[TYPO3-english] FE logout and browser back button

Katja Lampela katja.lampela at lieska.net
Tue Nov 3 08:49:27 CET 2009


I stumbled on this: a logged out FE visitor can press the back button of 
the browser and he gets the previous view even though the page is in the 
access restricted area and "no cache" type (or configured so).

I tried all kinds of combinations of these (0 or 1) in the root template 

config.sendCacheHeaders = 1
config.sendCacheHeaders_onlyWhenLoginDeniedInBranch = 1
config.no_cache = 1
config.cache_period = 1 //the default cache expires time, this is 1 second

..I'm pretty much shooting in the dark here as one can suspect, but 
these didn't have any desired effect.

Adding this in the page header, helped in some browsers, but not all:

<META HTTP-EQUIV="Pragma" CONTENT="no-cache"><META HTTP-EQUIV="Expires" 

So, what is your method in access restricted pages to prevent the 
browser's back button to show the previous page that was in the 
restricted area? Maybe force the browser close all together..?

With kind regards

Katja Lampela

More information about the TYPO3-english mailing list