W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2012

Re: WG Review: Recharter of Hypertext Transfer Protocol Bis (httpbis)

From: Julian Reschke <julian.reschke@gmx.de>
Date: Wed, 22 Feb 2012 12:47:55 +0100
Message-ID: <4F44D5EB.3080509@gmx.de>
To: Willy Tarreau <w@1wt.eu>
CC: Robert Collins <robertc@squid-cache.org>, Barry Leiba <barryleiba@computer.org>, Stephen Farrell <stephen.farrell@cs.tcd.ie>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
On 2012-02-22 12:16, Willy Tarreau wrote:
> ...
> There's nothing wrong, but I've never seen a browser suggest to logout/relog
> upon a 403. Also, since browsers don't offer the possibility to logout in
> general, it's hard to suggest that this possibility should be specifically
> offered upon 403. In fact it's the global authentication/authorization
> mechanism that should be cleaned up in 2.0 and I don't think it's too hard,
> we just have to clearly state that we might break *some* of the 1.1 assumptions.
> ...

If browsers had an API for logging off, servers could send a 403 
response page *doing* the log off. Wouldn't that be sufficient?

Best regards, Julian
Received on Wednesday, 22 February 2012 11:48:41 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:56 GMT