I usually solve (1) with a "Flow Synchronizer". Search this list, and see:
http://www.junlu.com/msg/85270.html
For (2) I think the only safe way is to close the window. Perhaps you can
ask the user to do this, and then do it via a timer in javascript anyway.
Using forms might force a refresh when using the back button depending on
the browser etc, but caching in FF etc means that's not always the case.
You can try all the javascript tricks to disable the back button, or play
with the history, but a malicious user can get around this, which is what
you're worried about right? Viewing sensitive data on previous pages.
Cheers,
Nick.
Mats Henricson wrote:
This may be elementary, but we have two cases where we don't want our users
to be
able to use the browsers back button:
1. After a submit of a form, when we've sent them to a new page saying
"Your
blah blah
blah has been submitted successfully". Allowing users to go back and
submitting
again, would be bad for us.
2. After a logout. We don't want our users to be able to use the back
button
to see the
last page, from which he clicked the "Log out" link. We know that going
somewhere
from that brought back page would lead the user to the login page, but
none the less,
it would be bad enough, especially if it is done from a public terminal.
Can both cases be solved in the same way? How do you normally solve
problems
like
this in Tapestry?
Mats
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
