Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Logout should be a POST request (at least make it configurable) #5

Open
slominskir opened this issue Jan 2, 2014 · 4 comments
Open

Logout should be a POST request (at least make it configurable) #5

slominskir opened this issue Jan 2, 2014 · 4 comments

Comments

@slominskir
Copy link

There are some good arguments for making logout requests use the POST method. See: http://stackoverflow.com/questions/3521290/logout-get-or-post
@slominskir
Copy link
Author

Making the keepAliveUrl method configurable would be nice too. The current method, POST for keepAlive is counter-intuitive since this request is supposed to be innocuous.

@benkiefer
Copy link

+1, any chance this is coming soon?

@benkiefer
Copy link

One more request while we're talking about adding post support...

Can we get the option to submit the post with additional request parameters? I'm using Spring Security w/ CSRF protection and need to send the csrf nonce with the logout post.

@rubensgomes
Copy link

Support for submitting a POST when session times out is actually required by the Spring Security CSFR code. Do you think that POST support could be implemented anytime soon?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@benkiefer @slominskir @rubensgomes