Make basic auth logout change realm

This commit is contained in:
hbrain 2026-05-25 22:28:05 +02:00
parent 446d484296
commit 65c69e3769

View file

@ -1,10 +1,12 @@
<?php
$secure = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off');
setcookie('mvlog_realm', bin2hex(random_bytes(8)), [
'expires' => time() + 31536000,
'path' => '/mvlog',
'secure' => $secure,
'httponly' => true,
'samesite' => 'Lax',
]);
header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
?>
<!doctype html><html><head><meta charset="utf-8"><meta name="viewport" content="width=device-width,initial-scale=1"><title>Log off MVLog</title><link rel="stylesheet" href="style.css"></head><body>
<header class="site-header"><a class="brand" href="index.php"><h1>MVLog</h1><p>Bubulescu.Org</p></a></header>
<main><section><p>Logging off…</p><p class="details">If your browser keeps the session, close the browser tab/window.</p></section></main>
<script>
fetch("new.php?logout=1", {headers: {"Authorization": "Basic " + btoa("logout:logout")}, cache: "no-store"}).finally(function(){ location.href = "index.php"; });
</script>
</body></html>
header('Location: index.php');
exit;