> Nicolas Alvarez wrote:
>> Exactly. Browsers give no UI to stop sending the login information to
>> the server.
>
> Firefox certainly does. It's in the exact same panel you go to to clear
> out the "don't save passwords" for the more common "fill in this form to
> get a cookie" kind of tracking.
You mean Remove private data, Authenticated sessions? That's like
telling people to manually delete cookies from all websites when they
want to log out from a single place, instead of a "logout" button.
How do I log out of *one* website?
How can a website automatically log you out after inactivity? (cookies
have expiration date)
Isn't it safer to send a cookie with a session ID back and forth than
sending your actual username and password on every page request?
Post a reply to this message
|