of effort, time and money for Mozilla. You can also have a look here at our repo ( https://github.com/ghacksuserjs/ghacks-user.js/blob/master/user.js ) and note section 0410's on Safe Browsing as to how to turn on/off various parts - such as blocking real time checks for items not covered - eg binaries not in local lists. |
I don't mind that it's in a separate cookie jar. The issue is the WebExtension API call for all cookies |
@Thorin-Oakenpants thanks for the explanation and the link! I guess google could still include the 32-bit prefix of the hash of urls of major sites in the list cached by firefox, and then not return the URL of the major site when firefox queries for the precise list of malicious URLs with that prefix upon visiting that site. I'm not paranoid enough to care about the remote possibility though. Thanks again! |
I haven't noticed this bug happening so I'm pretty sure it's fixed by now. |
Describe the Bug/Feature
I'd expect this addon to delete all cookies if I've closed all non-built-in pages, for example if
about:preferences
is the only open tab.The following gif shows an example where this is not happening. Note that firefox sends my search to google.com, which redirects to google.de. Maybe that has something to do with the issue.
Screenshot in which the bug can be seen
Steps for anyone to reproduce the bug
See gif.
Your settings
See gif (I've only activated cookie deletion and set the delay to 0 minutes).
The text was updated successfully, but these errors were encountered: