Cookies STILL not cleared on tab/site close

Description of the issue:
Cookies not cleared on tab close.

How can this issue be reproduced?

  1. Add to “Sites that clear cookies when you close them”
  2. Open and click to allow cookies.
  3. Check that cookies have been stored in Brave.
  4. Close tab
  5. Check cookies stored on browser but Google cookies still there.

Expected result:
Twitter (X) cookies should have been deleted.

Brave is up to date
Version 1.58.127 Chromium: 117.0.5938.88 (Official Build) (32-bit)`):

Cookies not cleared on tab close

That worked well in some earlier Brave versons.

Well, you are contradicting yourself, first you say Twitter Cookies, but then you say “Google cookies still there”… Twitter is Twitter and Google is Google!

So your post doesn’t make sense at all.

First, I will explain you how Brave works, so you understand Brave and its defaults.

Brave has a temporary storage called Ephemeral Storage (similar to Total Cookie Protection from Firefox); basically what it does is to isolate all third-party data in a temporary storage, the data is restricted: viewed, accessed or/and read to the domain that created it, and once you close that site, the data will be removed after like 30 seconds.

Brave is not blocking third-party data even if brave://settings/cookies is set to Block third-party cookies, it is isolated, and there is no way for you to have third party data in the Persistent Storage, unless you are allowing the cookies or you individually add domains to allow them or you logged to twitter through Google.
But in the case of logging to Twitter through Google, you would have to have probably Allow Google login for extensions enabled in brave://settings/extensions, which will whitelist Google account cookies, so they are read as 1p and 3p.

But you have to understand an important thing, Ephemeral Storage NEVER touches Persistent Storage, they are different and never see or touch each other, they live in two separated places in the browser, so whatever data that is in Persistent Storage gets ignored and/or never read.
It’s like when you block all cookies, it will not get written or read anywhere, but when you ‘block third party cookies’, data will get created, but isolated where site will be able to access it, only the site that created it, and once you close the site, it is gone forever.

I explained this, because Ephemeral Storage is Sites that clear cookies when you close them, but for first-party data.

So everything I explained applies to it, but for first party data. It NEVER touched Persistent Storage and data gets written somewhere else and removed when you close the site.

Currently it is 30 seconds, but you can make Ephemeral Storage to clear immediately by disabling brave://flags/#brave-ephemeral-storage-keep-alive

I hope you understand it that.

That means, unless you allow cookies, nothing should get written to persistent storage, so you shouldn’t see new data being written in Brave Persistent Storage = brave://settings/content/all, and you shouldn’t see existing data getting removed from it either, because it will live in the isolated and removed on site close.

If you want Brave to remove Persistent Storage data from Brave, you can use Forgetful Browsing, that works the same 30 seconds after you close the website, data gets removed, so you will see changes in brave://settings/content/all

In Chromium 117, there is a little problem with brave://settings/content/all though, for example, there is data showing that says 100 B on it, like if you go to a website, and that website has a Youtube video embedded, it will show Youtube 100 B.

People think information is getting leaked and not blocked by Brave. but it is like a bug, not exactly a bug but it’s a misbehavior with brave://settings/content/all page.
The thing is Chromium removed that page, and Brave added it back, so Chromium 117 having a new data seems to be showing on that page unintentionally,

But they are not cookies or anything, the 100 B is from a file called MediaDeviceSalts, and any frame that needs access to some media device will write a salted information in a file, then Brave will display that, but it doesn’t make sense, but still it appears on brave://settings/content/all as any other data.

So if you mean that, don’t worry, it’s nothing, and you can’t do much about it, it is actually a good thing, for example, a Brave developer says:

Any frame that access a media device will trigger an implicit store of random data into MediaDeviceSaltDatabase . This data is not accessible by the frame, but is used as a randomized salt to farble media device id per origin, which is a good thing.

So what Brave has to do is to remove it from showing in content/all page and done.

I must say that it seems like you have a wrong idea how Browsers handle Cookies and other data, because Browsers won’t just remove data from other sites only because you are ‘clearing data’, they are used in a complete different site.

Forgetful browsing which deletes Persistent Storage data (you might want to use it instead of ‘clear on site close’) and Sites that clear cookies when you close them, are features to remove FIRST PARTY data, not 3p.
Of course mixing the fact that Brave by default doesn’t write 3p data to the Persistent Storage, you shouldn’t see anything besides the 100 B ‘bug’.

Not even Devtools is able to clear 3p data like that, even if it has a checkbox to clear data called including third party cookies, which makes you think it could do that, well, it only clears 1p data as well.
Of course, you can remove other data manually/per domain, but not like a push of a button and removes all 1p and 3p and clears everything, so thinking 1p data clearing features will remove 3p data unrestrictedly, well, not really.

But since you are isolating stuff in the Ephemeral Storage which will never touch Persistent Storage, well, it also makes Brave impossible to do what you think it should do.

So whatever you are talking about, well it is meant to be, for example Brave by default has Allow Google login for extensions turned on, which will allow cookies, since they are necessary if you use Google services. If it only says 100 B you know it is not something related to data and just some visual bug.
But even with that, Brave with Sites that clear cookies when you close them is not supposed to clear anything in Persistent Storage.

Like I said, you might want to use Forgetful Browsing as well, can be done per domain, not just globally, but it will clear Persistent Storage and can even clear the MediaDeviceSalt information just remember, it only clears 1p. It will not clear the 3p.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.