Ant wrote:
On 3/7/2013 3:31 PM PT, Paul B. Gallagher typed:
I just noticed secured webmails are restored with logged in (assuming
not logged off/out) if my Mozilla's Gecko-based web browsers (SeaMonkey
v2.16 and Firefox v19.0 in Windows [XP Pro. SP3, and 64-bit Vista HPE
SP2 and W7 EE SP1) is restarted with sessions saved.
Is this by design? Thank you in advance. :)
If the session restore feature also restores your cookies, it's
reasonable to think the site would read the cookie and think you're
logged in.
Even if I did not tell the web site not to always be logged in?
Well, I suppose if you restored a cookie that had expired, it should
fail. Telling a site to be "always logged in" amounts to telling it to
set a long-lived cookie; some sites will do that without being told. But
the site doesn't have complete control over what happens on your
computer -- if you wipe out the cookie, that effectively logs you out.
By the same token, if you close your browser without wiping the cookie
and then relaunch it later with the cookie intact and unexpired (or
restore the session with the cookie intact and unexpired), the website
can't tell the difference and treats you as logged in.
--
War doesn't determine who's right, just who's left.
--
Paul B. Gallagher
_______________________________________________
support-seamonkey mailing list
[email protected]
https://lists.mozilla.org/listinfo/support-seamonkey
