Wed Oct 27 23:21:30 UTC 2010 pix@kepibu.org
* Prevent caching of ajax-login.php
diff -rN -u old-httpauth/ajax-login.php new-httpauth/ajax-login.php
--- old-httpauth/ajax-login.php 2013-07-22 16:06:40.000000000 +0000
+++ new-httpauth/ajax-login.php 2013-07-22 16:06:40.000000000 +0000
@@ -3,6 +3,7 @@
if ('authenticate' === $_SERVER['PHP_AUTH_USER'] &&
'successfully' === $_SERVER['PHP_AUTH_PW']) {
header('HTTP/1.1 200 OK');
+ header('WWW-Authenticate: Basic Realm="Form-Based HTTP Auth Test"', false, 200);
} elseif ($_SERVER['PHP_AUTH_USER'] || $_SERVER['PHP_AUTH_PW']) {
/* Suppress the browser's login UI */
header('HTTP/1.1 403 Invalid Credentials');
@@ -11,3 +12,7 @@
header('HTTP/1.1 401 Log In, Bitches');
header('WWW-Authenticate: Basic Realm="Form-Based HTTP Auth Test"', false, 401);
}
+
+/* no caching */
+header('Pragma: no-cache');
+header('Cache-Control: no-cache');