Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Clear Site-Data is not implemented #32

Open
GaProgMan opened this issue Dec 6, 2018 · 0 comments
Open

Clear Site-Data is not implemented #32

GaProgMan opened this issue Dec 6, 2018 · 0 comments
Assignees
@GaProgMan
Labels
branch required enhancement help wanted

Comments

@GaProgMan
Copy link
Owner

Description

Clear Site-Data is a new header which can be used to tell the browser to wipe out cookies and tokens automatically when a user logs out. This can be useful in stopping Session Hijacking once a user has logged out.

Adding support for the Clear Site-Data header will require some form of controller attribute, perhaps. This is because we don't want Clear Site-Data to be included in every response from the server, only those responses which are generated by logging out.

This will require some thought and planning before implementation.

Links to Header Information
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@GaProgMan GaProgMan

Labels
branch required enhancement help wanted
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@GaProgMan