[TYPO3-english] FE logout and browser back button

Bernhard Kraft kraftb at kraftb.at
Tue Nov 3 20:58:22 CET 2009


Katja Lampela schrieb:

> I stumbled on this: a logged out FE visitor can press the back button of
> the browser and he gets the previous view even though the page is in the
> access restricted area and "no cache" type (or configured so).

Think about the following: If the user would have saved all pages to disk
he could still view them on the next day - without logging in.

Altough it could be possible you find some HTTP headers forcing the browser
to reload history pages, I guess most browsers implement the "Back" button
like you described.

I just had a look at facebook. There your described behaviour doesn't occur.
You should probably check what HTTP header such applications like facebook,
gmx, etc. are sending, and play around with those.


greets,
Bernhard


More information about the TYPO3-english mailing list