36
  • This would be classified as a privacy feature and is something already implemented in Chromium and Firefox.
  • In a similar way to allowing exceptions to cookie usage, exceptions should be able to be created for not clearing cookies and site data on close.
    • The ability to add exceptions in the website settings menu would be extremely convenient and would be a major UX improvement over other browsers.
  • This functionality provides more convenience over simply disabling cookies and allowing exceptions.
  • Such functionality is recommended by PrivacyGuides.org in their browser hardening guide.

I personally require this feature in any browser and is the primary reason I do not use Safari.

    Merged 2 posts from Clear cookies and site data when you close all windows.

      eirk

      @Vlad I posted this comment, but then it shows me as [deleted] website was glitched, it didn't load at first. Now it's fine.

          16 days later

          Hot off the press: Firefox plans to streamline both of these options together (Delete cookies and site data when Firefox is closed and Clear history when Firefox closes), which probably should've been done a long time ago.

          Source

          • Vlad replied to this.

            yokoffing Can you translate this into a concrete setting in Orion?

                3 months later

                Hi, I'm also looking for this option. See screenshot.

                This is really useful in Firefox. This is the only thing that's missing for me to switch from Firefox to Orion/Kagi.

                This helps for example: when I'm sharing my laptop with someone else, I just need to close the browser and open it up again. History becomes blank, but because of the way I ticked the boxes in the screenshot, my logins/cookies are still there and I don't have to log back in again.

                Another way to do that kind of behaviour would be to manually click "Clear browsing data" every time someone wants to use the laptop, but it feels like the person has something to hide (?).

                Not to mention other use cases, e.g. someone else might be OK with keeping history but want to be logged off all websites on Exit, then s/he would tick "Cookies" and "Active Logins" for example.

                  I am looking for someone to summarize this giant thread in a concrete, minimal ask based on the discussion.

                    13 days later

                    Feature configurable in Settings that allows user to select ON or OFF separately for each of the following action to be done automatically

                    When browser quits:

                    • Delete ALL Browsing History
                    • Delete ALL Download History
                    • Delete ALL Cookies
                    • Delete ALL Cache
                    • Delete ALL Form History
                    • Delete ALL Offline Website Data
                    • Delete ALL Site Settings ("allow microphone", "allow camera", ... that's different from default settings)
                    • Delete ALL Active Logins (it's the HTTP Basic Auth saved user/password, unrelated to cookies)

                    Then, have a button to allow Users to write in text for list of Targeted Sites and list of Exception Sites
                    (ideally a textarea with some instructions, e.g. separate sites by a newline)

                    • If user puts a regexp URI in the Targeted Sites list, then do the above actions only for the sites that match the regexp URI in Targeted Sites
                    • If user puts a regexp URI in the Exception Sites, then do the above actions for everything except for the sites that match the regexp URI in Exception Sites

                    In the case that something matches both lists, honor Exception over Targeted (i.e. do not delete if it's in both Exception and Targeted, as it would be less destructive)

                    Regexp should follow POSIX Extended Regular Expression standard, e.g.

                    *.google.com would match everything under google.com including accounts.google.com, etc
                    *.(facebook|fb).com would match both facebook.com and fb.com

                      6 months later
                      13 days later

                      gcqd I like your approach and it is quite easy to do. However we need help simplifying this.

                          Would be great to be able to configure cookies to be auto deleted on browser close (or on a set timer). Much better alternative than having to manually clear them every morning

                            Why do you clear cookies every morning?

                              It's for privacy reasons. To limit the scope of tracking by advertising companies and just in general to make the web less "creepy".

                              Disabling cookies all together is a bit too harsh for everyday usage, and a lot of websites break in unexpected ways without cookies (and it's too much of a hassle to allow-list them each). So deleting cookies on an interval (or on browser close) is a reasonable trade-off.

                              I've been using https://cookieapp.com for some time to get this behavio (and more) in Safari. Furthermore, I know Google Chrome supports deleting cookies on browser close (https://support.google.com/chrome/answer/95647?hl=en&co=GENIE.Platform=Desktop#zippy=,delete-cookies-after-you-close-chrome)

                              Since Orion is positioning itself as a privacy concious browser, I think it would be good to at least have feature parity with Chrome on this.

                              Would make Orion even greater for at least the way I browse the web 🙂

                              • Vlad replied to this.

                                pato The way Orion is designed, advertising companies do not leave cookies at all, because we block their cookies and javascript by default (with built in ad and tracking blocking). We are being pro-active vs reactive here and we believe this is the superior strategy.

                                • lexi replied to this.

                                    Maybe just use a private window?

                                    I think this could also be used with profiles/containers which are in development. Ephemeral/temporary containers could achieve this.

                                      It's a nonsolution but you can quickly access 'Clear Browsing Data' by shift+command+backspace. It is a click away from clearing all browsing history that way.

                                        Vlad I don't believe that to be a proactive solution — I'd even argue it's a reactive solution. There are countless bad domains and whatever used for tracking, and filter lists/ITP reactively block them. It's, however, impossible to be able to list every bad thing (badness enumeration). Sanitizing on close is a comprehensive solution that systematically solves tracking via cookies. It makes persistent tracking not possible without the use of fingerprinting, which is a whole separate problem.

                                        Don't get me wrong, ad/tracker blocking isn't completely useless, but only if they're used as a helping hand. They shouldn't be considered a primary means of defense because they're inherently flawed.

                                        Sanitizing on close is already a feature of both Firefox and Chromium browsers, and so I think users would expect such a feature in a browser that's "private by design."

                                          Good arguments.

                                          We need entire specification of the feature:

                                          Where is the setting, how does it look, how does it work.

                                          • lexi replied to this.