Is it possible, using the gecko / firefox XPCOM interfaces, to delete or invalidate a user's active session without closing the browser? I am using Gecko embedded (specifically GeckoFX) in an application where it is possible that multiple users might use the browser component across the lifetime of the application.
The application packages web browsing with various other functionality, and when the web browser is 'closed', the app remains open. It seems that as far as the gecko engine is concerned, as the process hasn't closed, the active session is still active. If a user is to log into Gmail or Facebook, for instance, and then close the browser, upon reopening the browser and navigating back to one of those pages, that user is determined to still be logged in. As multiple users can use the application without the application actually exiting, this raises privacy issues.
I have tried calling NS_InitXPCOM2 and NS_ShutdownXPCOM within the constructor / dispose method of the browser control, however NS_InitXPCOM2 cannot be called after NS_ShutdownXPCOM within the lifetime of the process, so this simply crashes.
I have also used the PurgeHistory method of nsISHistory and the evictEntries method of nsICacheService - none of these appear to have an immediate effect within the life of the process.
Does anyone know of any XPCOM interfaces that can achieve this? Alternatively, any pointers in direction of similar functionality, be it through XPCOM interfaces or Firefox extensions would be greatly appreciated (are there any extensions that allow you to clear your current browsing session without reopening the browser? or that provide you a different session between each Firefox window / tab?)
The program is written in C#, however answers in any language are appreciated.
Many thanks