Opened 11 years ago

Last modified 10 years ago

#720 closed defect (User disappeared)

Torbutton deletes all cookies at startup

Reported by: karolinger Owned by:
Priority: Very High Milestone:
Component: Applications/Torbutton Version: 1.1
Severity: Keywords:
Cc: karolinger, silsor, arno, thorstenn Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


I couldn't understand why my cookies where deleted every time I reopened Firefox 3. I don't know if it's extension conflict. But I could find out it was Torbutton after I reinstalled each of my extension one by one until I Installed torbutton and my cookies were deleted. After uninstalling it, no problems. Here's my config:

Generated: Thu Jun 19 2008 07:21:59 GMT-0400 (SA Western Standard Time)
User Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-GB; rv:1.9) Gecko/2008052906 Firefox/3.0
Build ID: 2008052906

Enabled Extensions: [25]

Installed Themes: [2]

Installed Plugins: (8)

  • Java(TM) Platform SE 6 U6
  • Microsoft® DRM
  • Mozilla Default Plug-in
  • QuickTime Plug-in 7.1.6
  • Shockwave Flash
  • Shockwave for Director
  • VLC Multimedia Plugin
  • Windows Media Player Plug-in Dynamic Link Library

[Automatically added by flyspray2trac: Operating System: All]

Child Tickets

Attachments (5)

patch (4.0 KB) - added by arno 11 years ago.
unfinished fix
torbutton_720.patch (14.2 KB) - added by arno 11 years ago.
use nsICookieManager.add|
torbutton_720.patch.1 (8.5 KB) - added by arno 11 years ago.
patch v3
torbutton_720.patch.2 (12.8 KB) - added by arno 11 years ago.
patch v4
torbutton-1.2.0rc4-dev.xpi (191.0 KB) - added by mikeperry 11 years ago.
Torbutton snapshot with new FF3 compatible cookie jar

Download all attachments as: .zip

Change History (24)

comment:1 Changed 11 years ago by karolinger

My config doesn't list Torbutton. I'm sorry, I uninstalled it before listing my config. But those are the extensions I had installed with Torbutton 1.2.0rc2 (8 Jun 2008).

comment:2 Changed 11 years ago by silsor

I also have this problem. I am using Firefox 3.0 and Torbutton 1.2.0rc2 on Windows XP. Even if I never enter the Tor state, I need to log back in to any web site I use each time Firefox is restarted. Completely disabling the torbutton extension solves this problem. I have no other extensions installed.

comment:3 Changed 11 years ago by mikeperry

This is actually a bug in Firefox 3's new cookie implementation. The browser does not properly reload the cookie file
when it receives a "profile-do-change" event.

A bug has been filed at firefox's bugzilla for this. Please go vote on it if you have a firefox bugzilla account:

comment:4 Changed 11 years ago by arno

For some reason, it seems like firefox cannot read ~/profile/cookies.sqlite
database just after is has been copied (is it because it still holds a
connection to the old non existent ~/profile/cookies.sqlite file or for some
other reason ? I don't known). But it appears you can read
~/~/profile/cookies-nontor.sqlite before copying it to its old location. Just
open a sqlite connection, extract the data, and inject them with cookieManager.add

Here is an unfinished patch: functional, but needs testing, error handling, and
polishing. Note that cookie service still has a sqlite connection opened to a
file that has been manually changed.

With my patch, I still encounter a bug it looks like it's related to another
part of the code (although I'm not sure):

  • browse the web without tor
  • enable tor (it saves cookies in cookies-nontor.sqlite)
  • disable tor
  • log to a site
  • kill or crash firefox
  • when reopening, torbutton reads the old cookies-nontor.sqlite, and you have

lost you last cookie.

why does torbutton reads cookies-nontor.sqlite in that case.

XXX: autre bug
XXX: je connais pas trop les problèmes de databases: ouvrir et fermer une ?

Changed 11 years ago by arno

Attachment: patch added

unfinished fix

comment:5 Changed 11 years ago by arno

forget about last two lines, they were just comments to help me remember things to write in the message. I then forgot to remove them :)

comment:6 Changed 11 years ago by arno

or what about saving cookies by:

  • iterating trough all cookies and reading their properties; then storing them either in memory (javascript object) or in a file in any format.

loading them by:

  • calling removeAll to remove all cookies.
  • iterating trough saved cookies (reading file, or javascript object), reading their properties, and adding them back to the cookie manager.

That way, torbutton could avoid copying or modifying cookies.sqlite manually while firefox is running.

comment:7 Changed 11 years ago by mikeperry

Thanks a lot for the patch arno!

The reason Torbutton reads the cookies-nontor.sqlite is because after a crash the Tor state is unknown.
So we have to read the cookie file from a known good state and restore... Unfortunately, this is
at the cost of some recently acquired cookies, but the primary goal is to prevent cookie crossover.

Re your second suggested fix: It does sound like it might be cleaner, but have you noticed any consistency
issues with the old way? In FF2, "profile-before-change" would sync the cookies to disk, so a more complicated
approach wasn't needed. But maybe this might not be the case for FF3, and your mechanism would be good to
have. For the crashed case, we probably do want to write to disk.. But storing in a JS object might be a nice
option to have for people who want to avoid writing their Tor cookies to disk, but would still like
to save them between toggle. Would be a nice option to have.

