1

Everybody,

I am writing an web application in JSP, I am newbie in JSP and java, can anyone tell me how to get rid of browser cache.

I'll give you a brief description of my problem... Users logged in from the login page are taken to home page, session is set. When they click Logout from home page they are internally taken to logout page, there session are destroyed and user is redirected to login page.

Now the problem is when they click the back button of the browser, the previous visited pages are again shown, although if I fire the home page or other visited pages which requires login in browser, after logout are redirecting to login page, that is fine, my only problem is back button.

The code snippets which I've tried are below:

    <script type="text/javascript">
    function noBack() { window.history.forward(); }
    noBack();
    window.onload = noBack;
    window.onpageshow = function (evt) { if (evt.persisted) noBack(); }
    window.onunload = function () { void (0); }
    </script>

<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="pragma" content="no-cache">

    <%  
      response.setHeader("Cache-Control", "no-cache");  
      response.setHeader("Pragma", "no-cache");  
      response.setDateHeader("max-age", 0);  
      response.setDateHeader("Expires", 0);  
    %>

Please, can anyone help me???? :( :(

blackwolf
  • 927
  • 2
  • 11
  • 23
Rahul
  • 364
  • 3
  • 8
  • 21
  • possible duplicate of [Unable to disable jsp cache](http://stackoverflow.com/questions/6396928/unable-to-disable-jsp-cache) – blackwolf Feb 20 '14 at 10:01

2 Answers2

0

I encountered this too, but it turns out that the back button is different by design. People cite the HTTP 1.1 standard and the top 10 web design mistakes to explain that having Back show you the exact page you loaded, unexpired, is important even though it screws up logout functions. Just do like banks do and warn the user to close the window if it's important.

Noumenon
  • 5,099
  • 4
  • 53
  • 73
0

Use this:

<%
    response.setHeader( "Cache-Control", "no-store, no-cache, must-revalidate");  //HTTP 1.1
    response.setHeader("Pragma","no-cache"); //HTTP 1.0
    response.setDateHeader ("Expires", -1); //prevents caching at the proxy server
%>

This is telling the browser not to cache the pages. You have to include this code in every page that doesn't have to be cached.

However read this page. There's a complete answer.

Community
  • 1
  • 1
blackwolf
  • 927
  • 2
  • 11
  • 23