搜尋 Mozilla 技術支援網站

防止技術支援詐騙。我們絕對不會要求您撥打電話或發送簡訊,或是提供個人資訊。請用「回報濫用」功能回報可疑的行為。

了解更多

How to ensure Privacy Settings are honored...or is there a cached web content loophole?

  • 2 回覆
  • 1 有這個問題
  • 1 次檢視
  • 最近回覆由 cor-el

more options

I've noticed that searches retain information about my previous searches after I close the browser; 'Delete cookies and site data when Firefox is closed' setting is selected. My tests seem to point to a security loophole with Cached Web Content.

Question: how can I ensure privacy settings are honored, or, if there is a loophole, how can I get Firefox to also clear Cached Web Content on close?

In my repeated test cases, I used bing to search for '5/8 irrigation kit', then closed the browser and reopened. Cookies and site data show 0 bytes (see attached images), Cached Web Content show something greater than 0.

Next, I go to bing.com/news, scroll through stories, and see an advert for an irrigation kit as one of the sponsored adverts.

As a further test after the original search, I try the following to see if I was being track another way, with the same resulting sponsored advert showing:

  • Restarted laptop
  • Restarted ONT (to get a new IP) and wifi

The following 2 scenarios seemed to resolve the issue after the original search and seeing the same resulting sponsored advert:

  • Turned on VPN
  • Cleared Cached Web Content

Clearing Cached Web Content seems to be the solution, and a possible privacy loophole. Cached Web Content is not part of the auto-delete-at-close feature.

Oddly, I haven't been able to consistently replicate the above starting with the VPN on and having it on through the tests. It sometimes shows the same resulting sponsored advert, and sometimes not.

I tried to replicate this with Safari. It's auto-delete feature at close and similar privacy setting seems to work according to what I would expect with the same test scenario; which is, no previous search-informed sponsored advert.

Details:

  • Firefox 76.0.1 (64-bit)
  • Firefox privacy settings shown in attached images
  • MacBook Air 2019
  • macOS Catalina Version 10.15.4
  • Verizon Fios
I've noticed that searches retain information about my previous searches after I close the browser; 'Delete cookies and site data when Firefox is closed' setting is selected. My tests seem to point to a security loophole with Cached Web Content. Question: how can I ensure privacy settings are honored, or, if there is a loophole, how can I get Firefox to also clear Cached Web Content on close? In my repeated test cases, I used bing to search for '5/8 irrigation kit', then closed the browser and reopened. Cookies and site data show 0 bytes (see attached images), Cached Web Content show something greater than 0. Next, I go to bing.com/news, scroll through stories, and see an advert for an irrigation kit as one of the sponsored adverts. As a further test after the original search, I try the following to see if I was being track another way, with the same resulting sponsored advert showing: * Restarted laptop * Restarted ONT (to get a new IP) and wifi The following 2 scenarios seemed to resolve the issue after the original search and seeing the same resulting sponsored advert: * Turned on VPN * Cleared Cached Web Content Clearing Cached Web Content seems to be the solution, and a possible privacy loophole. Cached Web Content is not part of the auto-delete-at-close feature. Oddly, I haven't been able to consistently replicate the above starting with the VPN on and having it on through the tests. It sometimes shows the same resulting sponsored advert, and sometimes not. I tried to replicate this with Safari. It's auto-delete feature at close and similar privacy setting seems to work according to what I would expect with the same test scenario; which is, no previous search-informed sponsored advert. Details: * Firefox 76.0.1 (64-bit) * Firefox privacy settings shown in attached images * MacBook Air 2019 * macOS Catalina Version 10.15.4 * Verizon Fios
附加的畫面擷圖

所有回覆 (2)

more options

You can clear other data via "Clear history when Firefox closes".

"Delete cookies and site data when Firefox is closed" should be used to clear cookies if you want to keep cookies with an allow exception because using "Clear history when Firefox closes" to clear cookies removes all cookies.

more options

The second screenshot suggests that you use permanent Private Browsing mode (Always use Private Browsing mode; Never Remember History) and that means that you can't remove data that was stored in a regular session.
Data from a PB mode sessions is kept in memory and thus purged automatically, but you can't affect data stored in a regular (non PB) session.