Possible Duplicate:
Restrict user from accessing the previous page after signout
Am developing a JSP application in netbeans 6.5.1. I need to disable browser back button after login as well as log off. How is it possible?
Asked
Active
Viewed 3.6k times
0
Community
- 1
- 1
Javad Shareef
- 27
- 2
- 2
- 7
1 Answers
2
There's nothing you can do in JSP to directly influence that browser's back button. Your JSP markup/code is all evaluated server-side as part of generating the response that is set to the client.
That said, you can add the following JavaScript to the <head> section of the post-logoff page to accomplish roughly the desired effect:
<script>
history.forward();
</script>
Source: http://answers.google.com/answers/threadview/id/574062.html
More generally, however, there's nothing you can do to prevent a determined user from finding a previously visited URL in their history and pointing their browser to it after logging out. Instead your session-management code needs to be robust enough to know that it should not service a request for a stale URL if the user no longer holds a valid session.
Or, if what you're really trying to do is prevent the browser from displaying a cached version of a post-login page after a user has logged out, you can accomplish that (in most browsers) by setting an HTTP Cache-Control header with a value of no-cache on all of your post-login pages.
aroth
- 54,026
- 20
- 135
- 176
-
Thank you... Will try now and ping you back. – Javad Shareef May 10 '11 at 12:27