On Fri, 13 Dec 2002, Joshua Slive wrote:
>
> On Thu, 12 Dec 2002, Andr� Malo wrote:
> > The next point is: browsers are not the only possible HTTP-Clients. If you
> > think about, say DAV clients, the "logout" will become more undefined than
> > ever. Especially if they are compliant to the particular RFCs.
>
> I think the important point is that password caching is really completely
> up to the browsers. There are certain things that the RFCs tell them that
> they should or should not cache, but absolutely nothing that I know of
> that tells them they need to empty their cache. So in other words, it
> would be completely appropriate for the browser to try these bogus
> credentials, realize that they don't work, and fall-back to the old ones.
>
> Then as far as the docs, if it really can be shown that there is some
> technique that works for a wide variety of browsers, I have no problem
> with documenting it. But it must be noted that it is browser-dependent,
> not universal.
I've been completely unable to reproduce his technique, with any browser
I have access to. I suppose I could be doing it wrong, but I think I
followed his recipe, and tried to remain open-minded. It did not in fact
un-auth me. So I'm not leaning towards doing this until and unless he
sends me directions that work.
--
Rich Bowen - [EMAIL PROTECTED]
As we trace our own few circles around the sun
We get it backwards and our seven years go by like one
Dog Years (Rush - Test for Echo - 1999)
