[Bug] Logging out of some Progressive Web Apps (PWA) on desktop (chromium)

[LiftedStarfish]

Acknowledgements

• [X] I acknowledge that I have read the above items

Describe the bug

Whenever I use the YouTube, Twitter, or Mastodon PWA on desktop, some of the cookies get deleted, even if I sign in immediately after starting the app. Whenever I log in from the PWA, less than a minute (immediately after, in the case of YouTube apps), the cookies get deleted, and I need to log in again. The only way to prevent this is to leave the webpage for the app open in a browser tab, making the app itself pointless. This is on the Brave Browser.

To Reproduce

1. Go to any non-whitelisted website with a PWA feature.
2. Install the PWA.
3. Ensure that you have no open browser tabs for the website of the PWA that you just installed.
4. Open the PWA that you just installed.
5. Log in.
6. Go to the home page.
7. Wait.

Expected Behavior

That, when I log into a PWA, I will stay logged in until I log out or close the PWA.

Screenshots

No response

System Info - Operating System (OS)

Manjaro KDE Edition (Kernel 5.16)

System Info - Browser Info

Brave v1.36.105

System Info - CookieAutoDelete Version

3.6.0

Additional Context

While I've not tested this in other browsers, I don't see why this issue wouldn't persist on other chromium based browsers.

This only happens for some apps. This is not an issue for Reddit, but as mentioned before, is an issue that I've had with YouTube's Apps, as well as those for Mastodon.online, Twitter, and Odysee. I can get Odysee to stay logged in by greylisting its 'auth_token', but that's a bandaid, not a real solution. I'd like to be able to go back to not having to do that.

It also still keeps some of the app's cookies until I close it, but it gets rid of the ones that keep me logged in, even if I don't close it.

[kennethtran93]

I'll try to replicate this later in Google Chrome.

In the meantime, do you have the 'clean on domain change' enabled? If so, what is your cleanup delay?

Keep in mind that when trying to log into YouTube, you are redirected to 'accounts.google.com' to sign in. Thus, if a cleanup was to occur during this login phase (or any third-party/external redirect login via Google/Apple/etc), there would be no 'tabs' open with 'youtube.com' domain, so any cookies/data from youtube.com would be removed unless you have existing whitelist or greylist set for both accounts.google.com and youtube.com. Consequently, if the PWA site requires a cookie stored on a different domain, you would need to whitelist or greylist it otherwise it would get removed on next cleanup.

In my quick research, the PWA apps would still show up as a 'tab' in our tab queries. On chrome, there is no 'containers' like firefox has - all cookies are in the same container even if they are in PWA (please do correct me if I'm wrong here). We also don't differentiate between different browser windows - our tab query simply returns all tabs in all windows.

[LiftedStarfish]

For settings, the only ones that I have disabled are "Enable Cleanup for Discarded/Unloaded Tabs", "Keep Default Icons on all types", "Enable Popup when New Version is Released", and "Enable Debug Mode"

5 seconds before automatic cleaning 3 seconds Duration for Notifications 16 Size of popup (in px) 16 Size of Settings Page (in px)

So, I've done a bit of testing. It turns out that I had some greylisted cookies for *.accounts.google.com, but deleting the expression has not affected YouTube's behavior.

I have no rules for Twitter or Mastodon, and never have.

[LiftedStarfish]

New information. If I log into Reddit on the PWA, it will stay logged in. If I am logged in, and I also have Reddit open in a browser tab though, and then I close that browser tab with the Reddit PWA still open, CAD deletes the cookies anyway, and I need to log back in.