| Prevent users using the back button. |
[eluser]nEJC[/eluser]
These users are back and are actually not back. Most browsers will not request previous page but will rather redraw it from cache. This means that the previous page is displayed correct, but users authorization is still invalidated - they shouldn't be able to do anything (if you do proper checks on every controller authorized users use). You could do some hacking with JavaScript (see http://www.boutell.com/newfaq/creating/backbutton.html) but disabling JS would again break your hack. The best thing to do is actually (as I already mentioned) to check if user is still authenticated on every sensitive controller access ... this way you don't need to worry about back button. |
| Messages In This Thread |
|
Prevent users using the back button. - by El Forum - 09-03-2009, 04:24 AM
Prevent users using the back button. - by El Forum - 09-03-2009, 05:37 AM
Prevent users using the back button. - by El Forum - 09-03-2009, 06:40 AM
Prevent users using the back button. - by El Forum - 09-03-2009, 07:05 AM
Prevent users using the back button. - by El Forum - 09-03-2009, 07:21 AM
Prevent users using the back button. - by El Forum - 09-03-2009, 07:38 AM
|
