TrueHttpLogoutPatch: True_logout_patch_trunk_updated.diff

trac/htdocs/js/trac.js

@@ -75 +75 @@
   window.getAncestorByTagName = function(elem, tagName) {
     return $(elem).parents(tagName).get(0);
   }
+  window.clearAuthenticationCache = function(page) {
+    // Default to a non-existing page (give error 500).
+    // An empty page is better, here.
+    if (!page) page = '.force_logout';
+    try{
+      var agt=navigator.userAgent.toLowerCase();
+      if (agt.indexOf("msie") != -1) {
+        // IE clear HTTP Authentication
+        document.execCommand("ClearAuthenticationCache");
+      }
+      else {
+        // Let's create an xmlhttp object
+        var xmlhttp = createXMLObject();
+        // Let's prepare invalid credentials
+        xmlhttp.open("GET", page, true, "logout", "logout");
+        // Let's send the request to the server
+        xmlhttp.send("");
+        // Let's abort the request
+        xmlhttp.abort();
+      }
+    } catch(e) {
+      // There was an error
+      return;
+    }
+  }
+  window.createXMLObject = function() {
+    try {
+      if (window.XMLHttpRequest) {
+        xmlhttp = new XMLHttpRequest();
+      }
+      // code for IE
+      else if (window.ActiveXObject) {
+        xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");
+      }
+    } catch (e) {
+      xmlhttp=false
+    }
+    return xmlhttp;
+  }
 
-})(jQuery);
- No newline at end of file
+})(jQuery);

trac/web/auth.py

@@ -86 +86 @@
         if req.authname and req.authname != 'anonymous':
             yield ('metanav', 'login', 'logged in as %s' % req.authname)
             yield ('metanav', 'logout',
-                   tag.a('Logout', href=req.href.logout()))
+           tag.a('Logout', href=req.href.logout(),
+               onclick="clearAuthenticationCache(\'%s\')" % req.href.logout() ))
         else:
             yield ('metanav', 'login',
                    tag.a('Login', href=req.href.login()))