problems with new cookie session store and firefox

I run Rails 2.0.2 and use the new cookie based session store.

My users get authenticated against a mysql database. When the credentials
are ok I set session[:userid].

I use session[:userid] for example to track the user and in all
controller actions .... find(:all, :conditions => [bla.user_id = session[:userid] ....

Let's say a logged in user does not click on the Logout button but closes
the browser window with CTRL-Q or something like that....

Then I open firefox again and I'am still logged in....looking in Firefox's
cookie store I still see the cookie.

In Safari I do not have this problem....

Can someone confirm this?

PS: MacOSX Leopard, Firefox 2.0.0.11

I just told firefox to start up with a blank page - I always told him to
reopen all pages. No the problems seems to be away. :slight_smile:

Firefox has customizable preferences for what goes away when you close
the browser. Have a look at Preferences -> Privacy -> Settings ->
Authenticated Sessions to see if yours is behaving like you're
expecting it to.

I know these settings and I played with them.

When the clicks on "log off" I do a "reset_session"....shouldn't the cookie
be deleted in firefox?

As described above the problem does not occur in safari-

I know these settings and I played with them.

When the clicks on "log off" I do a "reset_session"....shouldn't the
cookie
be deleted in firefox?

Yes, but it won't really be gone until the next request. Are you
redirecting after the reset_session ?

As described above the problem does not occur in safari-

I just tested this one app I have open and I don't notice any
differences with reset_session between Safari and Firefox. I have to
think something is up with your Firefox.

I know these settings and I played with them.

When the clicks on "log off" I do a "reset_session"....shouldn't the
cookie
be deleted in firefox?

Yes, but it won't really be gone until the next request. Are you
redirecting after the reset_session ?

Yes, I make a redirect_to to the home page and render a partial
with information concerning the successfull log out.

As described above the problem does not occur in safari-

I just tested this one app I have open and I don't notice any
differences with reset_session between Safari and Firefox. I have to
think something is up with your Firefox.

I will try to figure it out next few days...
Thanx.