如何在JSP注销后禁用浏览器后退按钮？ [英] How to disable browser back button after logout in JSP?

问题描述

可能重复：

限制用户在退出后访问上一页

在netbeans 6.5.1中开发JSP应用程序。我需要在登录后禁用浏览器后退按钮并注销。怎么可能？

Am developing a JSP application in netbeans 6.5.1. I need to disable browser back button after login as well as log off. How is it possible?

推荐答案

你无法在JSP中直接影响浏览器的后退按钮。您的JSP标记/代码全部在服务器端进行评估，作为生成设置给客户端的响应的一部分。

There's nothing you can do in JSP to directly influence that browser's back button. Your JSP markup/code is all evaluated server-side as part of generating the response that is set to the client.

也就是说，您可以将以下JavaScript添加到注销后页面的< head> 部分可以大致达到预期的效果：

That said, you can add the following JavaScript to the <head> section of the post-logoff page to accomplish roughly the desired effect:

<script>
    history.forward();
</script>

来源： http://answers.google.com/answers/threadview/id/574062.html

但是，更一般地说，您无法阻止确定的用户在其历史记录中查找以前访问过的URL并在注销后将其浏览器指向它。相反，您的会话管理代码需要足够强大，以便知道如果用户不再拥有有效会话，它不应该为过时URL提供服务。

More generally, however, there's nothing you can do to prevent a determined user from finding a previously visited URL in their history and pointing their browser to it after logging out. Instead your session-management code needs to be robust enough to know that it should not service a request for a stale URL if the user no longer holds a valid session.

或者，如果你真正想做的是阻止浏览器在用户注销后显示登录后页面的缓存版本，你可以通过设置值为<$ c的HTTP Cache-Control 标头来实现（在大多数浏览器中）所有登录后页面上的$ c> no-cache 。

Or, if what you're really trying to do is prevent the browser from displaying a cached version of a post-login page after a user has logged out, you can accomplish that (in most browsers) by setting an HTTP Cache-Control header with a value of no-cache on all of your post-login pages.

这篇关于如何在JSP注销后禁用浏览器后退按钮？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！