Opened 7 years ago

Last modified 5 months ago

#11206 new defect

Tor Browser will not save Exceptions in the Firefox cookie manager

Reported by: toruser23 Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: tbb-torbutton, gitlab-tb-torbutton
Cc: gk Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Cookie exceptions in Tor Browser Bundle 3.5.2 (Torbutton 1.6.6.0) are not remembered when TBB is restarted.

Orginal bug: https://trac.torproject.org/projects/tor/ticket/4749

Child Tickets

Change History (10)

comment:1 Changed 7 years ago by gk

Cc: gk added
Component: Tor bundles/installationTorBrowserButton
Keywords: TBB Torbutton removed
Owner: changed from erinn to mikeperry

Do you have steps to reproduce your problem? What did you try?

comment:2 in reply to:  1 Changed 7 years ago by toruser23

Replying to gk:

Do you have steps to reproduce your problem? What did you try?

I tried adding a cookie exception it wasn't there after I restarted the browser...

comment:3 Changed 7 years ago by toruser23

Firefox mentions exceptions on this help page if anyone has trouble finding them: https://support.mozilla.org/en-US/kb/websites-say-cookies-are-blocked-unblock-them

comment:4 Changed 6 years ago by erinn

Component: TorBrowserButtonTor Browser
Keywords: tbb-torbutton added
Owner: changed from mikeperry to tbb-team

comment:5 Changed 4 years ago by bugzilla

Severity: Normal

#15634 is a duplicate.

comment:6 Changed 10 months ago by gk

Summary: Regression: Torbutton 1.6.6.0 will not save Exceptions in the Firefox cookie managerTor Browser will not save Exceptions in the Firefox cookie manager

Seems to still be an issue as we just had a user showing up on IRC reporting it.

Last edited 10 months ago by gk (previous) (diff)

comment:7 Changed 10 months ago by Thorin

But this is by design. Permissions (all site exceptions are kept in permissions.sqlite) are disabled from writing to disk, and are memory only

  • permissions.memory_only = true

I feel like I'm missing the point, since this ticket has been open for 6 years

comment:8 in reply to:  7 ; Changed 10 months ago by gk

Replying to Thorin:

But this is by design. Permissions (all site exceptions are kept in permissions.sqlite) are disabled from writing to disk, and are memory only

  • permissions.memory_only = true

I feel like I'm missing the point, since this ticket has been open for 6 years

Originally, the ticket has meant something slightly different as Torbutton back in the day had the option to save cookies across sessions if the user chose that option.

However, even if that's not the case today anymore the current situation is still a bug. We need to decide where the bug is, though (I am not sure what the expected behavior in vanilla PBM is but I assume cookies can retained across sessions. Maybe should follow that model? Or maybe we should adapt the UI if permissions.memory_only is set to true making it clear there is no across-sessions-thing. Or maybe the bug is something else). However, offering the option to save exceptions across restarts and not following along to the surprise of users is clearly sub-optimal.

comment:9 in reply to:  8 Changed 6 months ago by Thorin

Replying to gk:

We need to decide where the bug is, though (I am not sure what the expected behavior in vanilla PBM is but I assume cookies can retained across sessions.

No. Cookies (and without double checking, sessionStorage, localStorage) in PBMode are memory only. You can test by checking the cookies.sqlite file in normal mode vs PB mode

Moot anyway, since this is about permissions, not the actual persistent data :)

The distinction here is persistent "web data" vs "user data/settings" and they are different threat models (browsing the web vs having your OS compromised): e.g. PBMode allows bookmarks, passwords, site exceptions etc to be retained, but not history (AFAIK: there have been changes to PBMode in this regard since 68, but I'd have to dig them up). We don't stop people creating bookmarks for usability reasons, so why should we stop other "user" data.

I honestly think this should be distinguished (web vs user) and relevant pref(s) flipped - maybe in the slider (but permissions.memory_only at least requires a restart = too messy)

At the very least, be consistent about disk writes: because it seems like a mixed message here.

comment:10 Changed 5 months ago by sysrqb

Keywords: gitlab-tb-torbutton added
Note: See TracTickets for help on using tickets.