• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

how to expire page and clear history if user click back button from browser in jsp

 
basanta dwibedy
Greenhorn
Posts: 23
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi ,

i am using spring for my view.

i need to expire my page if user after logout go back and say refresh. please can you help me..

i have tried all the following command . and its not working for my application.

<script language="Javascript">
{
window.history.forward(1);
}
</script>

<head>
<meta http-equiv="expires" content="now">
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="Cache-Control" content="no-cache">
</head>


//Set standard HTTP/1.1 no-cache headers.
res.setHeader("Cache-Control", "no-store, no-cache, must-revalidate");
// Set IE extended HTTP/1.1 no-cache headers (use addHeader).
res.addHeader("Cache-Control", "post-check=0, pre-check=0");
res.setHeader("Pragma", "No-cache");
res.setDateHeader("Expires",0);



please let me know the good valid and tested solution.......
 
T.A. Nguyen
Ranch Hand
Posts: 36
Eclipse IDE Java ME Oracle
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
just do a session.invalidate() call at the logout page. This will reset your session. And if the user use a back button, to revisit the previous page, the server will no longer have the previous session information on hand.
 
basanta dwibedy
Greenhorn
Posts: 23
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
But from client browser when they submiting the page again by pressing back button it will create a new session and load the information through command object or req.getParameter() method. In my code i am handling session.invalidate(); method also.

So give me some another solution.
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 65125
92
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by basanta dwibedy:
So give me some another solution.
OK, let me get this straight. Someone takes the time to help you and you roll your eyes at him while demanding another solution?

I'm sure what you really meant to say was: "Thanks T.A. Nguyen! But that wasn't exactly what I was looking for. Do you have perhaps another approach I could try?"

Right?
 
T.A. Nguyen
Ranch Hand
Posts: 36
Eclipse IDE Java ME Oracle
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by basanta dwibedy:
But from client browser when they submiting the page again by pressing back button it will create a new session and load the information through command object or req.getParameter() method. In my code i am handling session.invalidate(); method also.

So give me some another solution.


if what you says is true then you are not doing the right thing... (What is your site? I like to visit!!!). My suggestion is to use POST instead of GET, more secure, well at least it can not be bookmark. And use session.invalidate() to control the data from the server side! And yes, you also need to reject GET otherwise, you still have the same problem if some one smart enough to take all your input fields and turn into a get string.
[ September 11, 2008: Message edited by: T.A. Nguyen ]
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic