Reputation: 20591
Why cookies dont expire after closing browser?
In books and tutorials related with Web-programming written that cookies expire when user close browser. So I cant understand why after closing browser(Opera) I can see the list of my cookies in "Parameters" window. And how sites (for example Facebook) identifier users after closing browser (session cookies must expire according to books and tutorials)?
Upvotes: 16
Views: 56164
Answers (10)
Reputation: 2868
Nowadays browsers don´t close when closing all user visiable windows. For performance optimization browsers keep running in the background or have some sort of invisible webview2 process (Microsoft Internet Explorer and lately MS Teams) that keep on running and thus do not hit the constrained to remove (session) cookies.
This is advantagous as it prevents multiple logon prompts. However it also renders the meaning of session cookies to something that normal users no longer can understand.
To end a session use a private window, logoff/logon, or reboot you workstation.
In a way session cookies no longer seem to be discarded when a user closes all tabs or windows for a specific site.
Upvotes: 0
Reputation: 458
It might be because of your browser settings if you're using Chrome or Firefox, so if you've configured your browser to "Continue where you left off" at startup, it won't delete those session cookies, this is the same in Firefox as well.
I actually took this answer from this question (which I couldn't find by google search, because it's specific to PHP, but I accidentally found it on google images!)
Upvotes: 0
Reputation: 4601
I hear you Brother. Sad but the cold reality is ... Closing a browser does not mean closing a browser.
Closing a browser here means killing the process behind that browser brand along with ALL INSTANCES.
For that to happen, one of the following things must take place:
1) You either reboot down your computer
2) or you or your users long Press on the browser's icon on the system tray and then select QUIT OR CLOSE ALL WINDOWS options (depending on whether you're on a mac or on windows)
Practically speaking, I know this is not what you wanted to see and find out as the crux of the matter but it is what it is.
Even if there is no visible instances of the browser, the big boy is still in the memory and unless you FORCE QUIT that process, your cookie is still in the session.
This should not have been designed this way. Closing all instances should have been enough.
Upvotes: 1
Reputation: 5023
There are two major kinds of cookies. Session and Persistent cookies.
Session cookies are usually removed when you close the browser. Session cookies are usually used for keeping track of login information, shopping carts etc.
Persistent cookies are also called tracking cookies. They are often used by advertisers to track what ads you have already watched. It is also used for some web pages to remember information about you, such as automatic login and auto-filling forms with commonly used details (such as your login name). Persistent cookies are removed when max age or expiration date have been reached.
More information regarding different cookie types can be found on Wikipedia - HTTP cookie.
Upvotes: 10
Reputation:
In some cases, it may appear that cookies are not expiring after closing the browser because, in fact, not all browser instances are closed.
There are a number of situations in which a browser session may be still running in the background, after it appears to have been closed.
A browser crash in IE, could leave a hidden session open. In Google Chrome, some extensions use "hidden pages" that persist after closing the browser. On Mac, inexperienced users may think they have closed the browser by clicking X, but they neglect to click Safari > Quit Safar or Command-Q.
This is especially concerning when using cookies for login purposes. This has become an issue for us with Sharepoint 2013 and ADFS. Hope this helps!
Upvotes: 4
Reputation: 1
Its because the cookies are set with expiry time. It will not expire until the specified time whether the browser closed or not.
Upvotes: 0
Reputation: 1578
To complete the answer:
Sites identify users after closing the browser by using either
- persistent cookies
- flash cookies (LSOs)
- ETags (http 1.1)
Upvotes: 1
Reputation: 37070
Every cookie have an expiry time ,if you have not set a particular value , it will accept the default value .A cookie will expire only after this expiry time , no matter whether you are closing browser or not . You can kill a cookie by setting negative value to as expiry time
In php you have a good tutorial here http://php.net/manual/en/function.setcookie.php
Upvotes: 0
Reputation: 692181
Cookies are of two different types:
- session cookies, held in memory, and which expire once the browser exits
- persistent cookies, which have a time-to-live, are persisted on disk, and are sent by the browser until their time-to-live has elapsed.
Read http://en.wikipedia.org/wiki/HTTP_cookie
Upvotes: 33
Reputation: 72930
Yes, session cookies expire at the end of the session - but this is not the only type of cookie. A cookie can have an expiration date set giving it a longer lifetime - a "persistent" cookie.
Upvotes: 5
Related Questions
- Why do sessions expire after closing the browser window?
- cookie expiry time not set to destroy after each browser close but it is not working
- Cookies - date expires doesn't work, when the browser is closed the cookies are cleared
- Why cookie expired after closing webpage?
- Cookie doesn't expire when closing browser
- Why is the session not expiring on browser close when session.cookie_lifetime=0?
- Having session cookies expire when the browser closes but still sent to server
- Issue with cookie, cookie is lost after closing browser
- Why my cookie is lost when the browser is closed? (Expires set by javascript)
- Cookies get cleared on closing browser window in IE