I understand Ghost (self hosted) sets no persistent cookies, but what about session cookies? I read a post just now, whilst I was doing a search before posting. It said Ghost’s session cookies last up to 6 months? Surely this is a persistent cookie and not a session cookie. Session cookies have no expiration date, that’s why they’re deleted when the browser closes. So, is it a session cookie or is it a persistent cookie? Because it can’t be both.
Session has 2 meanings - browsing session and application session. From my understanding, Ghost’s session cookies are application cookies that are strictly required for the functionality of the site.
What made you think Ghost sets no persistent cookies?
It’s not so much there’s multiple types of session cookies, it’s that the term “session” can be used in multiple contexts
As you mentioned, if the cookie exists after restarting the browser, it’s a persistent cookie; the cookies Ghost uses for member and staff auth are persistent