Sometimes I can leave or log-out of a website, then discover I’m still logged in many minutes later.
As in the following steps:
Log out and/or close browser.
Realize I want to revisit something 5 minutes later.
Re-open website, and discover I’m still logged in.
My assumption is some sort of file is placed on my actual device when I’m logged in, presumably to allow additional windows/pages to “know” my login state. Then when logging out this file is deleted or modified to signal the change. So why the delay? It seems like the website itself must complete this action prior to ending its process.
FTR: I have zero knowledge of web programming and am just guessing at how logins are handled.
There is usually a small text file called a “cookie” stored on your computer. This text file has information such as a long unique number that will be sent to the webserver to identify you as logged in. The webserver will serve you a different looking page depending on whether or not you send such information - for example it might show your name on the top of the page. When you log out, there is a script that will delete this cookie from your computer - or at least part of it.
But there is also what is called a cache, which is data that your browser automatically sets aside when you receive something over the internet. When you are done looking at something it isn’t necessarily deleted right away; there may be a copy in your browser cache. Think of it as a wastebasket where you throw old newspapers. If for some reason you need to look at the same thing a second time, instead of asking the webserver for a new one you can grab your old copy from the cache. Images and fonts do especially well in the cache, so you only have to download them once. Sometimes a webpage is cached while it shows you as logged in, and sometimes that cached page is retrieved after you have logged out.
What you can do in such a situation is a hard refresh. With Chrome or Firefox you can do this with a hotkey: Ctrl+F5
I think the only website on which this happens is Facebook. It’s not even a dark pattern : they’re deliberately lying to you about logging out. They make more money if they can keep tracking you personally as you navigate the rest of the Web : when mittens-r-us dot com displays the blue F or Like button, it’s fetched from a Facebook server, and then Facebook “knows” that you (very personal you) have visited that site and they can add you as a potential ad target for mittens. So they need your FB account to remain active all the time.
Google has the same motivation, of course, but I don’t think they prevent you from logging out of your account. They do control your (Chrome) browser and quietly link it to your Google account, so the possibilities for abuse are certainly there.