Re: please define JS-based logout for HTTP authentication

On 24/01/2012, at 10:29 AM, Julian Reschke wrote:

> Hi there,
> 
> in the past few weeks I've been reminded about the lack for a logout() from HTTP authentication several times -- I believe first in webapps, then the IETF http-auth mailing list, then also in an internal product discussion.
> 
> This is a very old issue, a good summary is in the Mozilla bug: <https://bugzilla.mozilla.org/show_bug.cgi?id=287957>.
> 
> I hear that this might be covered by the proposed charter of the new web cryptography WG, <http://www.w3.org/2011/11/webcryptography-charter.html>, and I'd love to find out that it's going to happen over there. If it does not, it would be good to find out as soon as possible, and then maybe find another venue in the W3C (webapps?); unless you want the IETF to start on JS APIs :-)
> 
> Best regards, Julian
> 
> bcc'd lots of people who I hope are interested...
> 

An alternative way to implement this might be through the use of http headers which also gives the server knowledge of the process, although i agree that a js api is definitely desirable.

Thanks,
Cameron Jones

Received on Thursday, 26 January 2012 13:43:45 UTC