W3C home > Mailing lists > Public > whatwg@whatwg.org > June 2005

[whatwg] suggestion: LINK element for session termination

From: S. Mike Dierken <mdierken@hotmail.com>
Date: Tue, 14 Jun 2005 00:59:28 -0700
Message-ID: <BAY101-DAV78F3218CE57BD17959EC4D8F30@phx.gbl>

> Yeah, I guess that's all you really need.

> Perhaps if a new HTTP "status code" was created, to signify the
> "logout", then that would work.  So, for example:
>  #1: The user clicks a logout button.
>  #2: This POSTs the form.
>  #3: This causes the server to "clean up" and return the new HTTP
>    "status code" that signify "logged out".
>  #4: The client receives this new HTTP "status code" and "clears"
>    the HTTP Authentication info it has.
> How's the one I suggested above?

Not sure if a status code or a reply header is more appropriate. The
www-authenticate header indicates access to the resource requires
authentication. Perhaps a header of www-unauthenticate could be created to
do the inverse?
In any case, the protocol work would need to be taken to IETF or some other
body, likely after a working example of a browser & server was created
somewhere. The server example might be as simple as a PHP page that returned
that response header.
Received on Tuesday, 14 June 2005 00:59:28 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 16:58:41 UTC