one of the banking application site which i tested today
when user get logged off from and try to hit the back button he will be
shown a different page
instead the one in the cache
so i am also loking in to this aspect.
On 1/22/09, shekher awasthi <shekher.awas...@gmail.com> wrote:
>
> using javascript is not a sure short solution
> as i tested it throughly and javascript behaviour is not consistent
> throught
>
> regarding setting header i did this i developed a custom interceptor which
> is doing this
>
> but again its not worked as expected.
> i am still clueless how online banking application doing this trick
>
> i am still on R&D mode for this if find anything will share it
>
>
> On 1/22/09, Paweł Wielgus <poulw...@gmail.com> wrote:
>>
>> Hi Ehtesham,
>> it was said before on this thread that user can simply turn of
>> javascript whenever he wants,
>> thats why i was looking for more server controlled solution. But thank
>> You for pointing it out, You made me to add it to my blog post.
>>
>> Best greetings,
>> Paweł Wielgus.
>>
>> 2009/1/22 Ehteshamul Haque <ehsho...@yahoo.com>:
>> >
>> >
>> >
>> > Hi,
>> >
>> > I am not that much expert I I used the following javascript code before
>> in each page and it workded fine.
>> >
>> >
>> > <script language="JavaScript">
>> > var x=window.history.length;
>> > if (window.history[x]!=window.location)
>> > {
>> > window.history.forward();
>> > }
>> > </script>
>> >
>> > If it work for you I will be very happy.
>> >
>> > Thank you.
>> >
>> > -Ehtesham
>> >
>> >
>> > --- On Thu, 1/22/09, Paweł Wielgus <poulw...@gmail.com> wrote:
>> >
>> > From: Paweł Wielgus <poulw...@gmail.com>
>> > Subject: Re: Handling Browser Back/Forward Button in Struts2
>> > To: "Struts Users Mailing List" <user@struts.apache.org>
>> > Date: Thursday, January 22, 2009, 12:34 AM
>> >
>> > Hi Shekher,
>> > it was very interesting subject, so i dig a little more.
>> > Here [1] is what i found, with some tests.
>> > Basicly it turns out that You should add headers in page and to
>> response.
>> >
>> > [1] -
>> http://poulwiel.blogspot.com/2009/01/browser-back-button-and-caching-problem.html
>> >
>> > Best greetings,
>> > Paweł Wielgus.
>> >
>> > 2009/1/21 shekher awasthi <shekher.awas...@gmail.com>:
>> >> Is it possible that either i should only put these header in the logout
>> >> action
>> >>
>> >> where i am removing the session and den redirecting the user to index
>> page
>> >> something like this
>> >>
>> >> HttpServletResponse response=null;
>> >> response=ServletActionContext.getResponse();
>> >>
>> >> response.setHeader("Pragma", "no-cache");
>> >> response.setHeader("Cache-Control", "no-cache");
>> >> response.setHeader("Expires", "0");
>> >>
>> >> or can we create a interceptor which can do this for all the request
>> wheer
>> >> we want this feature??
>> >>
>> >> 2009/1/21 shekher awasthi <shekher.awas...@gmail.com>
>> >>
>> >>> i tried using setting the eader values but they are not working as
>> expected
>> >>> i can even
>> >>>
>> >>> go and move back using broswer back button.
>> >>>
>> >>> if i will find anything helpfull will share with you
>> >>> till then hard luck
>> >>> :)
>> >>>
>> >>> 2009/1/21 Paweł Wielgus <poulw...@gmail.com>
>> >>>
>> >>> Hi Shekher,
>> >>>> what i meant is that it can be done from server side.
>> >>>> Check for example Your e-banking application, i did it on mine :-).
>> >>>> There, when You press back button browser won't serve You cached page
>> >>>> but ask server for fresh one - this is controlled with content-cache
>> >>>> and pragma, but i can't be more helpfull to You here because i
>> haven't
>> >>>> done it before.
>> >>>>
>> >>>> Best greetings,
>> >>>> Paweł Wielgus.
>> >>>>
>> >>>>
>> >>>> 2009/1/21 shekher awasthi <shekher.awas...@gmail.com>:
>> >>>> > Hi Paweł,
>> >>>> >
>> >>>> > thats true it only send request to server if i will refresh the
>> page
>> >>>> and
>> >>>> > for that i have already custom interceptor places which is checking
>> the
>> >>>> user
>> >>>> > object in session in order to confirm that the request is from
>> >>>> authorized
>> >>>> > user
>> >>>> >
>> >>>> > but when i make use of back button it serve the page from the local
>> >>>> > chache,so the problem is related to client side more than that of
>> server
>> >>>> > handling
>> >>>> >
>> >>>> > still trying to find a firm solution for it
>> >>>> >
>> >>>> > 2009/1/20 Paweł Wielgus <poulw...@gmail.com>
>> >>>> >
>> >>>> >> Hi Shekher,
>> >>>> >> first try this scenario:
>> >>>> >> 1. logout user
>> >>>> >> 2. back button - check for logs if action was fired
>> >>>> >> 3. refresh page - check for logs if action was fired
>> >>>> >> Most likely only the 3. will fire action because browser will
>> serve
>> >>>> >> cached version of that page.
