防止用户返回并查看以前提交的表单Rails [英] Prevent user going back and viewing previously submitted form Rails
问题描述
我有付款页面,当用户提交时,它会捕获付款并指向一个感谢页面。问题是,当用户点击后,浏览器将他们带回到以前提交的付款表单和所有页面。
如何防止用户访问上一页?
谢谢
@James,把这个方法在您的应用程序控制器中,并在before_action回调上调用此方法,例如 -
before_action:set_cache_buster
$ b $然后在受保护的方法中定义动作,如 - >
受保护的
def set_cache_buster
response.headers [Cache-Control] =no-cache,no-store,max-age = 0,must-revalidate
response.headers [Pragma] =no-缓存
response.headers [Expires] =#{1.year.ago}
end
为了实现这一点,我们只需要使用适当的HTTP头来禁用浏览器缓存。这是秘密:
缓存控制:no-cache,max-age = 0,必须重新验证,无需存储
单独采取这些缓存控制属性中的每一个似乎都会阻止缓存。实际上,在大多数浏览器中,无缓存和无存储通常是可以互换的。但是,特别是对于后退按钮缓存,如果未指定存储区,Firefox将只会禁用此缓存。为了安全起见并保证跨浏览器兼容性,您应该使用所有四个属性。
更多信息请参阅链接 - Pragma和Cache-control标题之间的区别?
希望您喜欢。
特定页面 - >
1)仅在特定页面上添加回调选项,如 - >
before_action:set_cache_buster,only:[:your_action_name]
I have a payment page and when the user submits, it captures the payment and directs to a thank you page. The problem is that when the user clicks back, the browser takes them back to the previously submitted page with the payment form and all.
How can i prevent the user from accessing the previous page?
Thanks
@James, put this method in your application controller and call this method on before_action callback like -
before_action :set_cache_buster
and then define the action in protected method like ->
protected
def set_cache_buster
response.headers["Cache-Control"] = "no-cache, no-store, max-age=0, must-revalidate"
response.headers["Pragma"] = "no-cache"
response.headers["Expires"] = "#{1.year.ago}"
end
To accomplish this we just need to disable browser caching using appropriate HTTP headers. Here’s the secret:
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Taken individually, each of these Cache-Control attributes would seem to prevent caching. In practice, no-cache and no-store are usually interchangeable in most browsers. However for the back button cache specifically, Firefox will only disable this cache if no-store is specified. To play it safe and guarantee cross-browser compatibility, you should use all four attributes.
For more info see the link - Difference between Pragma and Cache-control headers?
Hope you enjoy this.
For specific page ->
1) Add that callback on specific page with only option like ->
before_action :set_cache_buster, only: [:your_action_name]
这篇关于防止用户返回并查看以前提交的表单Rails的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
