On Sat, Jun 7, 2014 at 4:23 PM, dieter <die...@handshake.de> wrote:
> Dan Stromberg <drsali...@gmail.com> writes:
>> I have some code for a web server.  Right now, it uses
>> BaseHTTPRequestHandler with Basic Auth, but we want to be able to log
>> out, and there doesn't appear to be a general way to log out of
>> something using Basic Auth, short of turning to unportable JavaScript.
> You can't: With "Basic Auth", the login is handled by the browser
> (and not the server). This implies, that you must tell the browser
> to logout (and not the server). There is no "standard way" to
> tell the browser to logout.

That said, though, it's quite common for browsers to discard the auth
(thus effectively logging out) if given another 401 Unauthorized
response. So you can generally send that back and expect it to be a
"logout" page.


Reply via email to