- From: Tim <tim-projects@sentinelchicken.org>
- Date: Sat, 30 Jan 2010 19:39:45 -0800
- To: Bil Corry <bil@corry.biz>
- Cc: Yutaka OIWA <y.oiwa@aist.go.jp>, ietf-http-wg@w3.org
Bil, > Here's an example of using AJAX to log out a user via HTTP Auth: > > http://www.corry.biz/logout_demo/ Oh, nice, I hadn't thought of this before. To summarize, you just set up a page within the protection space which always returns a 200 code and then access it via XMLHttpRequest with a bogus password. What browsers have you tested this on? So it appears with logins and logouts, AJAX + response code hacks are possible to make this work right now. I still think an HTTP-level session termination mechanism is worthwhile for user agents that don't want to rely on JavaScript, but for most developers, this could be the missing piece to make HTTP auth usable again. thanks! tim
Received on Sunday, 31 January 2010 03:33:45 UTC