`Clear only cookies and cache on shutdown` also clearing History

[KAGEYAM4]

BEFORE YOU BEGIN

I have attempted the following troubleshooting suggestions:

• [x] The issue persists when using Firefox in Troubleshoot Mode.
• [x] Disabled DNS-level content blocking (AdGuard Home, NextDNS, Control D, RethinkDNS, PiHole, etc), cleared my DNS cache, and used my ISP's DNS resolver (if applicable).
• [x] Cleared website data, restarted Firefox, and my issue persists.
• [x] I have created a new profile. The issue persists when using the current user.js file on GitHub. (Must be in a new profile and a new user.js!)

REPORT

https://github.com/yokoffing/Betterfox/wiki/Optional-Hardening#option-2-clear-only-cookies-and-cache-on-shutdown when using this, history still gets cleared, after checking privacy.clearOnShutdown.history in about:config it is defaulting to true. I checked multiple times by creating new profiles.

To Reproduce

1. Create new profile and Launch it
2. Go in settings and enable open previous window and Tabs
3. Try restarting firefox to make sure the above is working correctly.
4. Apply BetterFox user.js with these options added - https://github.com/yokoffing/Betterfox/wiki/Optional-Hardening#option-2-clear-only-cookies-and-cache-on-shutdown
5. Start Firefox, this time previous tabs will be loaded.
6. Restart Firefox and Previous tabs are lost.

Expected behavior I want to use restore previous session where all my tabs are restored.

• OS: Arch
• Browser: Firefox

• Version: v129

  My User.js settings

user.js

/****************************************************************************
 * START: MY OVERRIDES                                                      *
****************************************************************************/
// visit https://github.com/yokoffing/Betterfox/wiki/Common-Overrides
// visit https://github.com/yokoffing/Betterfox/wiki/Optional-Hardening
// Enter your personal overrides below this line:

// PREF: enable container tabs
user_pref("privacy.userContext.enabled", true);

// PREF: disable Firefox Sync
user_pref("identity.fxaccounts.enabled", false);

// PREF: disable login manager
user_pref("signon.rememberSignons", false);

// PREF: disable address and credit card manager
user_pref("extensions.formautofill.addresses.enabled", false);
user_pref("extensions.formautofill.creditCards.enabled", false);

// PREF: do not allow embedded tweets, Instagram, Reddit, and Tiktok posts
user_pref("urlclassifier.trackingSkipURLs", "");
user_pref("urlclassifier.features.socialtracking.skipURLs", "");

// PREF: enable HTTPS-Only Mode
// Warn me before loading sites that don't support HTTPS
// in both Normal and Private Browsing windows.
user_pref("dom.security.https_only_mode", true);
user_pref("dom.security.https_only_mode_error_page_user_suggestions", true);

// PREF: enforce certificate pinning
// [ERROR] MOZILLA_PKIX_ERROR_KEY_PINNING_FAILURE
// 1 = allow user MiTM (such as your antivirus) (default)
// 2 = strict
user_pref("security.cert_pinning.enforcement_level", 2);

// PREF: delete cookies, cache, and site data on shutdown
user_pref("privacy.sanitize.sanitizeOnShutdown", true);
user_pref("privacy.clearOnShutdown.cache", true);
user_pref("privacy.clearOnShutdown.cookies", true);
user_pref("privacy.clearOnShutdown.offlineApps", true);

// PREF: enforce DNS-over-HTTPS (DoH)
user_pref("network.trr.mode", 3);

// PREF: disable all DRM content
user_pref("media.eme.enabled", false);

// PREF: hide the setting; this also disables the DRM prompt (optional)
user_pref("browser.eme.ui.enabled", false);
/****************************************************************************

[yokoffing]

To make this a bit easier, let's assume that all the about:config prefs that start with privacy.clearOnShutdown and privacy.clearOnShutdown_v2 are reset and in their default state.

In Firefox stable 129: To keep site settings and history, but clear cookies and other site data:

user_pref("privacy.sanitize.sanitizeOnShutdown", true);
user_pref("privacy.clearOnShutdown_v2.historyFormDataAndDownloads", false);

On my personal profile, it looks like I also still have privacy.clearOnShutdown.offlineApps set to true, but I don't know if that pref does anything anymore now that Mozilla has migrated these prefs over to privacy.clearOnShutdown_v2.

---

To clear everything except site settings (including history), a user only needs to enable:

user_pref("privacy.sanitize.sanitizeOnShutdown", true);

The privacy.clearOnShutdown_v2 prefs all default to true except for siteSettings.

---

I can make all of this more apparent when I redo this section of the Optional Hardening guide.

[KAGEYAM4]

user_pref("privacy.sanitize.sanitizeOnShutdown", true); user_pref("privacy.clearOnShutdown_v2.historyFormDataAndDownloads", false);

I will also use this then.

By the way to reset settings, instead of going and usign false, can i just delete prefs.js? Or does it contain others data too.

[yokoffing]

can i just delete prefs.js?

I don't advise that unless it's a brand new profile.

[yokoffing]

I have updated the Optional Hardening explainer: https://github.com/yokoffing/Betterfox/wiki/Optional-Hardening#sanitize-on-close