Browser issue Session does not close with Chrome

I'm certain the developers won't recommend it and you'll have to make a risk-based decision.

developer.mozilla.org

Clear-Site-Data - HTTP | MDN

The Clear-Site-Data header clears browsing data (cookies, storage, cache) associated with the requesting website. It allows web developers to have more control over the data stored by a client browser for their origins.
developer.mozilla.org developer.mozilla.org

The xenforo login.php calls up Clear-Site-Data: "cache" on logout.

My users have multiple accounts, so clearing the local cache on switch isnt great for me anyway (roleplay forum) and became unusable on chrome (with a regular complete clear out of local cache seemingly getting rid of the bug in Chrome but only temporarily)

I decided, based on how my users use the forum that the risk of someone sharing a computer and windows/mac login session and suffering a compromise of confidentiality of cached content was significantly less than the compromise of availability for 30 seconds every time a user switches account. This is based on the context of my site (roleplay site with an account switch Addon and little role-based segregation and private, sensitive content)
 
Last edited:
Hmmm ... seems like we've come up against this now too, after migrating to XF2.1 - Chrome 77.0.3865.90 64bit - so presumably it's just a matter of waiting for the bug to be fixed in Chrome?
 
This is beyond annoying... I'm running Chrome 77.0.3865.90 64 bit too. I didn't know what do do other than to remove the offending line, so I did for Chrome, though still run it for non-Chrome browsers (I tested the following on Edge, Firefox, and Chrome).

I edited /src/XF/Controller/Plugin, function logoutVisitor()

and changed:
$this->clearSiteData();

to:
if (!stristr($_SERVER['HTTP_USER_AGENT'], 'Chrome') or stristr($_SERVER['HTTP_USER_AGENT'], 'Edge')) $this->clearSiteData();

(Edge's useragent includes 'Chrome' in it, so I needed to carve that one out too.).

Now Chrome doesn't hang any more :) At least not until the next XF update.
 
PlayerOne said:
This is beyond annoying... I'm running Chrome 77.0.3865.90 64 bit too. I didn't know what do do other than to remove the offending line, so I did for Chrome, though still run it for non-Chrome browsers (I tested the following on Edge, Firefox, and Chrome).

I edited /src/XF/Controller/Plugin, function logoutVisitor()

and changed:
$this->clearSiteData();

to:
if (!stristr($_SERVER['HTTP_USER_AGENT'], 'Chrome') or stristr($_SERVER['HTTP_USER_AGENT'], 'Edge')) $this->clearSiteData();

(Edge's useragent includes 'Chrome' in it, so I needed to carve that one out too.).

Now Chrome doesn't hang any more :) At least not until the next XF update.
Click to expand...
Yes i want to apply that but How can i clear (pass) the file healt check error on admin cp then?
 
ozzy47 said:
You just ignore the file health check entry on file as you know you edited it.
Click to expand...
It is basically easy way but i'm looking the professional way to clear that error. For example, i edit the hashes.json file after edit some files of any add-on and it pass the file health.
 
Hi there,

i have no Controller/Plugin, just ControllerPlugin but no file with the name "function logoutVisitor()". Any hint where to find this?

Thanks!

PlayerOne said:
This is beyond annoying... I'm running Chrome 77.0.3865.90 64 bit too. I didn't know what do do other than to remove the offending line, so I did for Chrome, though still run it for non-Chrome browsers (I tested the following on Edge, Firefox, and Chrome).

I edited /src/XF/Controller/Plugin, function logoutVisitor()

and changed:
$this->clearSiteData();

to:
if (!stristr($_SERVER['HTTP_USER_AGENT'], 'Chrome') or stristr($_SERVER['HTTP_USER_AGENT'], 'Edge')) $this->clearSiteData();

(Edge's useragent includes 'Chrome' in it, so I needed to carve that one out too.).

Now Chrome doesn't hang any more :) At least not until the next XF update.
Click to expand...
 
Their stance is "this is a browser bug we're not changing anything" I think.

Though the browser bug goes back years I believe.

I've just hacked out the cache clearing from my files.
 
Standing with your arms crossed waiting for Google Chrome to change doesn't help XF site owners and dealing with the users. Google Chrome will win. Fix it please. Google is not going to change for XF.
 
Why should "XenForo" ignore standards to fix Chrome? The patch published earlier could cause unwanted side effects, which would then be attributed to "XenForo". If you do not want to apply the patch above, you should contact Google and tell the problem and ask them to solve the problem. This is the right way.
 

Similar threads

Chromaniac
Duplicate Tags field does not expand to fit more tags
Replies
1
Views
134
Jeremy P
Jeremy P
TimePiloteer
Not a bug "The active user has changed" message when navigating to forums via email notification links
Replies
1
Views
876
Jeremy P
Jeremy P
Kilt
  • Question Question
XF 2.2 Changing a Member's Screen Name: Where Does it NOT Change?
Replies
2
Views
529
AndyB
AndyB
Fullmental
  • Question Question
XF 2.2 Not receiving alerts on a single watched node
Replies
2
Views
605
Fullmental
Fullmental
M
  • Question Question
XF 2.2 Disable automatic link shortening with ellipsis/periods/dots? URLs displayed with dots will be broken when copy-pasted.
Replies
0
Views
471
MaximilianKohler
M
Top Bottom