Issue with BASIC coming out for HTTP authentication using Chrome

Question

Issue with BASIC coming out for HTTP authentication using Chrome

I use this method below to exit an HTTP server using basic HTTP authentication. This works great with IE and FireFox. But in the case of Chrome, I can get the html file even with the wrong username and password.

In Chrome, the stream is flowing, I get the error "********** Failed ***********", after which the page is requested (some_server_file.html).

But in IE / Chrome, the stream is this, I get the error message "********** Failed ***********", and then an identifier is requested in the login dialog.

In some ways, Chrome sends the correct username and password even after the first request fails.

Can I fix a Chrome issue?

function logout() { jQuery.ajax({ type: "get", url: "some_server_file.html", async: false, username: "wronguser", password: "wrongpass", headers: {"Authorization": "Basic xxx"} }) .success(function () { console.log("********** Success ***********"); }) .fail(function () { console.log("********** Failed ***********"); }); return false; }

thanks

+6

javascript jquery html http google-chrome

Javauser Feb 04 '16 at 17:15

source share

1 answer

jeanfrg · Answer 1 · 2017-07-27T14:41:09+0000

Basic authentication was not designed to manage logging.

If you want to be able to log off, you can create an endpoint on your server that returns an HTTP 403 status code (forbidden). This will cause the browser to "log out" / clear the basic authentication cache.

 User clicks logout button --> Ajax call to /logout which will return HTTP 403 --> Browser basic authentication cache will be cleared

Issue with BASIC coming out for HTTP authentication using Chrome

More articles: