Read more

PSA: Chrome and Firefox do not always clear session cookies on exit

Arne Hartherz
September 26, 2014Software engineer at makandra GmbH

Cookies without an expiration timestamp are called "session cookies". [1] They should only be kept until the end of the browsing session.

Illustration online protection

Rails Long Term Support

Rails LTS provides security patches for old versions of Ruby on Rails (2.3, 3.2, 4.2 and 5.2)

  • Prevents you from data breaches and liability risks
  • Upgrade at your own pace
  • Works with modern Rubies
Read more Show archive.org snapshot

However, when Chrome or Firefox are configured to reopen tabs from last time upon start, they will keep session cookies when closing the browser. This even applies to tabs that were closed before shutting down the browser.

This is by design in Chrome Show archive.org snapshot and Firefox Show archive.org snapshot , has been like that for quite a while now and it seems they won't change their mind.


[1] We are not talking about the the Rails session cookie here, though it often is a session cookie.

Posted by Arne Hartherz to makandra dev (2014-09-26 13:48)