Because of cookies stored on the browser, users cannot reliably logout of Canvas.
Investigation
In Chrome, if the cookies in the red box are deleted, the user is effectively logged out of Canvas. ALL cookies containing the following url's must be deleted
- instructure.com
- uth.edu
- uth.tmc.edu
Solution
Put a javascript on the logout page:
https://www.uth.edu/canvas/logout.htm
If this javascript deletes the browser cookies listed above, the user will be effectively logged out of Canvas.
2/19/15 4:16 pm sent this email to Rongrong Yu
Ronnie,
Jennifer cleared this idea, so far as web server administration goes.
We would like a java script that will live on the webpage at:
https://www.uth.edu/canvas/logout.htm
The java script will do one task, which is to delete cookies from the current browser containing the following in their url:
· instructure.com
· uth.edu
· uth.tmc.edu
If these are deleted successfully, the user will be effectively logged out of Canvas without closing their browser.
Closing their browser is ineffective sometimes (if the browser is holding on to cookies).
Can there be a success popup message on delete, and a fail popup message if unsuccessful (warning users to clear their cache)?
We will want BOTH, so the html page itself can say “If you didn’t get a popup message, your javascript is blocked. Please clear your cache to effectively logout of Canvas”
How do-able is this?
Greg
No comments:
Post a Comment