W3C CUAP: Provide a mechanism to allow authentication information to expire

NEW
Unassigned

Status

()

Core
Networking: HTTP
--
enhancement
16 years ago
a year ago

People

(Reporter: gerv, Unassigned)

Tracking

(Depends on: 1 bug)

Trunk
Future
x86
All
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [necko-would-take], URL)

(Reporter)

Description

16 years ago
[ This bug is one of the recommendations in the W3C's "Common User Agent 
Problems" document, URL above. One bug has been filed on each recommendation, 
for deciding whether we do it and, if not, whether we should. ]

1.8 Provide a mechanism to allow authentication information to expire.

     Many browsers allow configuration to save HTTP authentication
     [RFC2616, RFC2617] information ("remember my password"). They should
     also allow users to "flush" that authentication information on
     request. For instance, the user may wish to leave the user agent
     running but tell it to forget the password to access the user's bank
     account.

     Wrong: Most user agents consider that authentication information
     (e.g., password) provided by a user for a server/realm pair during a
     session is immutable for the duration of the session.
(Reporter)

Updated

16 years ago
Blocks: 68427

Comment 1

16 years ago


*** This bug has been marked as a duplicate of 55181 ***
Status: NEW → RESOLVED
Last Resolved: 16 years ago
Resolution: --- → DUPLICATE
(Reporter)

Comment 2

16 years ago
The bug, which is about compliance with the guidelines, is blocked by bug 55181.
Marking as such, and reopening. We should only close this bug when we comply :-)

Gerv
Status: RESOLVED → REOPENED
Depends on: 55181
Resolution: DUPLICATE → ---
Reassigning to Gagan.
Assignee: mstoltz → neeti
Status: REOPENED → NEW
Component: Security: General → Networking
QA Contact: ckritzer → tever

Updated

16 years ago
Target Milestone: --- → Future
(Reporter)

Comment 4

16 years ago
mstolz: You said "Assigning to gagan" and assigned to neeti@netscape.com. Isn't 
gagan gagan@netscape.com?

Gerv

Updated

16 years ago
QA Contact: tever → benc

Comment 5

16 years ago
mass move, v2.
qa to me.

Updated

15 years ago
Component: Networking → Networking: HTTP

Comment 6

15 years ago
moving neeti's futured bugs for triaging.
Assignee: neeti → new-network-bugs

Comment 7

15 years ago
-> defaults
Assignee: new-network-bugs → darin
QA Contact: benc → httpqa

Comment 8

15 years ago
hmm... there's other bugs already on file having to do with providing an
explicit logout mechanism... this RFE should probably be included/considered
with the work to solve that bug.
Severity: normal → enhancement
Depends on: 260839

Updated

11 years ago
Assignee: darin → nobody
(Reporter)

Comment 9

4 years ago
https://addons.mozilla.org/en-US/firefox/addon/http-logout/ does this.

Gerv
Whiteboard: [necko-would-take]
You need to log in before you can comment on or make changes to this bug.