Open
Bug 68409
Opened 24 years ago
Updated 2 years ago
W3C CUAP: Provide a mechanism to allow authentication information to expire
Categories
(Core :: Networking: HTTP, enhancement, P5)
Tracking
()
NEW
Future
People
(Reporter: gerv, Unassigned)
References
(Depends on 1 open bug, )
Details
(Whiteboard: [necko-would-take])
[ This bug is one of the recommendations in the W3C's "Common User Agent
Problems" document, URL above. One bug has been filed on each recommendation,
for deciding whether we do it and, if not, whether we should. ]
1.8 Provide a mechanism to allow authentication information to expire.
Many browsers allow configuration to save HTTP authentication
[RFC2616, RFC2617] information ("remember my password"). They should
also allow users to "flush" that authentication information on
request. For instance, the user may wish to leave the user agent
running but tell it to forget the password to access the user's bank
account.
Wrong: Most user agents consider that authentication information
(e.g., password) provided by a user for a server/realm pair during a
session is immutable for the duration of the session.
|
||
Comment 1•24 years ago
|
||
*** This bug has been marked as a duplicate of 55181 ***
Status: NEW → RESOLVED
Closed: 24 years ago
Resolution: --- → DUPLICATE
|
Reporter | |
Comment 2•24 years ago
|
||
The bug, which is about compliance with the guidelines, is blocked by bug 55181.
Marking as such, and reopening. We should only close this bug when we comply :-)
Gerv
|
||
Comment 3•24 years ago
|
||
Reassigning to Gagan.
Assignee: mstoltz → neeti
Status: REOPENED → NEW
Component: Security: General → Networking
QA Contact: ckritzer → tever
|
|
Reporter | |
Comment 4•24 years ago
|
||
mstolz: You said "Assigning to gagan" and assigned to neeti@netscape.com. Isn't
gagan gagan@netscape.com?
Gerv
|
||
Comment 6•22 years ago
|
||
moving neeti's futured bugs for triaging.
Assignee: neeti → new-network-bugs
-> defaults
Assignee: new-network-bugs → darin
QA Contact: benc → httpqa
|
||
Comment 8•22 years ago
|
||
hmm... there's other bugs already on file having to do with providing an
explicit logout mechanism... this RFE should probably be included/considered
with the work to solve that bug.
Severity: normal → enhancement
|
|
||
Updated•19 years ago
|
Assignee: darin → nobody
|
|
Reporter | |
Comment 9•12 years ago
|
||
https://addons.mozilla.org/en-US/firefox/addon/http-logout/ does this.
Gerv
|
||
Updated•9 years ago
|
Whiteboard: [necko-would-take]
|
||
Comment 10•7 years ago
|
||
Bulk change to priority: https://bugzilla.mozilla.org/show_bug.cgi?id=1399258
Priority: -- → P5
|
||
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•