--- Comment #7 from Marek Czernek <> ---
Hi Mark,

that is fair. However, would you lean towards accepting the PR if I managed to
execute the logout with Javascript? I believe it might be possible to enforce
the logout on other clients by sending a virtual GET with incorrect username
and password on behalf of the user after the 401 flush. 

Or even if that worked, would you lean towards a wontfix? I understand either
decision, and I'm asking only to know whether it is worth for me to spend more
time on this BZ.

You are receiving this mail because:
You are the assignee for the bug.
To unsubscribe, e-mail:
For additional commands, e-mail:

Reply via email to