I don’t think this is a problem, it’s just something that makes me curious. I turned on “Clear cookies and site data when you close all windows” and it seems like a great idea. At first it was a pain having no cached authentication to anything, but I use a password vault so all I really need is to enter one password on each new session.

However, one service that seems to evade this feature is Gmail. Gmail not only knows who I am, but it keeps me authenticated across sessions. How is this happening?

Which all data do you clear on exit>>
I don’t see any settings other than a switch to turn on “Clear cookies and site data when you close all windows”. And regardless, that’s the only setting I’ve changed.

Have you given Gmail any specific permissions>>
No. Everything is out of the box. I haven’t done anything special other than add my Gmail url as a tab on startup.

Does Brave continue running background apps when closed>>
I checked and that setting was indeed turned on. I turned it off, closed everything and reopened - same behavior. So I restarted the machine and tried again, still same behavior.

do you have a Gmail extension installed>>
No, no Gmail extension installed.

Or a password extension that has permission to automatically sign into Gmail?>>
I have the LastPass extension installed, however when the browser starts (now that the clear all cookies on exit is set) I have to authenticate to it before it can do anything. The start up tab has already loaded and logged in before I even touch LastPass. But regardless of all that, even if I was authenticated to LastPass, none of my accounts have the auto-login set.

Oddly, none of the checkboxes are checked on the On Exit tab. This seems odd since every site that I’ve encountered (aside from Gmail), loses it’s knowledge of me whenever I close the browser (including my password manager). Per these settings, it would seem like nothing would get cleared.

So I guess I can start checking some boxes, but it would only be for Gmail since no other sites seem to need them?

I checked both passwords and cookies and one of them did the trick with Gmail.

But I think what happened is, the only thing that was actually getting cleared was my authentication to the LastPass extension. Every site (but apparently Gmail), I specifically do not choose to have the browser remember any login info. But maybe with Gmail I either did or it does anyway - bottomline is I don’t think anything was getting deleted before other than LastPass.

Thanks for the pointers!

@mbostleman,
If you try this again (where clear everything is enabled) and then restart the browser but do not visit gmail again, what do you see when you go to brave://settings/cookies/detail?site=mail.google.com&search=content+settings?