W3C home > Mailing lists > Public > www-archive@w3.org > January 2012

Re: please define JS-based logout for HTTP authentication

From: Cameron Heavon-Jones <cmhjones@gmail.com>
Date: Thu, 26 Jan 2012 13:43:13 +0000
Cc: W3C Public Archive <www-archive@w3.org>, Thomas Roessler <tlr@w3.org>, Harry Halpin <hhalpin@ibiblio.org>
Message-Id: <C62774F9-0E73-49A5-8B49-90A185922A68@gmail.com>
To: Julian Reschke <julian.reschke@gmx.de>
On 24/01/2012, at 10:29 AM, Julian Reschke wrote:

> Hi there,
> in the past few weeks I've been reminded about the lack for a logout() from HTTP authentication several times -- I believe first in webapps, then the IETF http-auth mailing list, then also in an internal product discussion.
> This is a very old issue, a good summary is in the Mozilla bug: <https://bugzilla.mozilla.org/show_bug.cgi?id=287957>.
> I hear that this might be covered by the proposed charter of the new web cryptography WG, <http://www.w3.org/2011/11/webcryptography-charter.html>, and I'd love to find out that it's going to happen over there. If it does not, it would be good to find out as soon as possible, and then maybe find another venue in the W3C (webapps?); unless you want the IETF to start on JS APIs :-)
> Best regards, Julian
> bcc'd lots of people who I hope are interested...

An alternative way to implement this might be through the use of http headers which also gives the server knowledge of the process, although i agree that a js api is definitely desirable.

Cameron Jones
Received on Thursday, 26 January 2012 13:43:45 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 22:34:12 UTC