Wed Oct 27 23:21:30 UTC 2010  pix@kepibu.org
  * Prevent caching of ajax-login.php
diff -rN -u old-httpauth/ajax-login.php new-httpauth/ajax-login.php
--- old-httpauth/ajax-login.php	2015-04-15 15:00:52.000000000 +0000
+++ new-httpauth/ajax-login.php	2015-04-15 15:00:52.000000000 +0000
@@ -3,6 +3,7 @@
 if ('authenticate' === $_SERVER['PHP_AUTH_USER'] &&
     'successfully' === $_SERVER['PHP_AUTH_PW']) {
   header('HTTP/1.1 200 OK');
+  header('WWW-Authenticate: Basic Realm="Form-Based HTTP Auth Test"', false, 200);
 } elseif ($_SERVER['PHP_AUTH_USER'] || $_SERVER['PHP_AUTH_PW']) {
   /* Suppress the browser's login UI */
   header('HTTP/1.1 403 Invalid Credentials');
@@ -11,3 +12,7 @@
   header('HTTP/1.1 401 Log In, Bitches');
   header('WWW-Authenticate: Basic Realm="Form-Based HTTP Auth Test"', false, 401);
 }
+
+/* no caching */
+header('Pragma: no-cache');
+header('Cache-Control: no-cache');