Chrome doesn't delete session cookies
This can be caused by having Chrome set to Continue where you left off.
Further reading
- Bug report: Chrome is not deleting temporary cookies – i.e. not logging me out automatically when I close all browser Windows
- Issue 128513 in Chromium: Session Cookies not cleared when Chrome processes closed
- Issue 128567: Session only cookies don't delete
Chrome not clearing SESSION COOKIES on close/exit
Thanks to KevinB for pointing me in the right direction.
Turns out it wasn't the cookie setting like I thought, I ended up keeping that set to:
Allow local data to be set (recommended)
I remembered that
Google NOW
had recently been installed on my machine, and that I allowed it to run in the background when I did not have my browser open, I believe this was the culprit to my session cookies not being cleared.What ended up fixing this issue was to uncheck the:
Continue running background apps when Google Chrome is closed
setting under the SYSTEM section.
Hope this helps save some headaches....
workaround for session cookies not being removed in chrome
You can maybe use sessionStorage to store your flag? http://www.w3schools.com/html/html5_webstorage.asp
Or is this information required to be sent to the server on every request?
Google Chrome Session Cookie's Workaround
Taking from other posts on stackoverflow as well as taking the comments on my question about re-working the app, I combined some posts to clear cookies and the session variables after 1 hour.
Credit:
- How do I expire a PHP session after 30 minutes?
- Best way to completely destroy a session - even if the browser is not closed
http://php.net/manual/en/function.setcookie.php
if (isset($_SESSION['LAST_ACTIVITY']) && (time() - $_SESSION['LAST_ACTIVITY'] > 3600)) {
if (ini_get("session.use_cookies")) {
$params = session_get_cookie_params();
setcookie(session_name(), '', time() - 42000,
$params["path"], $params["domain"],
$params["secure"], $params["httponly"]
);
}
if (isset($_SERVER['HTTP_COOKIE'])) {
$cookies = explode(';', $_SERVER['HTTP_COOKIE']);
foreach($cookies as $cookie) {
$parts = explode('=', $cookie);
$name = trim($parts[0]);
setcookie($name, '', time()-1000);
setcookie($name, '', time()-1000, '/');
}
}
session_unset();
session_destroy();
echo '<script>window.location= "login.php?pre_action=session_expired";</script>';
}
$_SESSION['LAST_ACTIVITY'] = time(); // update last activity time stamp
I delete cookies file in chrome but i'm still logged in after I restart Chrome
There are two main reasons why your browser ist still authenticating you: You may have not deleted the cookies (for example when deleting the file while Chrome was still running). Check that the Cookies actually have been deleted: In Chrome open the menu, then choose Settings, click "Show Advanced Settings", in the "Privacy" section, click "Content settings". The "Cookies" section should show them (or not).
Not all autologins operate through cookies. Chrome can store passwords and login-pages can still sit in the cache. So try this: Check that the passwords for the sites in question are not saved: In Chrome open the menu, then choose Settings, click "Show Advanced Settings", under "Passwords and forms", click "Manage passwords". Empty the cache: In Chrome open the menu, then choose History. Now you can "Clear Browsing Data".
Restore session cookies from google chrome userdir ( =20)
Hmm, there seems to be "Cookies" file in UserDir of Chrome:
Documents and Settings\USERNAME\Local Settings\Application Data\Google\Chrome\User Data\Default
Users\USERNAME\AppData\Local\Google\Chrome\User Data\Default
This file is in SQLite database (can be opened by many tools, for example sqlitebrowser.org/). There is table "cookies" with (at april 2015, M42 version in stable):
INTEGER creation_utc
TEXT host_key
TEXT name
TEXT value
TEXT path
INTEGER expires_utc
INTEGER secure
INTEGER httponly
INTEGER last_access_utc
INTEGER has_expires
INTEGER persistent
INTEGER priority
BLOB encrypted_value
"value" text field of many recent cookies is empty; cookie value is stored in encrypted_value
BLOB (I think, there was switch to encrypted storage of cookies some time ago - commited in February 2014, issue 313323 - older cookies are stored unencrypted, even secure ones). Session cookies are in the file too.
Encryption is enabled for (MAC) OS X and Windows:
Encrypt all stored cookies on selected operating systems.
As part of the goal of protecting private user information, this encrypts the cookie values on operating systems with user-specific crypto APIs and that do not otherwise protect this data.
Performance tests indicate a penalty of about 1ms per cookie (regardless of size) on a Mac and 0.1ms to 0.7ms (depending on the size) under Windows. This will be higher on older hardware but still insignificant.
Encrypted data is binary (with an overhead of 128 bytes on Windows) and binary data must be stored in a BLOB so only one of two fields ("value" or "encrypted_value") will have data with the other being empty. Both values, however, need to be read & written when accessing a cookie because they are marked "non null").
There are several decryption tools on overflow:
* For Windows: Encrypted cookies in Chrome
* For Linux and OS X: Decrypt Chrome Linux BLOB encrypted cookies in Python; Decrypting Chromium cookies
There is also "Current Session" file, protected when Chrome is running with 0x534e5353 0x01 (SNSS\0x01) magic. Some info about format is here: https://github.com/JRBANCEL/Chromagnon/wiki/Reverse-Engineering-SNSS-Format (source - chrome/browser/sessions/session_command.h)
Related Topics
How to Use Webpack to Generate CSS and Js Separately
Bootstrap Modal: Background Jumps to Top on Toggle
Flex Items Not Shrinking When Window Gets Smaller
Jquery: How to Check If the Element Has Certain CSS Class/Style
How to Refresh the Screen on Browser Resize
Generate Dynamic CSS Based on Variables Angular
Can Jquery Change CSS Style Definition? (Not Individual CSS of Each Element)
How to Change Fontsize by JavaScript
How to Get Just Numeric Part of CSS Property with Jquery
What Chars Needs Escaping in Queryselector
Add Inline Style Using JavaScript
Jquery in Chrome Returns "Block" Instead of "Inline"
How to Preserve Aspect Ratio When Scaling Image Using One (Css) Dimension in IE6
How to Deep Clone in JavaScript
How to Check If CSS Value Is Supported by the Browser
Chained Promises Not Passing on Rejection
What Is the JavaScript ≫≫≫ Operator and How to Use It