W3C home > Mailing lists > Public > www-dom@w3.org > April to June 2009

Re: browser security improvement feature

From: Doug Poulin <dougp@medinet.ca>
Date: Thu, 30 Apr 2009 11:46:47 -0700
Message-ID: <FE542867EC9747C983259921B685CBA8@medinet.net>
To: "Boris Zbarsky" <bzbarsky@MIT.EDU>
Cc: "DOM mailing list" <www-dom@w3.org>
Missed that.  I'll cc the mailing list from now on.

Just one more thought on this thread.  It would make things really simple, 
if when you clicked on a
login button (or link), you could have a javascript clear any possible login 
credentials before you tried to
open the site.  That way you would always be assured that if you are trying 
to log in, that you are
presented with a login pop up.

Doug
----- Original Message ----- 
From: "Boris Zbarsky" <bzbarsky@MIT.EDU>
To: "Doug Poulin" <dougp@medinet.ca>
Sent: Thursday, April 30, 2009 11:28 AM
Subject: Re: browser security improvement feature


> Doug Poulin wrote:
>> It's not off list on purpose, it's just that you responded directly so I 
>> chose to do the same.
>
> I cced the mailing list on my mail, I thought.  Certainly that's what my 
> sent mail folder shows...
>
>> It's possible to do it using 401's but it's way too complicated. Since 
>> web access is stateless, I can't tell if this is the first time you 
>> logged in or the second.
>
> I was suggesting doing the logout when closing the window, though.... At 
> that point you know I'm logged in and need to be logged out.
>
>> I'm looking for something much simpler and clean.
>
> OK.
>
> -Boris
> 
Received on Thursday, 30 April 2009 18:47:56 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 22 June 2012 06:14:00 GMT