The menu item Tools -> Clear Private Data should clear out browser history so there's no mention of what sites the user has visited. It attempts to do this, and initially it seems to work, e.g. Ctrl-H brings up an empty list, but FF3 doesn't delete the list of what zoom setting you prefer per domain.
To test, Clear Private Data, visit a site, e.g. http://google.com/, hit Ctrl-- a couple of times to make the text smaller, Clear Private Data again and exit. Then
and you'll see google.com in the list along with all the other sites that it's remembering content-prefs for.
Marking this as a security vulnerability because users may think they've cleaned up after themselves, but there's information there for others to find.
Ubuntu 8.04, firefox-3.0 3.0.3+build1+ nobinonly- 0ubuntu0. 8.04.1.
The menu item Tools -> Clear Private Data should clear out browser history so there's no mention of what sites the user has visited. It attempts to do this, and initially it seems to work, e.g. Ctrl-H brings up an empty list, but FF3 doesn't delete the list of what zoom setting you prefer per domain.
To test, Clear Private Data, visit a site, e.g. http:// google. com/, hit Ctrl-- a couple of times to make the text smaller, Clear Private Data again and exit. Then
sqlite3 ~/.mozilla/ firefox/ *.default/ content- prefs.sqlite .dump
and you'll see google.com in the list along with all the other sites that it's remembering content-prefs for.
Marking this as a security vulnerability because users may think they've cleaned up after themselves, but there's information there for others to find.