struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Paul Benedict <>
Subject Re: [again] how to disable browser's back button after logout ?
Date Sun, 25 Jun 2006 11:58:37 GMT
Lixin, you have your needs reversed: you need those directives on every page that's secure.
The pages your users see only when they log in should not be written to the browser's cache;
the log out page is benign. -- Paul

Lixin Chu <> wrote: this may be posted before though i can not find
any in the archive:

 how to make sure that browser's back button will bring back the previous
page after log out ?

Googled, and added these into our logout action, but still no effect:

        response.setHeader("Cache-Control", "no-cache");
        response.setHeader("Cache-Control", "no-store");
        response.setDateHeader("Expires", -1);
        response.setHeader("Pragma", "no-cache"); // http 1.0

any idea ?

thanks in advance

Want to be your own boss? Learn how on  Yahoo! Small Business. 
  • Unnamed multipart/alternative (inline, 8-Bit, 0 bytes)
View raw message