Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clear Site-Data is not implemented #32

Open
GaProgMan opened this issue Dec 6, 2018 · 0 comments

Comments

@GaProgMan
Copy link
Owner

commented Dec 6, 2018

Description

Clear Site-Data is a new header which can be used to tell the browser to wipe out cookies and tokens automatically when a user logs out. This can be useful in stopping Session Hijacking once a user has logged out.

Adding support for the Clear Site-Data header will require some form of controller attribute, perhaps. This is because we don't want Clear Site-Data to be included in every response from the server, only those responses which are generated by logging out.

This will require some thought and planning before implementation.

Links to Header Information

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
1 participant
You can’t perform that action at this time.