W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2010

Re: Past Proposals for HTTP Auth Logout

From: Nicolas Alvarez <nicolas.alvarez@gmail.com>
Date: Thu, 07 Jan 2010 18:41:03 -0300
To: ietf-http-wg@w3.org
Message-ID: <hi5kdc$g87$1@ger.gmane.org>
Tim wrote:
> I'm doing some research and I'm interested in learning about any past
> proposals to augment HTTP authentication (basic/digest) with a logout
> feature.  I have spent several hours reading mailing list archives and
> searching the web, and while I've found plenty of related information,
> I'm surprised to find no concrete proposals for this feature.

I don't see how that concerns HTTP; it's a missing feature on the browsers.

Credentials are sent on every request. All you need is a logout button on 
the *browser* that makes it stop sending credentials. Go file feature 
requests to the browser vendors :)

-- 
Nicolas

(I read mailing lists through Gmane. Please don't Cc me on replies; it makes 
me get one message on my newsreader and another on email.)
Received on Thursday, 7 January 2010 21:41:53 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:16 GMT