• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Ron McLeod
  • Tim Cooke
  • Junilu Lacar
Sheriffs:
  • Rob Spoor
  • Devaka Cooray
  • Jeanne Boyarsky
Saloon Keepers:
  • Jesse Silverman
  • Stephan van Hulst
  • Tim Moores
  • Carey Brown
  • Tim Holloway
Bartenders:
  • Jj Roberts
  • Al Hobbs
  • Piet Souris

How to handle back button caching

 
Greenhorn
Posts: 29
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi All,

I have earlier posted the topic regarding the session handling. But, right now I am facing the major issue with the back button handling or we can say Caching. I am using the below mentioned code:

response.setHeader("Cache-Control","no-store"); //HTTP 1.1
response.setHeader("Cache-Control","no-cache"); //HTTP 1.1
response.setHeader("Pragma\"","no-cache"); //HTTP 1.0
response.setDateHeader ("Expires", 0); //prevents caching at the proxy server
JSPsession.invalidate();

And then I am forwarding to next JSP. But on pressing the back button I am still getting the older page. PLease guide me how to handle this situation.

Basically I have to logout from the session and do not want to enter the previous page.

Thanks and Regards,
Abhinav Singhal
 
Ranch Hand
Posts: 1026
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator


And then I am forwarding to next JSP. But on pressing the back button I am still getting the older page. PLease guide me how to handle this situation.



Cache-Control headers alone will not help you here. If the user is in session(logged-in) and if he uses back-browser button he can view the pages.


Basically I have to logout from the session and do not want to enter the previous page.



You got use session methods here. session.invalidate() will invalidate the current session of the client. If the user directly enter the URL to retricted resource in your application then your application logic should handle it. Like get the user name/password and store it in session as an attribute and verfify it in every restricted page.

Example:

Servlet code:
 
You showed up just in time for the waffles! And this tiny ad:
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop
https://coderanch.com/wiki/718759/books/Building-World-Backyard-Paul-Wheaton
reply
    Bookmark Topic Watch Topic
  • New Topic