lloyd
commented
11 years ago is logout as easy as allowing post with a X-Persona-Logout: true header?
Closed djc closed 11 years ago
lloyd
commented
11 years ago is logout as easy as allowing post with a X-Persona-Logout: true header?
djc
commented
11 years ago We should debate whether it makes sense to do X-Persona-Assertion: null instead, to keep the interface small. (Some other magic value could work as well, cue bikeshed.)
djc
commented
11 years ago I think the effect would be to just send a cookie with empty contents and expire date in the past.
lloyd
commented
11 years ago +1 to X-Persona-Assertion: null - I can't think of any other actions we'll introduce and as @djc said in irc, this limits the interface to a single headder.
Look at the currently-unused
processLogout()function.