Logging out of HTTP basic auth
- 20 Apr 2017: Post was created (diff)
If I’m already at https://stigok.com/protected/area which is protected with HTTP basic authentication, I can overwrite the cached credentials by sending myself to https://anyotherstring@stigok.com/protected/area. Note that this is a client based approach and may not work in all browsers.
If you have any comments or feedback, please send me an e-mail. (stig at stigok dotcom).
Did you find any typos, incorrect information, or have something to add? Then please propose a change to this post.