On Thu, 7 Jan 2010, Nicolas Alvarez wrote: > Tim wrote: >> I'm doing some research and I'm interested in learning about any past >> proposals to augment HTTP authentication (basic/digest) with a logout >> feature. I have spent several hours reading mailing list archives and >> searching the web, and while I've found plenty of related information, >> I'm surprised to find no concrete proposals for this feature. > > I don't see how that concerns HTTP; it's a missing feature on the browsers. > > Credentials are sent on every request. All you need is a logout button on > the *browser* that makes it stop sending credentials. Go file feature > requests to the browser vendors :) So on what basis does the browser prompt again? It is likely a better user experience if the flush credentials is part of a server response to a web page logout button which lets both ends know the logout occured and takes the user to a page which doesn't immediately present a new credential dialog.Received on Thursday, 7 January 2010 21:52:18 UTC
This archive was generated by hypermail 2.4.0 : Thursday, 2 February 2023 18:43:21 UTC