• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

How to control Back&Forward buttons.

 
Greenhorn
Posts: 28
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Please anyone tell me how to control the "Back" and "Forward" buttons of browser through the jsp.I am asking in the context of sessions.i.e if someone click the back button and on loading the prevoius page, i want the forward button freeze.I will be grateful if someone help me in this case.
 
Saloon Keeper
Posts: 27752
196
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Unfortunately there's not much support for this. Since a "back" button is supposed to be able to take a user back out of your site and into whatever site they'd been previously visiting, it's considered rude to allow disabling that button.
There are a couple of things you can do to keep from getting clobbered too hard, though. Make sure that the sensitve pages aren't cached. If the page has a form, this will usually cause the browser to complain.
It's important to remember though that all a user (or hacker!) needs to do to cause grief is to manually type in a URL that jumps out of context. Your best defense is to never assume that you know what order pages were requested.
 
Nasir Mkhan
Greenhorn
Posts: 28
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks Tim! you said that make sure that the sensitve pages aren't cached. If the page has a form, this will usually cause the browser complain.How to do it i.e not to cache the page.But Tim, when we logout from any account the back button allow any one to see private pages if the brower is not closed.Is there any way to handle this problem.If we do these pages not cached then it will be the problem for the right user too if she want to see the previous pages that r not cached.
[This message has been edited by Abdul Nasir (edited July 25, 2001).]
 
Tim Holloway
Saloon Keeper
Posts: 27752
196
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Aha! One of the oldest problems around. Not strictly a Java server problem, though, except for the obvious need to ensure that the user truly logged out and the session was destroyed.
There are at least 3 different ways to turn off client-side caching, depending on the version and manufacturer of the browser, including the meta tags Cache-Control, Pragma (no-cache) and the response.setHeader() functions (It also doesn't hurt to make the page expired). Ideally, there should be an appserver method to do all these things at one go, but if there is one, I missed it. I think that there are some JavaBeans that will help you, though - check out alphaworks.ibm.com, for instance.
 
They worship nothing. They say it's because nothing lasts forever. Like this tiny ad:
a bit of art, as a gift, that will fit in a stocking
https://gardener-gift.com
reply
    Bookmark Topic Watch Topic
  • New Topic