Cookies for Gitlab on-prem instance deleted upon quitting... Ideas?

Description of the issue: In my Brave Beta work profile one site is behaving weird. Out of desperation I open a thread here, since I tried a lot (and wasted a lot of time) trying to solve it.

It’s our company’s on-prem instance of Gitlab. When I quit the browser (all windows), the remember_user_token for our gitlab instance is gone, so I have to log in again. The cookie is created correctly and has the correct Expiry / Max-Age value.

The session time out works fine on other gitlab instances, for example gitlab.com. It works also in other browsers, in a fresh Brave profile. I have tried to reset all cookies for all sites, all Brave Shield settings, custom settings using the “Delete browsing data” dialogue.

Is there anything I could try to repair this? Like I said it works in a clean profile but tbh I would like to avoid setting up a new browser profile just because one site misbehaves.

How can this issue be reproduced? No idea. I’m using Brave Sync and have a couple of devices in there.

Brave Version( check About Brave):
Version 1.72.94 Chromium: 131.0.6778.14 (Official Build) beta (64-bit)

Additional Information:

Is, “so I have to log in again” the “misbehaving?” IOW, that is the issue?


In a Brave Browser New Window, go to:

brave://settings/clearBrowserData

Select the Advanced tab

Set Time range to “All time”

ENABLE everything except:

  • Passwords and other sign-in data

(Myself, I would NOT make that exception)
(because I would have a backup prepared.)
(In other words, be prepared.)

Click on the “Clear data” button

Let us say that your website of interest, is:

https://www.website_of_interest.com

In a Brave Browser New Window, go to:

brave://settings/cookies

Scroll down that settings page, to Sites that can always use cookies

Click the Add button

Enter [*.]website_of_interest.com as the site . . . but do not Enable the following:

  • Current Private session only
  • Including third-party cookies on this site

Click the Add button

Next, go to:

brave://settings/content/javascript

Scroll down that javascript settings page to Allowed to use javascript

Click the Add button

Enter [*.]website_of_interest.com as the site . . . but do not Enable the following:

  • Current Private session only

Click the Add button

Restart the browser.

Next, in a Brave Browser New Window go to:

brave://settings/cookies

In order to attempt to remain logged in to a website, you need to adjust cookies settings so you do not lose a cookie that the website needs to see - stored by your Internet browser.

Yet, the website will very likely run through some steps to verify that your Internet browser is the correct storage for the cookie, stored.

So, you might have the correct cookie stored, but still, the website may suspect something.

IOW, being able to maintain a login status, is not a given nor guarantee . . . anymore, now days.

That said, do NOT enable:

“Clear cookies and site data when you close all windows”

" Always clear cookies when windows are closed"

Where you find those or very similarly-worded descriptions for switches to Enable/Disable.

And probably you ought not use the Private Browsing mode, because closing/quitting Brave Browser, is going to flush the cookies.

Be sure to double-check the settings for each tab at:

brave://settings/clearBrowserData