I’m looking at browser.browsingData and trying to figure out if active sessions (active logins) can be removed somehow. Similar to clearing cookies or download history can…
Hi @hinko.kocevar and welcome to the community
To maintain a session there needs to be some kind of token to be exchanged. Since this token has to be saved somewhere I think clearing cookies and localStorage should work to clear active sessions. I’m not an extension developer and therefore not sure if browsingData.removeLocalStorage()
also clears the sessionStorage. (Another place where a login token could be saved).
I’ll move this topic to the “Add-ons Development” category since there are far more experienced people regarding Add-ons.
Have a nice day,
Michael
PS: Your email address is visible in your post. I think it somehow ended up in the optional “name” field of your profile. I recommend removing it.
Thanks Michael!
Here is what I’m facing and what I’m trying to do
https://support.mozilla.org/en-US/questions/1372505#answer-1493408
Ahh, we are talking about “basic authentication”.
I guess that would be browsingData.removePasswords()
. That’s the one thing making the most sense when comparing the browsingData
methods with the options in the “Clear History” dialog.
If nobody more knowledgeable than me will answer, I think your best bet is to test those methods in your extension. Make sure to test on a new Firefox profile to not accidentally delete other stuff.
After some more debugging I narrowed down the necessary checkboxes that need to be selected in the ‘Clear all history’ dialog for me to get logged out:
- Active logins
- Cookies
(clearing the history for only or the other does not do the job)
I presume that the extension equivalent JS would then be:
browser.browsingData.removePasswords({}).then(onRemoved, onError);
browser.browsingData.removeCookies({}).then(onRemoved, onError);
The login does not seem to be cleared if I use these lines in my extension; I’m still logged in as soon as I reopen the web page.
Looking at the ext-browsingData.js
of the FF sources it seems that the clean up of the active logins is not implemented through any of the current extension interfaces.
So I added:
const clearSessions = options => {
// copied flags from Sanitizer.jsm
return clearData(options, Ci.nsIClearDataService.CLEAR_AUTH_TOKENS |
Ci.nsIClearDataService.CLEAR_AUTH_CACHE);
};
Then I hacked the handleRemoval()
to call clearSessions()
when extension requested cleaning of the ‘cache’ (I could not introduce a new handler to avoid hijacking existing one for some reason…).
Now when I call browser.browsingData.remove({since}, dataTypes).then(notify);
with dataTypes being ‘cache’ and ‘cookies’ I get logged out as expected.
This is the error I keep getting if I want to pass ‘sessions’ to the browsingData.remove():
JavaScript error: moz-extension://fed9f9d6-770f-4ace-a30e-6896cda4ec5d/background.js, line 81: Error: Type error for parameter dataToRemove (Unexpected property "sessions") for browsingData.remove.
I guess I need to change some other file to add support for new dataType being passed or something?!
[EDIT]
Editing browsing_data.json
and adding support for ‘sessions’ in the right places solves the above problem…