At 04:28 PM 3/5/01 +1300, Simon Garner wrote:
>From: "Ken" <[EMAIL PROTECTED]>
> > Nope - with IE5.5, even with that box NOT checked, the user remains logged
>in until either a) the computer is restarted, or b) a new
>user-authentication header is sent, AND the user clears out the password
>field and hits OK. Otherwise the user stays logged in, in spite of the HTTP
>spec.
>
>Admittedly I'm running IE5.01, but if I close and reopen the browser it will
>pop up the authentication dialogue again (with values filled out, if I did
>Save Password).
>Does this really not happen in 5.5?
Yes. Someone else on the list wrote, "I didn't believe you until I tried it for
myself." At least, it happens in 5.5 on the PC and Mac that my client has. Someone
proposed I download any patches MS has, so I'll ask my client to do that, and we'll
see if it's fixed. Some members of the list have verified that this happens in IE
5.5, and some members indicate that it is not happening in their IE 5.5. And so far
no problem fix has been found on MS's site.
> > This is how I will wind up going, EXCEPT the users will be required to
>click "logout", since merely closing the browser, in IE5.5, does not seem to
>clear the user/password from the browser's memory, NOR does it clear any
>session cookie. Again, works fine in other browsers, per spec.
>
>You mean it doesn't clear per-session cookies (expiry=0) either? Cripes...
Correct. Expiration is 0. Other browsers on the same system are clearing the cookie
when the browser is shut down, including IE 4.
>What Windows version is this under?
Windows 98 and Mac OS 8 or 9.
- Ken
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
