Am 18.05.2018 um 12:17 schrieb Yuri D'Elia:
On Fri, May 18 2018, Carsten Schulze wrote:
When I press the Logout link, I get a windows with a new
Authentification Request. Now I cancel that and get the following
message.
Logged-out
Close the browser to complete the logout. Ok, most people think they
could close the current browser tab, but they really have to close the
whole browser and reopen it again. That is not logical and no one
understands why.
Is there another way to destroy the login cache?
This only happens with http authentication.
Now, with most modern browsers (FF, Chrome for sure), you don't need to
close the browser.
I tested it with Chrome, Firefox and Edge, all the newest versions on
different OS. When I close the "Logout Tab" and open a new Tab I'm
logged in again without any credentials given!
To invalidate the cache we have to feed the browser a
request which we deny. This results in the auth prompt that you see.
I was thinking of hiding it by performing a background request, and
according to my tests it still does invalidate the cache correctly, but
I didn't have time to implement it yet.
As far as I know, there's no other way to invalidate the auth cache. I'd
be happy to know if there is a better method.
On IE <= 7 though, the cache is never invalidated. You really *need* to
close the browser to logout.