If you code these up, I will definitely include them. Right now my plan is to take your patch almost
as-is (with a couple of log messages added) and release a 1.2.0rc5 ASAP so people can at least have
some form of cookie jaring under FF3.

Thanks a lot, again!

comment:8 Changed 11 years ago by mikeperry

Ah, yeah, actually it appears those profile events are not syncing the cookie file to disk in FF3. I wonder
what exactly does that now... There has to be something. I don't see the code for it though.

comment:9 Changed 11 years ago by mikeperry

Well, I still don't see anything. I'm guessing this means we should probably just do everything manually..
I don't suppose you've begun coding it already? :)

comment:10 Changed 11 years ago by arno

with firefox3, profile-before-change observer calls nsCookieService::InitDB.
see: http://localhost/lxr/source/netwerk/cookie/src/nsCookieService.cpp#608
and http://localhost/lxr/source/netwerk/cookie/src/nsCookieService.cpp#457

basically, that method loads informations from sqlite database in profile/cookies.sqlite. It's nearly the same thing as javascript function lastAccessed of my previous patch. But with profile/cookies.sqlite as an argument. It looks like it has no effect either in javascript or in c++. If you want to check, try in my previous patch, to copy the cookie file before calling loadCookiesFromFile(profile/cookies.sqlite). It won't work. That's why I use profile/cookies-nontor.sqlite and then copied the file.

My concern is that firefox has a sqlite connection to profile/cookies.sqlite, and then, torbutton comes and change that file's content. Then, when it tries to reload it (by triggering initdb with profile-before-change), it does not work. I don't known exactly what are the potential problems, but I find it alarming enough to prefer a "smoother" way.

So, I wrote another patch proposal using nsICookieManager2.add instead of moving files. My patch loads and restores sessions cookies (in current version of torbutton, only permanent cookies are saved). That can be a (somewhat) problematic if firefox crashes, and then you load saved cookies: you will keep your cookie session even if firefox has crashed meanwhile. In my opinion, that's not a big deal, but if you prefer not to store them, that's trivial: just do not save cookies if isSession is true in _cookiesToXml.

I did not add a pref to not store those informations to disk. You may add one easily (see my comments). If you do that, do not forget to remove the file when switching from "save to disk pref" to "don't save to disk pref". Otherwise, you'll keep an out of date file that will be reloaded at every crash.

Also, note that I did not test with mode unset (ie: with jarred cookies for tor browsing).

Changed 11 years ago by arno

Attachment: torbutton_720.patch added

use nsICookieManager.add|

comment:11 Changed 11 years ago by arno

another patch without ansi colors.
Also, it does not clear cookies in saveCookies
but when old style tor's cookie file exists, it remove it (to clean things, and not let an unused file in the profile)

Changed 11 years ago by arno

Attachment: torbutton_720.patch.1 added

patch v3

comment:12 Changed 11 years ago by arno

here is yap (yet another patch).

  • it uses preferences tor_memory_jar and nontor_memory_jar to not write to disk.
  • in ff2, if old style tor's cookies exists at loading time, it loads it, and deletes it
  • components sets a timer and calls it every minute. With that timer, you may then write code to save cookies if needed

Changed 11 years ago by arno

Attachment: torbutton_720.patch.2 added

patch v4

comment:13 Changed 11 years ago by mikeperry

Ok, snapshot of torbutton with the new cookie jar is attached in the attachments tab for anyone who cares to
test out the patch.

Changed 11 years ago by mikeperry

Attachment: torbutton-1.2.0rc4-dev.xpi added

Torbutton snapshot with new FF3 compatible cookie jar

comment:14 Changed 10 years ago by nickm

Reopened by request from Thorsten Nagler(thorstenn) at Thursday, 29 Jan 2009, 1:37am

comment:15 Changed 10 years ago by mikeperry

thorstenn: What cookies does torbutton delete? If it is not at startup, this is likely a different bug
(or more likely, a misconfiguration issue).

comment:16 Changed 10 years ago by keb

i have torbutton 1.2.1-pre on firefox 3.0.7

the torbutton-disabled cookies are still there at startup,
but the torbutton-enabled cookies are gone as expected.

Enabled relevant settings:

Cookies: Store Non-Tor cookies in a protected jar, Do not write Tor cookies to disk,

Disable DOM Storage during Tor usage, Clear HTTP auth sessions.

Startup: On normal startup: Shutdown state, On session restored startup: Non-tor,

Have the session store save and restore these tabs: Tabs loaded in Non-Tor

Shutdown: Clear Tor cookies during Tor-enabled browser shutdown

comment:17 Changed 10 years ago by mikeperry

keb: so this looks like correct behavior then? Are you saying we should close this bug?

comment:18 Changed 10 years ago by keb

yes it seems to be behaving correctly, given my settings.

comment:19 Changed 10 years ago by mikeperry

flyspray2trac: bug closed.
I haven't heard any other cookie complaints from anyone else for the issue this bug describes. Its possible there are cookie-related bugs still, but if they are, they're not this one. Please open another if you actually do have a problem.

Note: See TracTickets for help on using tickets.