17 Sep
2001
17 Sep
'01
5:23 p.m.
Ron Bickers wrote:
5) If I then log in with basic auth and logout using manage_zmi_logout, my next attempt to access the protected document still brings up the basic auth window instead of the form. The only way I found to get back to the cookie auth is to restart my browser. :-(
Is this a bug in CookieCrumbler?
I would say this is a bug in the HTTP spec. The HTTP spec doesn't actually provide a way to log out. See section 15.6 of the HTTP spec: ftp://ftp.isi.edu/in-notes/rfc2616.txt manage_zmi_logout just uses a method that usually works. If your browser doesn't do what you expect when it comes to logging out using HTTP AUTH, well... join the club. ;-) Shane