[thelist] JS: Un-caching a window's HTTP authentication

Keith Davis cache at dowebs.com
Sun Jun 3 20:16:40 CDT 2001


Oliver Lineham wrote:

> I'm wondering if anyone knows how to use JS (or any other trick) to get IE
> to ditch the HTTP authentication details it is using (username, password),
> and pop up a new login box. Effectively a "logout" button/link.

I have used:

<input type=button value="LOGIN"
onclick=location="http://userName:passWord@domain.com/dir/dummy.html">

to login to the BA protected dir/dummy.html and bypass the prompt for
the UN and PW. So....

<input type=button value="LOGOUT"
onclick=location="http://dummyUN:dummyPW@domain.com/dir/dummy.html">

should fail, clearing the cached un/pw and returning a "failed" msgbox.

You could put a logout button/link on a page inside the dir to a page
outside the dir and use an onload event on that outside page to send the
un:pw at domain location string. That would leave them stranded on that
outside page which might boldly note that they are loggedout (for the
next user's sake).

keith




More information about the thelist mailing list