- From: Charles Iliya Krempeaux <supercanadian@gmail.com>
- Date: Tue, 14 Jun 2005 14:06:01 -0700
Hello,
On 6/14/05, S. Mike Dierken <mdierken at hotmail.com> wrote:
>
> > Yeah, I guess that's all you really need.
>
> > Perhaps if a new HTTP "status code" was created, to signify the
> > "logout", then that would work. So, for example:
> >
> > #1: The user clicks a logout button.
> > #2: This POSTs the form.
> > #3: This causes the server to "clean up" and return the new HTTP
> > "status code" that signify "logged out".
> > #4: The client receives this new HTTP "status code" and "clears"
> > the HTTP Authentication info it has.
> > How's the one I suggested above?
>
> Not sure if a status code or a reply header is more appropriate. The
> www-authenticate header indicates access to the resource requires
> authentication. Perhaps a header of www-unauthenticate could be created to
> do the inverse?
> In any case, the protocol work would need to be taken to IETF or some other
> body, likely after a working example of a browser & server was created
> somewhere. The server example might be as simple as a PHP page that returned
> that response header.
That's a good plan. I'll take it up on the IETF Apps mailing list.
(Like you said, the) Server side will be easy to do. Client side will
be more work.
I was doing some Mozilla hacking once, and just "checking out" the
source code from CVS and compiling it took forever.
See ya
--
Charles Iliya Krempeaux, B.Sc.
charles @ reptile.ca
supercanadian @ gmail.com
developer weblog: http://ChangeLog.ca/
___________________________________________________________________________
Ask the toughest Linux System questions at... http://linuxmanagers.org/
Received on Tuesday, 14 June 2005 14:06:01 UTC