cookiekeeper

Clear HSTS Super Cookies

  1. Series 1.9.0
  2. Bug #1407443
Bug #1407443 reported by Yvon TANGUY
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
cookiekeeper
Fix Released
Wishlist
Yvon TANGUY
cookiekeeper 1.9.0
1.9.0
Fix Released
Wishlist
Yvon TANGUY
cookiekeeper r1.9.0 "cookie-master"

Bug Description

Detailed explanation of HSTS super cookie : http://www.radicalresearch.co.uk/lab/hstssupercookies/

In the Firefox profile, the file SiteSecurityServiceState.txt is used for this cookie.
Add an option to delete it at exit.

Tags: cookie hsts

Related branches

lp:cookiekeeper
Yvon TANGUY (vono22)
tags: added: cookie hsts
Changed in cookiekeeper:
importance: Low → Wishlist
Yvon TANGUY (vono22)
Changed in cookiekeeper:
milestone: r1.8.1 → 1.9.0
Yvon TANGUY (vono22)
Changed in cookiekeeper:
status: Triaged → Fix Committed
Revision history for this message
Yvon TANGUY (vono22) wrote :

Better than delete SiteSecurityServiceState.txt use:
 var sss = Cc["@mozilla.org/ssservice;1"].getService(Ci.nsISiteSecurityService);
 sss.clearAll();

This work only with Firefox 31+ ?
Do not work with palemoon, this is set in previous FFx version in the permissions.sqlite db.

Changed in cookiekeeper:
status: Fix Committed → In Progress
Revision history for this message
Yvon TANGUY (vono22) wrote :

Same for Thunderbird, the HSTS informations are set in the permissions.

Yvon TANGUY (vono22)
Changed in cookiekeeper:
status: In Progress → Fix Committed
Revision history for this message
Yvon TANGUY (vono22) wrote :

Fix in:
http://bazaar.launchpad.net/~vono22/cookiekeeper/trunk/revision/202
http://bazaar.launchpad.net/~vono22/cookiekeeper/trunk/revision/203

Yvon TANGUY (vono22)
Changed in cookiekeeper:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.