• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • Liutauras Vilda
  • Jeanne Boyarsky
  • paul wheaton
Sheriffs:
  • Ron McLeod
  • Devaka Cooray
  • Henry Wong
Saloon Keepers:
  • Tim Holloway
  • Stephan van Hulst
  • Carey Brown
  • Tim Moores
  • Mikalai Zaikin
Bartenders:
  • Frits Walraven

How to handle back button caching

 
Greenhorn
Posts: 29
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi All,

I have earlier posted the topic regarding the session handling. But, right now I am facing the major issue with the back button handling or we can say Caching. I am using the below mentioned code:

response.setHeader("Cache-Control","no-store"); //HTTP 1.1
response.setHeader("Cache-Control","no-cache"); //HTTP 1.1
response.setHeader("Pragma\"","no-cache"); //HTTP 1.0
response.setDateHeader ("Expires", 0); //prevents caching at the proxy server
JSPsession.invalidate();

And then I am forwarding to next JSP. But on pressing the back button I am still getting the older page. PLease guide me how to handle this situation.

Basically I have to logout from the session and do not want to enter the previous page.

Thanks and Regards,
Abhinav Singhal
 
Ranch Hand
Posts: 1026
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator


And then I am forwarding to next JSP. But on pressing the back button I am still getting the older page. PLease guide me how to handle this situation.



Cache-Control headers alone will not help you here. If the user is in session(logged-in) and if he uses back-browser button he can view the pages.


Basically I have to logout from the session and do not want to enter the previous page.



You got use session methods here. session.invalidate() will invalidate the current session of the client. If the user directly enter the URL to retricted resource in your application then your application logic should handle it. Like get the user name/password and store it in session as an attribute and verfify it in every restricted page.

Example:

Servlet code:
 
It will give me the powers of the gods. Not bad for a tiny ad:
Gift giving made easy with the permaculture playing cards
https://coderanch.com/t/777758/Gift-giving-easy-permaculture-playing
reply
    Bookmark Topic Watch Topic
  • New Topic