如果会话失效,请禁用浏览器后退按钮 [英] Disable browsers back button if the session is invalidated
问题描述
我正在研究JSP。我知道有很多关于这个话题的帖子,但没有任何对我有用。我有一个导致欢迎页面的登录页面。当用户点击注销并被重定向到登录页面时,会话失效。但是,如果用户点击浏览器返回按钮,他将再次进入欢迎页面,但如果他按下任何其他按钮或刷新页面,他将被带到登录页面,因为会话已过期。但是我不想让用户在退出后单击浏览器后退按钮即可访问欢迎页面。我尝试使用以下内容:
< meta http-equiv =Cache-Controlcontent =no-cache,no -store,must-revalidate/>
< meta http-equiv =Pragmacontent =no-cache/>
< meta http-equiv =Expirescontent = - 1/>
但它不起作用。
我尝试使用:
window.history.forward(1);
工作正常,但会导致另一个问题。如果用户登录并被带到欢迎页面。然后用户按下一个按钮,让我们说显示用户详细信息,然后用户进入显示用户详细信息页面。现在如果用户点击后退按钮返回到欢迎页面。由于欢迎页面上的 window.history.forward(1),他停留在相同的显示用户详细信息页面上。
我希望用户应该能够在会话有效时使用浏览器后退按钮。如果会话无效,他不应该能够使用浏览器后退按钮。
这是完美的。我使用以下来清除缓存。并且我在logout.jsp中使会话无效,单击它时会检查某个令牌属性(在用户登录时设置),如果找不到它,它会重定向到登录页面。
<%
response.setHeader(Cache-Control,no-cache );
response.setHeader(Cache-Control,no-store);
response.setHeader(Pragma,no-cache);
response.setDateHeader(Expires,0);
if(session.getAttribute(token)== null){
response.sendRedirect(request.getContextPath()+/LogOut.jsp);
}
%>
感谢您的建议。我一定会把它付诸行动。每一个帮助和建议表示赞赏。
I'm working on JSP. I know there are many posts regarding this topic but nothing is working for me. I have a login page which leads to a welcome page. The session is invalidated when the user clicks on logout and is then redirected to the login page. But if the user clicks the browsers back button he is again taken to the welcome page, although if he presses any other button or refreshes the page he will be taken to the login page because the session has expired. But I don't want the user to be able to access the welcome page by clicking the browsers back button once he's logged out. I tried using the following:
<meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate" />
<meta http-equiv="Pragma" content="no-cache" />
<meta http-equiv="Expires" content="-1" />
but it's not working.
I tried using:
window.history.forward(1);
it works fine, but it leads to another problem. If the user logs in and is taken to the welcome page. then the user presses a button let's say "show user details" and the user is taken to the "show user details" page. now if the user clicks the back button to go back to the welcome page. He stays on the same "show user details" page, because of the window.history.forward(1) on the welcome page.
I want that the user should be able to use the browsers back button if the session is valid. If the session is invalid he should not be able to use the browsers back button.
This is working perfectly. i used the following to clear the cache. and i'm invalidating the session in logout.jsp, when clicked, it checks for some token attribute (which is set when the user logs in), and if it doesn't find it, it redirects to the login page.
<%
response.setHeader("Cache-Control","no-cache");
response.setHeader("Cache-Control","no-store");
response.setHeader("Pragma","no-cache");
response.setDateHeader ("Expires", 0);
if(session.getAttribute("token")==null){
response.sendRedirect(request.getContextPath() + "/LogOut.jsp");
}
%>
thanks for the suggestion though. I will certainly put it into action. every help and suggestion is appreciated.
这篇关于如果会话失效,请禁用浏览器后退按钮的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
