SSL Labs ScoreSecurityHeaders.io Score

Log in to participate

There is no cost to join RicheyWeb, and membership is a requirement to submit bug reports and participate in the support forums.

× EU e-Privacy Directive needs your help!

A free extension like this survives only by reputation. You can help by submitting a review in the Joomla Extension Directory. Please take the time to make a review by clicking on the link below (opens in a new window)

extensions.joomla.org/write-review/review/add?extension_id=4850

Cookie not deleted

More
4 months 1 week ago #1820 by Hamsa
Hamsa created the topic: Cookie not deleted
Hello,

I´m trying around about how cookies are deleted after the user has altered his opinion and uses the Button "Delete cookies".
On my site neubrunnen-praxis.de there are 2 Session-Cookies and one plg_system_eprivacy cookie after enabling cookies.
When I use the "Delete Cookies" Button these cookies are stil visible in development tools of Firefox and not deleted. Thats odd or perhaps I misunderstood the concept.
I tried the setting of Joomla-DomainCookie with no luck, maybe I got it wrong. One test locked me out of the backend and I had to fix the problem in the configuration.php. My site uses SSL and I let joomla force https. Maybe there is something to consider in this case? At the moment DomainCookie is left blank.
Is that behaviour regular or should the Cookies be deleted?

Have a nice day
Sven

Please Log in or Create an account to join the conversation.

More
4 months 1 week ago #1823 by michael
michael replied the topic: Cookie not deleted
You need to set your cookie domain in global configuration to ",neubrunnen-praxis.de" Notice the leading "."

Please Log in or Create an account to join the conversation.

More
4 months 1 week ago #1844 by Hamsa
Hamsa replied the topic: Cookie not deleted
Thanks - and did it. ".neubrunnen-praxis.de" is placed in Domain Cookie in global config - with leading dot.

Still there is a strange behaviour.
If I start browsing the site the first time the entrance question is coming with all the links to the e-privacy documents. Case no - nothing happens. Case yes - session cookie should be placed on local machine.
Note: I have accepted cookies until firefox ends and java script enabled in global settings of firefox.

OK, I decide to deny cookies, I browse to a subpage of the site and a cookie is placed on the local machine. This is a joomla session cookie. This is in my opinion not allowed. Although the full functionality is not available like in the contact page (neubrunnen-praxis.de/kontakt2). I reconsider cookies and allow them, still the joomla session cookie is on local machine and the plg_system_privacy cookie is added. Now I expect full functionality, but in contact page the captcha is not working. Its a form which is generated with flexicontact (extensions.joomla.org/extension/flexi-contact/). I need to fill text into the boxes and make a fake send process and then it seems that the flexicontact module is generating something new and then the captcha turns into working. Still the two cookies. Very strange.Technique is sometimes funny to look at :-)
If I reconsider cookies and want to delete them, the plg_system_privacy cookie is removed, but the joomla session cookie is still in place.

If I do the same process with your site the session cookie and the plg_system_privacy cookie are deleted.

Any chance of sorting that out?
Do you have experience with that contact form behaviour or the other way round do you know which contact module is working in an expected way with your plugin? Or is this more a joomla typical behaviour and I have to dig deeper into joomla bugs?
Note: I use the very latest releases, joomla 3.8.8, php 7.1.10, mysql 5.6.19, apache 2.4.29, flexicontact 12.0, e-privacy 3.9.1, at the moment Domain Cookie is set according to your recommendation


.

Please Log in or Create an account to join the conversation.

More
4 months 1 week ago #1847 by michael
michael replied the topic: Cookie not deleted
That's interesting....

Try also setting the cookie path to "/"

Please Log in or Create an account to join the conversation.

More
4 months 1 week ago #1849 by Hamsa
Hamsa replied the topic: Cookie not deleted
OK - did it.
Starting babyfresh firefox and browsing to neubrunnen-praxis.de

Result:
Startpage displays entrance message - no cookies stored - I deny cookies and plugin turns to display to reconsider cookies - no cookies stored (expected behaviour)
still no cookies allowed and browsing subpage e.g. contact - no cookies are stored - flexicontact not working (expected behaviour)

then I accept cookies (via reconsider and entrance message) and again browsing around
still no cookies are stored, contact is still not working (this is not expected)

a 2nd try via reconsider and accept cookies doesn´t change the result

you can check it; setting is still "/" for domaincookie

cheers
Sven

Please Log in or Create an account to join the conversation.

More
4 months 1 week ago #1851 by Hamsa
Hamsa replied the topic: Cookie not deleted
Michael,

I changed to test.neubrunnen-praxis.de and set the Cookie-Domain to .test.neubrunnen-praxis.de
It´s better to use test environment instead of production. Identical stuff I made it with Akeeba Restore, so everything is the same, except SSL which is not activated here.

The Cookie-Domain in production is now set to .neubrunnen-praxis.de

Any ideas in the meanwhile?

Please Log in or Create an account to join the conversation.

  • Not Allowed: to create new topic.
  • Not Allowed: to reply.
  • Not Allowed: to add attachements.
  • Not Allowed: to edit your message.
Kunena Forum