W3C home > Mailing lists > Public > whatwg@whatwg.org > December 2004

[whatwg] connecting usernames and passwords

From: Matthew Thomas <mpt@myrealbox.com>
Date: Sat, 18 Dec 2004 18:15:47 +1300
Message-ID: <E05E9B44-50B3-11D9-9523-000A95AD3972@myrealbox.com>
On 18 Dec, 2004, at 6:43 AM, Greg Kilwein wrote:
> Related to this, it would be nice to have a standard, simple way for a 
> browser session to "log out" of its HTTP authentication.? Currently 
> with some UAs, a user must to close all of his or her browser windows 
> and/or tabs in order to be able to log in as someone else.

That's entirely the fault of the browser vendors; they haven't bothered 
to implement it in a convenient way. (See for example 

> ...
> I'm not sure of the best way to accomplish this log out functionality 
> (headers? HTML tags?)

There's no need for authors to do anything extra; browsers just need to 
do a full implementation of HTTP authentication (i.e. one that includes 
the ability to log out). A browser using my design for logging in, for 
example, could change the panel for logging in to one for logging out:

| Committee Members Area             ID: [        ]          |
| foo.example.org              Password: [        ] (Log In )|
:                                                            :
| Committee Members Area   Logged in as: gregk               |
| foo.example.org        Stay logged in: [1 week:^] (Log Out)|
:                                                            :

Matthew Thomas
Received on Friday, 17 December 2004 21:15:47 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 16:58:38 UTC