[ This bug is one of the recommendations in the W3C's "Common User Agent Problems" document, URL above. One bug has been filed on each recommendation, for deciding whether we do it and, if not, whether we should. ] 1.8 Provide a mechanism to allow authentication information to expire. Many browsers allow configuration to save HTTP authentication [RFC2616, RFC2617] information ("remember my password"). They should also allow users to "flush" that authentication information on request. For instance, the user may wish to leave the user agent running but tell it to forget the password to access the user's bank account. Wrong: Most user agents consider that authentication information (e.g., password) provided by a user for a server/realm pair during a session is immutable for the duration of the session.
*** This bug has been marked as a duplicate of 55181 ***
The bug, which is about compliance with the guidelines, is blocked by bug 55181. Marking as such, and reopening. We should only close this bug when we comply :-) Gerv
Reassigning to Gagan.
mstolz: You said "Assigning to gagan" and assigned to email@example.com. Isn't gagan firstname.lastname@example.org? Gerv
mass move, v2. qa to me.
moving neeti's futured bugs for triaging.
hmm... there's other bugs already on file having to do with providing an explicit logout mechanism... this RFE should probably be included/considered with the work to solve that bug.
https://addons.mozilla.org/en-US/firefox/addon/http-logout/ does this. Gerv