>> >>>> >> I was about to write that to deal with it You can use https
>> scheme,
>> >>>> >> but i just got it checked and it's not true. So maybe using pragma
>> and
>> >>>> >> or cache-control will do?
>> >>>> >>
>> >>>> >> Still user can disable javascript so solution with script might
>> not
>> >>>> work.
>> >>>> >> If You find out anything more please let us know.
>> >>>> >>
>> >>>> >> Best greetings,
>> >>>> >> Paweł Wielgus.
>> >>>> >>
>> >>>> >>
>> >>>> >> 2009/1/20 Robert Graf-Waczenski <r...@lsoft.com>:
>> >>>> >> > You don't write if the browser back button is supposed to be
>> >>>> functional
>> >>>> >> in
>> >>>> >> > your application (in many cases it is not, but YMMV).
>> >>>> >> >
>> >>>> >> > If you want to disable the browser back button, use the code
>> below in
>> >>>> all
>> >>>> >> > your pages:
>> >>>> >> >
>> >>>> >> > <script type="text/javascript">
>> >>>> >> > history.forward();
>> >>>> >> > </script>
>> >>>> >> >
>> >>>> >> > I'm not aware of any feature in Struts2 that deals with the
>> browser
>> >>>> back
>> >>>> >> > button.
>> >>>> >> >
>> >>>> >> > Robert
>> >>>> >> >
>> >>>> >> >
>> >>>> >> > shekher awasthi wrote:
>> >>>> >> >>
>> >>>> >> >> Hi All,
>> >>>> >> >>
>> >>>> >> >> in the process of developing application using struts 2.0.11, i
>> came
>> >>>> >> >> across
>> >>>> >> >> the problem of handling browser back/forward button.
>> >>>> >> >>
>> >>>> >> >> This problem is occurring when we will logout the user.On
>> Clicking
>> >>>> the
>> >>>> >> >> logout button we are currently removing the user from the
>> session
>> >>>> >> >>
>> >>>> >> >> and it worked fine for us. After the successful logout process
>> user
>> >>>> will
>> >>>> >> >> be
>> >>>> >> >> redirected to the index page(which have the login field),
>> >>>> >> >>
>> >>>> >> >> but when user hits the browser back button he is getting
>> himself
>> >>>> there
>> >>>> >> in
>> >>>> >> >> the secure page even we have remove the user object from the
>> session
>> >>>> >> >>
>> >>>> >> >> below is the code we are using for removing the user
>> >>>> >> >>
>> >>>> >> >> session.remove(BSConstant.USER);
>> >>>> >> >>
>> >>>> >> >> i am clueless where we are doing wrong , as we think we are
>> having
>> >>>> two
>> >>>> >> >> points
>> >>>> >> >>
>> >>>> >> >> 1) Either the user is not getting removed from the session,but
>> the
>> >>>> >> chances
>> >>>> >> >> are very less as for all other call after logout it is forcing
>> the
>> >>>> user
>> >>>> >> to
>> >>>> >> >> login first.
>> >>>> >> >>
>> >>>> >> >> 2) Back button handling is not there
>> >>>> >> >>
>> >>>> >> >> my question is, Is there any way in struts2 to handle browser
>> >>>> >> back/forward
>> >>>> >> >> button or do i need to use some other technique like
>> >>>> >> >>
>> >>>> >> >> setting response header
>> >>>> >> >>
>> >>>> >> >> any suggestion in this regard will be much appreciated.
>> >>>> >> >>
>> >>>> >> >> -s
>> >>>> >> >>
>> >>>> >> >>
>> >>>> >> >
>> >>>> >> >
>> >>>> >> >
>> ---------------------------------------------------------------------
>> >>>> >> > To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
>> >>>> >> > For additional commands, e-mail: user-h...@struts.apache.org
>> >>>> >> >
>> >>>> >> >
>> >>>> >>
>> >>>> >>
>> ---------------------------------------------------------------------
>> >>>> >> To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
>> >>>> >> For additional commands, e-mail: user-h...@struts.apache.org
>> >>>> >>
>> >>>> >>
>> >>>> >
>> >>>>
>> >>>> ---------------------------------------------------------------------
>> >>>> To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
>> >>>> For additional commands, e-mail: user-h...@struts.apache.org
>> >>>>
>> >>>>
>> >>>
>> >>
>> >
>> > ---------------------------------------------------------------------
>> > To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
>> > For additional commands, e-mail: user-h...@struts.apache.org
>> >
>> >
>> >
>> >
>> >
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
>> For additional commands, e-mail: user-h...@struts.apache.org
>>
>>
>
