On Thu, Aug 11, 2016 at 9:44 PM, Abhijeet Singh <[email protected]> wrote:
> It still does not work. Still "Back" button takes it to last session page > > On Monday, December 17, 2012 at 7:37:49 PM UTC+5:30, Ashish Sable wrote: >> >> yup... Got the solution just the bower cache needs to be cleared. >> >> from django.views.decorators.cache import cache_control >> >> @cache_control(no_cache=True, must_revalidate=True, no_store=True) >> def view(): >> >> After logout it will render to login page. >> >> On Monday, 17 December 2012 18:39:25 UTC+5:30, ke1g wrote: >>> >>> >>> >>> On Mon, Dec 17, 2012 at 5:14 AM, Ashish Sable <[email protected]> >>> wrote: >>> >>>> >>>> I have written simple registration(login,logout) Django apps. >>>> when i click on logout and then back button from browser >>>> it shows me previous page. it should redirect me to login page. please >>>> help >>>> >>>> >>> That's not typical behavior for a logout view for this exact reason. Normally a log out button will submit data to a server, and then the server will issue a redirect back to the main login page (rather than just rendering the page directly). Doing a redirect will, in almost all cases, cause the browser to bring up a dialog asking if the previous pages form data should be resubmitted. In most cases this is enough to keep users from accidentally hitting the back button with no permanent damage. However, keep in mind that like the previous poster mentioned, the local browser cache likely still contains copies (at least in part) of the previous pages that were visited, so it may be possible to extract the information from there. Not much that anyone can do about it, and is outside the control of Django. Are you using the included login/logout views provided by Django in contrib.auth? They implement the correct behavior that prevents the back button from working by default. Your views should also be implementing a check similar to the @login_required decorator, which should redirect the user back to the login page if they do not have a valid session. -James -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CA%2Be%2BciX-stmskvN%3DwqpfAe_YaFsdn7MEQwq1KrELkCB6Cnkz9g%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
