I think I know what the guy is after and it's not browser dependant or impossible, but it's not pretty :).
Basically what you have to do is have a one time ID that changes during each request and then verify that the requests one time ID is correct. So the flow looks like this; 1) Create new One Time ID (I'll call it otid) 2) Store otid in the users session 3) Append otid as a parameter to the links to the actions you wish to protect. (user then clicks on link). 4) Verify otid from url parameter equals otid from session. 5) Go to step 1 This means that if the user clicks refresh or back they will request the action with an old one time id and thus the system can generate an error at step 4. As I said, it's not pretty. Al. -----Original Message----- From: Adam Ruggles [mailto:[EMAIL PROTECTED] Sent: 08 May 2007 06:38 To: Struts Users Mailing List Subject: Re: how to disable refresh button and back button I don't believe you can. jalal udeen wrote: > hi all > can any one explain me how to disable both back > button and refresh button thanks jalaludeen > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
