Cookies in incognito are saved
-
After last update if I open a page in an incognito windows, the cookies (of the websites opened in incognito) are saved into not-incognito vivaldi, that wasn't like that before.
-
and in incognito mode are displayed cookies saved in not-incognito vivaldi, another strange thing different from before update 5
-
@gabrasca Hi, there is another similar issue with panels in this version, but that was the other way around (regular cookies active in private panels).
https://forum.vivaldi.net/topic/69388/webpanels-on-private-modeI tried to reproduce your issue by doing:
- Clean profile of Vivaldi 5.0 Stable, Windows x64
- Clear all browser data to be sure nothing is saved in regular window
- Open a private window
- Log in to Vivaldi forum in private window
- Go back to regular window, check if vivaldi forum is logged in (it's not)
- Check devtools (F12) for any cookies saved in
chrome://settings/content/all- no cookies saved.
So basically I cannot reproduce this issue. It would be a very serious problem if cookies (and history) from a private session were saved into the regular profile.
Are you able to make a step-by-step guide how to reproduce this issue every time?
Also where are you seeing these cookies? Vivaldi settings, devtools, chromium settings, an extension?
🎻Volunteer helper · Forum moderator · Sopranos tester 🛠️Troubleshooting 🐛Report a bug 📜Markdown help
🦆"With a rubber duck, one's never alone" -Douglas Adams🦆 -
I don't know if this is something controlled by cookies or not, but something is being retained from a private browsing session.
What happened to me is that last night I saved a document to a specific document folder while in a private browsing window, and this morning (I shut down my computer every day), in a non-private window, I went to save an image, and the save prompt automatically started from that particular document folder instead of the location where I last saved in non-private window (my images folder).
Hope this helps.
-
@pathduck I tried as you suggested and in regular window vivaldi forum was not logged in (as it should be), but if I open in incognito mode a website that leave cookies I can read in settings-privacy-cookies saved (and in chrome://settings/content/all too) the list of every cookie from regular vivaldi AND the cookies of the website opened in incognito (it was not there before, I checked the list).
I noticed also that the bin icon right top now doesn't list closed tabs from incognito mode separated from regular windows but it always lists regular window closed tabs and it opens in regular window, maybe it needs another thread or it is been yet discussed, it could be relate to this problem.
-
@gabrasca I still can't reproduce. I open in a private window BBC News, which saves a ton of cookies. I then check a regular window, no cookies are saved there.
Please explain the exact steps you follow and also what site you use to recreate this issue.
-
This post is deleted! -
@pathduck
I opened bbc, no cookies at all even in the same incognito window, instead with nyaasi or anidexinfo (both opened in incognito) cookies are saved in regular vivaldi too. anyone else has the problem with the bin as I wrote before? -
@gabrasca I can confirm the issue with the sites you mentioned, NYAA and anidex. I also opened a lot of the standard bookmarks from speed dial (clean profile), in a private window and a couple more sites showed up:
Also tested in Vivaldi 4.3 Stable, no cookies saved in regular window.
So yeah, looks like a bug, maybe certain types of cookies or
set-cookierequests on some sites causes this. It's not good for privacy of course. Please report a bug, and good find
Please read:
carefully and report the bug to Vivaldi bugtracker
-
@gabrasca said in Cookies in incognito are saved:
anyone else has the problem with the bin as I wrote before?
Not sure what you mean.
Closed tabs from a regular window do show up in a private window, but that's expected - as do bookmarks and history of course, that's normal. What is NOT expected if closed tabs from a private window shows up in a regular session, that would of course be very bad.
-
@pathduck reported as VB-84929, about the bin I will open another discussion
-
@gabrasca There is actually a fix for this in the last minor update and snapshot. Initially I left the change unlisted as we were checking it further but I have Ninja 🥷 edited it into the changelogs now. Thanks for the report.
-
Ok I edited it again to make it more obvious and mentioned it in the new minor update as well just below that changelog, even though the fix did not arrive there.
This fix was problematic and was actually the cause of the common crashes that some users saw in the second minor update to 5.0.
The major issues are resolved now. However it is also the cause of the regression where people cannot save bookmarks from Private windows, so there will be further fixes as well.
-
@ruarí Beautiful!
I can confirm my test no longer saves cookies into the regular session
From a purely tech/geek viewpoint, I'm very interested in how this happened - like were there some special properties of how cookies were served that caused this? I tried to investigate myself to see if there was anything special about the cookies that made the "transition" but couldn't see anything
-
-
@gabrasca Yes it seems that sometimes this was happening. Ok, fixed again in stable and snapshot releases and we are making some underlying changes now so that
this cannot happen again. -
@Ruarí Can you guarantee that it won't happen again? In my opinion, this is a serious security and privacy issue.
-
@Ruarí said in Cookies in incognito are saved:
we are making some underlying changes now so that
this cannot happen again. -
@molex only one thing is guaranteed in life, and it's not about software always working.
-
@iAN-CooG said in Cookies in incognito are saved:
@molex only one thing is guaranteed in life, and it's not about software always working.
Such software as a web browser should be thoroughly tested, guaranteed to work and guarantee security, especially when developers focus on the privacy of their product. I would have no questions for an amateur developer from a github, but we seem to be talking about a company with ambitions, so such faults are unacceptable, moreover repeatedly.
Bugs like this, in my opinion, should be followed not only by a mark in the release notes, but by a detailed report on which cookies, under what conditions, and how were saved.
