Re: how to make Netsurf forget its logged-in state
In messageJim Nagel wrote: >Frank de Bruijn wrote on 14 May: >> If I quit NetSurf it *does* forget the login details, as I would have >> expected. The authentication window pops up again after a restart. >> That's with NetSurf 3.6 (Dev CI #3538). Which version are you using? > >I'm using Netsurf 3.5 #3433 (with Javascript switched off at the >moment, if that's relevant). And I'll update today, I promise. I >usually update much more frequently; the past month or two are >atypical. > >You're right, though: quitting Netsurf does forget the login details. >So that's obviously the simple solution to my original problem. > >Still would like to know where Netsurf stores this info -- cache? -- >and if there'd be any way to erase it (i.e., to "log out") without >quitting everything else that might be open. I've been looking at the NS source code, and it appears that the login username and password are stored as part of the session, which is simply in RAM - as is lots of other stuff. I don't know of any way of deleting the session information without quitting NS. I don't have a login to your site, but it occurred to me that I see the same behaviour with the ROOL site, so I tried it so as to remind myself of exactly what happens. When I have logged in, I can close the window, then open another to the ROOL site, whereupon I'm logged in automatically. If I quit and restart NS and open a window to ROOL, I have to log in anew. I get the same behaviour with Firefox on Linux. If I log in to ROOL, open a new blank window, close the ROOL window, then open the blank window to ROOL, I'm automatically logged in; whereas if I log in, then quit and restart FF, I need to log in anew. So I think that restarting NS is just what you're going to have to do. Dave Can't remember your password? Do you need a strong and secure password? Use Password manager! It stores your passwords & protects your account. Check it out at http://mysecurelogon.com/password-manager
Re: how to make Netsurf forget its logged-in state
In article, Jim Nagel wrote: > Still would like to know where Netsurf stores this info -- cache? -- > and if there'd be any way to erase it (i.e., to "log out") without > quitting everything else that might be open. It probably just keeps it in memory without actually storing it anywhere. I've never been able to find any way to clear that data without closing the browser. But I must admit it was about a decade ago I had reason to investigate that for various browsers, so I don't know what has changed since then. I do know my main (Linux) browser still works like that. > Further curious observation just now after restarting Netsurf: I type > the URL as http://archivemag.co.uk/Volume24/01 and give details in the > login box; I get in. > Then I type the URL as www.archivemag.co.uk/Volume24/01 -- this time > including the optional www prefix -- and the login box appears again. > So it seems Netsurf treats these as two separate cases, even though > they lead to the identical target in the website itself. OK, no harm > in that, just an observation. They are separate. Two different urls. The fact they both end up at the same location doesn't matter to the browser. Regards, Frank
Re: how to make Netsurf forget its logged-in state
Frank de Bruijn wrote on 14 May: > If I quit NetSurf it *does* forget the login details, as I would have > expected. The authentication window pops up again after a restart. > That's with NetSurf 3.6 (Dev CI #3538). Which version are you using? I'm using Netsurf 3.5 #3433 (with Javascript switched off at the moment, if that's relevant). And I'll update today, I promise. I usually update much more frequently; the past month or two are atypical. You're right, though: quitting Netsurf does forget the login details. So that's obviously the simple solution to my original problem. Still would like to know where Netsurf stores this info -- cache? -- and if there'd be any way to erase it (i.e., to "log out") without quitting everything else that might be open. Further curious observation just now after restarting Netsurf: I type the URL as http://archivemag.co.uk/Volume24/01 and give details in the login box; I get in. Then I type the URL as www.archivemag.co.uk/Volume24/01 -- this time including the optional www prefix -- and the login box appears again. So it seems Netsurf treats these as two separate cases, even though they lead to the identical target in the website itself. OK, no harm in that, just an observation. -- Jim Nagelwww.archivemag.co.uk
how to make Netsurf forget its logged-in state
Earlier this morning I wrote: > I'll run some tests with the login details you sent me recently to see > if I can figure out where NetSurf stores this info. No dice. I don't think it stores it anywhere, which is consistent with forgetting it after shutdown. Regards, Frank
Re: how to make Netsurf forget its logged-in state
In article, Jim Nagel wrote: > [Please reply to the list rather than to me privately.] > Ashish Gupta wrote on 13 May: > > Thanks for explaining the login process. It looks like you make use of > > Basic Auth for the login. > The PHP includes statements like this: > if (!isset($_SERVER["PHP_AUTH_USER"]) > Does that confirm what you say about "Basic Auth"? Is that something > that resides on the server as a resource for customers like me? That variable does indeed have to do with HTTP authentication. That type of authentication does not use cookies, but is handled by the browser internally. It remembers the login details after you've successfully logged in to a site, but in my experience browsers tend to forget that after being closed down. If NetSurf retains the information, I *think* that should be classified as a bug, but I'm not certain. I've just never seen it happen with the browsers I use regularly. I'll run some tests with the login details you sent me recently to see if I can figure out where NetSurf stores this info. > Then downloaded the log file which the PHP generates on the server and > checked it. These login tests do NOT appear on the log. That's because they're not done by the PHP script, which is server side. The browser does it all by itself. Regards, Frank