0

I have written a web application which uses cookies to maintain state and python CGI scripts in server side. Now after pressing the log out button, user is redirected to a new page but when a back button is pressed again it again takes back and shows him Login. Is there a way through HTML5 history API using onpopstate event to prevent this or something else could be better ?

Vipul
  • 566
  • 5
  • 29
  • How is the user logged? Do you set some cookie? Do you bring along a GET variable? Do you use server side sessions? Post some code and be more specific, if you want help. We cannot read minds. – A. Rama Jan 14 '15 at 08:34
  • I have used cookies for state managment – Vipul Jan 14 '15 at 08:37
  • Then clear the cookie just before the page redirect or in the very first few lines of the new redirected page (unsafer). That should be enough. If you're really worried about foul play, use a one-time-only kind of code in your cookie. – A. Rama Jan 14 '15 at 08:40
  • And show us some code in a *working* jsFiddle. – A. Rama Jan 14 '15 at 08:42

2 Answers2

2

It happens because your browser cached the page on the client.

The solution is to prevent the caching of that page(s), by forcing the browser to request a new page even when pressing Back button, instead of reading the saved one.

Read This and this

Update :

1)You can use some authentication token which you have to get from server side and you need to validate it in each pageload event happens.So simply you can save this token in any of the browser storage spaces, and clear it once the user been log out if the token is not available then redirect the user to login page

2) Or simply create a cookie variable when user login and clear it when logout and check this cookie is available in each page load event.

Arunprasanth K V
  • 20,733
  • 8
  • 41
  • 71
1

On your logout function Clear all cookies like 

function deleteAllCookies() {
    var cookies = document.cookie.split(";");

    for (var i = 0; i < cookies.length; i++) {
        var cookie = cookies[i];
        var eqPos = cookie.indexOf("=");
        var name = eqPos > -1 ? cookie.substr(0, eqPos) : cookie;
        document.cookie = name + "=;expires=Thu, 01 Jan 1970 00:00:00 GMT";
    }
}
sagar43
  • 3,341
  • 3
  • 29
  • 49