openerp-community-reviewer team mailing list archive

Thread
Date

Re: [Merge] lp:~therp-nl/server-env-tools/7.0-auth_from_http_basic into lp:server-env-tools

To: mp+202316@xxxxxxxxxxxxxxxxxx
From: "Holger Brunn \(Therp\)" <hbrunn@xxxxxxxx>
Date: Fri, 07 Feb 2014 17:06:27 -0000
In-reply-to: <20140122083535.16210.66133.launchpad@ackee.canonical.com>
Reply-to: mp+202316@xxxxxxxxxxxxxxxxxx
Sender: bounces@xxxxxxxxxxxxx

Which pep8 checker complains?

About the redirect: When you do a http basic authentication, at least chrome and firefox keep those credentials until the session ends and there's no way to purge them via javascript. This means that in a setup where you authenticate via auth headers, you'll never be able to log out (you would have to close you browser, and not just the specific window, but the whole browser process).

So this redirect instructs the browser to use 'logout' and no password as credentials, replacing the credentials you used to login which make you being properly logged out.

Then the web client would throw an error and the webclient would be unusable until the users hits F5, which is why the auth_from_http_basic_logout module exists to catch this error, lock the webclient so that you have a nice ui to login again.
-- 
https://code.launchpad.net/~therp-nl/server-env-tools/7.0-auth_from_http_basic/+merge/202316
Your team Server Environment And Tools Core Editors is subscribed to branch lp:server-env-tools.

References

[Merge] lp:~therp-nl/server-env-tools/7.0-auth_from_http_basic into lp:server-env-tools
From: Stefan Rijnhart (Therp), 2014-01-22