On 9/12/2016 6:22 PM, Paul B. Gallagher wrote: > David E. Ross wrote: > >> On 9/12/2016 2:16 PM, Paul B. Gallagher wrote: >>> But if cookies.sqlite is marked "read-only," how can a site set a >>> cookie, even if it's an approved site? I mean, the definition of "set a >>> cookie" includes "modify cookies.sqlite," does it not? Confusinger and >>> confusinger... >>> >>> Do bank sites really work with stale cookies from previous visits? >>> Sounds like a great way for hackers to impersonate you -- just spoof >>> your cookie from a previous session. >> >> Two profiles, each with its own file named cookies.sqlite: >> >> (1) Profile for general Web surfing -- The file cookies.sqlite is >> marked "read only". When a Web server sends a cookie along with the >> HTML of a Web page, that cookie sits in the the browser's (SeaMonkey or >> Firefox) memory. It does not get written to the on-disc file until >> either the memory space for cookies is filled or (more likely) the >> browser is terminated. > > Aha! I didn't realize SM could hold cookies in memory without writing > them to disk and still have them work. > > I'm still not clear on how they can be written to a read-only file under > any conditions (e.g., "when the cookie memory space is filled or the > browser is terminated"). AFAIK, "read-only" means "read-only." >
That is correct. For the "read only" cookies.sqlite file, cookies are NOT written or even updated (although SeaMonkey might attempt a write operation). And when they expire, I have to change the file to "read-write" and use the old Cookie Manager to delete them manually. -- Donald Trump claims everyone likes him. Does that include his ex-wives? How about the students who discovered that their education at Trump University was worthless? And how about the contractors, suppliers, and employees he stiffed in his several bankruptcies? _______________________________________________ support-seamonkey mailing list [email protected] https://lists.mozilla.org/listinfo/support-seamonkey
