当前位置:theitroad>java 如何在 spring mvc 中处理浏览器后退按钮

java 如何在 spring mvc 中处理浏览器后退按钮

声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow 原文地址: http://stackoverflow.com/questions/26420941/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me): StackOverFlow

提示:将鼠标放在中文语句上可以显示对应的英文。显示中英文
时间:2020-11-02 09:54:24  来源:igfitidea点击:

How handle browser back button in spring mvc

javaspringsessionlogout

提问by Hadi J

When a user is logged on session information is stored. And session information is erased when the user is logged out . But when I hit the browser 's back button user information is displayed. Since session is gone but we can not be sure the user login operation is carried out. How do I resolve this issue ?

当用户登录时,会话信息被存储。当用户注销时,会话信息将被删除。但是当我点击浏览器的后退按钮时会显示用户信息。由于会话已消失,但我们无法确定用户登录操作是否已执行。我该如何解决这个问题?

  ----------------------------log out -------------------------------

   @RequestMapping(value="logout.htm",method = RequestMethod.GET)
   public void logOut(HttpSession session,HttpServletResponse                 
   response,HttpServletRequest request) throws IOException{
    final String refererUrl = request.getHeader("Referer");
    response.setHeader(refererUrl, "no-cache");
    response.setHeader("Cache-Control", "no-cache");
    response.setDateHeader("Expires", 0);
    session.removeAttribute("user");
    session.invalidate();
    response.sendRedirect("index.htm");
   }
    ---------------------------------- login ---------------
  @RequestMapping(value="/userLogin",method=RequestMethod.POST)

  public @ResponseBody JsonResponse
 login(@ModelAttribute(value="user") User user, BindingResult     result,HttpServletRequest request,HttpSession session,ModelMap model) throws    UnsupportedEncodingException{

    JsonResponse res = new JsonResponse();

    if(!result.hasErrors()&& userService.findUser(user, request)){
        res.setStatus("SUCCESS");
        session.setAttribute("user",
      new String(user.getUsername().getBytes("iso-  8859-1"), "UTF-8"));
      }
         else{
        res.setStatus("FAIL");
        result.rejectValue("username","1");
        res.setResult(result.getAllErrors());
       }
      return res;
   }
   --------------------------profile --------------------------------------

    @RequestMapping(value="myProfile.htm",method = RequestMethod.GET)
   public String showmyProfile(@ModelAttribute(value="addUser") User user,Model          model,HttpServletRequest request,
        HttpServletResponse response,
         HttpSession session) throws IOException{

        if(session.getAttribute("user")== null){
        response.sendRedirect("index");
    }

回答by Hadi J

i use this method. first create one class that implements Filter and override doFilter() method. code of doFilter() is:

我用这个方法。首先创建一个实现 Filter 并覆盖 doFilter() 方法的类。doFilter() 的代码是:

 @Override
 public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
HttpServletResponse hsr = (HttpServletResponse) res;
hsr.setHeader("Cache-Control", "no-cache, no-store, must-revalidate"); // HTTP 1.1.
hsr.setHeader("Pragma", "no-cache"); // HTTP 1.0.
hsr.setDateHeader("Expires", 0); // Proxies.
chain.doFilter(req, res);
 }

after use filter in web.xml. this filter is this.

在 web.xml 中使用过滤器后。这个过滤器是这样的。

  <filter>
    <filter-name>noCacheFilter</filter-name>
    <filter-class>com.example.NoCacheFilter</filter-class>
 </filter>
 <filter-mapping>
  <filter-name>noCacheFilter</filter-name>
  <url-pattern>/secured/*.jsp</url-pattern>// urls that not cached 
 </filter-mapping>

回答by Shahid Yousuf

Configure an interceptor inside Servlet Context as this:

在 Servlet 上下文中配置一个拦截器,如下所示:

<!--  configuration for handling browser back button  -->
<mvc:interceptors>
    <mvc:interceptor>
        <mvc:mapping path="/**/*"/>
        <beans:bean id="webContentInterceptor" class="org.springframework.web.servlet.mvc.WebContentInterceptor">
            <beans:property name="cacheSeconds" value="0"/>
            <beans:property name="useExpiresHeader" value="true"/>
            <beans:property name="useCacheControlHeader" value="true"/>
            <beans:property name="useCacheControlNoStore" value="true"/>
        </beans:bean>
    </mvc:interceptor>
</mvc:interceptors>

Note: Don't forget to remove your browser cache while testing your application.

注意:在测试应用程序时不要忘记删除浏览器缓存。

回答by Yasitha Bandara

In spring-security 4.0 this problem has solved by default.You do not need to write any additional codes,even in security XML configurations.

在 spring-security 4.0 中这个问题默认已经解决了。你不需要写任何额外的代码,即使是在安全 XML 配置中。

回答by Sridhar

response.setHeader(refererUrl, "no-cache");
response.setHeader("Cache-Control", "no-cache");
response.setDateHeader("Expires", 0);

The above code clears cache and expiring the session in the server side. But whether session is live or not, it should be verified or handled in your view (HTML or JSP). You can have the following meta tags in your view to say no-cache and no-store

上面的代码在服务器端清除缓存并使会话过期。但是无论会话是否实时,都应该在您的视图(HTML 或 JSP)中进行验证或处理。您可以在视图中使用以下元标记来表示 no-cache 和 no-store

<meta http-equiv="Cache-control" content="no-cache">

or

或者

<META HTTP-EQUIV="Cache-Control" CONTENT="No-Cache,Must-Revalidate,No-Store">

Please refer thisfor Browser Cache Control

请参阅浏览器缓存控制

相关推荐

java JavaFX 8 中的一般异常处理

java JavaFX 8 中的一般异常处理

java java程序输出偶数/奇数

java java程序输出偶数/奇数

java “字段列表”中的未知列 MySQLSyntaxErrorException

java “字段列表”中的未知列 MySQLSyntaxErrorException

java 如何使用 SpringApplicationConfiguration 或 ContextConfiguration 加载较小的应用程序部分

java 如何使用 SpringApplicationConfiguration 或 ContextConfiguration 加载较小的应用程序部分

相关推荐
最近更新
标签