Re: [again] how to disable browser's back button after logout ?
Lixin, you have your needs reversed: you need those directives on every page that's secure. The pages your users see only when they log in should not be written to the browser's cache; the log out page is benign. -- Paul Lixin Chu [EMAIL PROTECTED] wrote: this may be posted before though i can not find any in the archive: how to make sure that browser's back button will bring back the previous page after log out ? Googled, and added these into our logout action, but still no effect: response.setHeader(Cache-Control, no-cache); response.setHeader(Cache-Control, no-store); response.setDateHeader(Expires, -1); response.setHeader(Pragma, no-cache); // http 1.0 any idea ? thanks in advance lx - Want to be your own boss? Learn how on Yahoo! Small Business.
Re: [again] how to disable browser's back button after logout ?
I see. thanks so much. was really confused. On 6/25/06, Paul Benedict [EMAIL PROTECTED] wrote: Lixin, you have your needs reversed: you need those directives on every page that's secure. The pages your users see only when they log in should not be written to the browser's cache; the log out page is benign. -- Paul Lixin Chu [EMAIL PROTECTED] wrote: this may be posted before though i can not find any in the archive: how to make sure that browser's back button will bring back the previous page after log out ? Googled, and added these into our logout action, but still no effect: response.setHeader(Cache-Control, no-cache); response.setHeader(Cache-Control, no-store); response.setDateHeader(Expires, -1); response.setHeader(Pragma, no-cache); // http 1.0 any idea ? thanks in advance lx - Want to be your own boss? Learn how on Yahoo! Small Business.
Re: [again] how to disable browser's back button after logout ?
is there a clearner way of doing this if I want to protect every page except the login/out ?
Re: [again] how to disable browser's back button after logout ?
On 6/25/06, Lixin Chu [EMAIL PROTECTED] wrote: is there a clearner way of doing this if I want to protect every page except the login/out ? What about the 'nocache' attribute of controller in struts-config.xml? I haven't used it, just had occasion to be reading the DTD the other day... :) http://struts.apache.org/dtds/struts-config/1_2/ (choose 'controller' at left, scroll up for docs.) -- Wendy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [again] how to disable browser's back button after logout ?
Wendy, is the link to the live dtd on the site? i think it should be a first-level item on the Struts site, or at least in Action 1. Looking at DTD's online is very valuable and something I need often. Wendy Smoak [EMAIL PROTECTED] wrote: On 6/25/06, Lixin Chu wrote: is there a clearner way of doing this if I want to protect every page except the login/out ? What about the 'nocache' attribute of in struts-config.xml? I haven't used it, just had occasion to be reading the DTD the other day... :) http://struts.apache.org/dtds/struts-config/1_2/ (choose 'controller' at left, scroll up for docs.) -- Wendy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - Yahoo! Sports Fantasy Football 06 - Go with the leader. Start your league today!
Re: [again] how to disable browser's back button after logout ?
You can also write yourself a Servlet Filter. You could say for all pages under /directoryofyourchoosing/*, add these elements. Lixin Chu [EMAIL PROTECTED] wrote: this may be posted before though i can not find any in the archive: how to make sure that browser's back button will bring back the previous page after log out ? Googled, and added these into our logout action, but still no effect: response.setHeader(Cache-Control, no-cache); response.setHeader(Cache-Control, no-store); response.setDateHeader(Expires, -1); response.setHeader(Pragma, no-cache); // http 1.0 any idea ? thanks in advance lx - Ring'em or ping'em. Make PC-to-phone calls as low as 1¢/min with Yahoo! Messenger with Voice.
Re: [again] how to disable browser's back button after logout ?
On 6/25/06, Paul Benedict [EMAIL PROTECTED] wrote: Wendy, is the link to the live dtd on the site? i think it should be a first-level item on the Struts site, or at least in Action 1. Looking at DTD's online is very valuable and something I need often. It's linked from Section 4.8 at the bottom. * http://struts.apache.org/struts-action/userGuide/building_controller.html Before we make the LiveDTD docs more visible, at least one other person needs to volunteer to maintain them. They are not part of the Maven 2 website build, LiveDTD is a Perl script that I run occasionally, then upload the results. Ask on dev@ if you need more info, the instructions are on the wiki: http://wiki.apache.org/struts/StrutsMaintenanceWebsite -- Wendy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [again] how to disable browser's back button after logout ?
If you can use javascript, just add following code to all your pages. Whenever anyone will click browser back on any page, that page itself will get reloaded rather than going back to the previous page. SCRIPT LANGUAGE=JavaScript !-- javascript:window.history.forward(1); //-- /SCRIPT -Original Message- From: Lixin Chu [mailto:[EMAIL PROTECTED] Sent: Monday, June 26, 2006 5:10 AM To: Struts Users Mailing List Subject: Re: [again] how to disable browser's back button after logout ? is there a clearner way of doing this if I want to protect every page except the login/out ? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [again] how to disable browser's back button after logout ?
yes, it works. thanks. this should be the simplest way of supporting this. On 6/26/06, Wendy Smoak [EMAIL PROTECTED] wrote: On 6/25/06, Lixin Chu [EMAIL PROTECTED] wrote: is there a clearner way of doing this if I want to protect every page except the login/out ? What about the 'nocache' attribute of controller in struts-config.xml? I haven't used it, just had occasion to be reading the DTD the other day... :) http://struts.apache.org/dtds/struts-config/1_2/ (choose 'controller' at left, scroll up for docs.) -- Wendy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[again] how to disable browser's back button after logout ?
this may be posted before though i can not find any in the archive: how to make sure that browser's back button will bring back the previous page after log out ? Googled, and added these into our logout action, but still no effect: response.setHeader(Cache-Control, no-cache); response.setHeader(Cache-Control, no-store); response.setDateHeader(Expires, -1); response.setHeader(Pragma, no-cache); // http 1.0 any idea ? thanks in advance lx