What are your browser caching settings? When you hit back, are you sure the user is logged in again, or are you just viewing a cached page?
~Brad -----Original Message----- From: Christophe Maso [mailto:[EMAIL PROTECTED] Sent: Monday, June 12, 2006 5:40 PM To: CF-Talk Subject: secure logout Thought this was a simple process - I have a website where, after the user logs out, clicking the back button on the browser should take the browser back to the login page. Instead, it's taking the browser back to the previous page, with previous user logged in. On the logout page, I clear the session structure and force cookie.cfid and cookie.cftoken to expire. Looking at the debugging, I see all of that is happening as it should, yet clicking the back button still seems to restore the previous browser state. Good thing I'm not running a banking website. Am I missing something? Thanks, Christophe ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:243267 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
