- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Sun, 25 Sep 2011 14:58:01 +0200
- To: Eric Lawrence <ericlaw@exchange.microsoft.com>
- CC: Bjoern Hoehrmann <derhoermi@gmx.net>, Karl Dubost <karld@opera.com>, HTTP Working Group <ietf-http-wg@w3.org>
On 2011-09-21 17:29, Eric Lawrence wrote: > FWIW, IE6+ offers a script-accessible method for clearing the session-cached credentials, and both Chrome and Firefox have bugs filed to offer similar functionality. See the end of the post http://blogs.msdn.com/b/ieinternals/archive/2010/04/05/understanding-browser-session-lifetime.aspx > > One interesting scenario Microsoft ran into here recently is that the new "Metro-style" version of our browser cannot be "closed" in the usual way (its lifetime is controlled automatically). We settled upon having the closure of the last tab (which simply replaces the old tab with a new default tab) clear the authentication cache and session cookies, even though the browser itself does not close. > > -Eric Interesting; thanks for the pointers. It seems everybody agrees that something like this is needed, but most want something that is restricted to the current session. Eric, Karl: you represent two browser vendors, maybe you could chat, and come up with a joint proposal? Best regards, Julian
Received on Sunday, 25 September 2011 12:58:43 UTC