FYI, Michael Jouravlev has spoken quite a bit about "controlling" the browser history via the PRG pattern:
http://www.theserverside.com/tt/articles/article.tss?l=RedirectAfterPost Another alternative is to use AJAX techniques. AJAX requests do not get stored in the browser's history, hence the back button doesn't have the usual effect... many people see this as a problem however, as in general, anything that makes the back button not simply go back to the last request Bart is very much correct in any case. If your system has to be secure and robust, don't trust client-side scripting to do something like this. It's way too susceptible to tomfoolery (wow, that may very well be the first time I've ever used that phrase!) Frank -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com AIM/Yahoo: fzammetti MSN: [EMAIL PROTECTED] Author of "Practical Ajax Projects With Java Technology" (2006, Apress, ISBN 1-59059-695-1) Java Web Parts - http://javawebparts.sourceforge.net Supplying the wheel, so you don't have to reinvent it! On Wed, August 2, 2006 10:52 am, Bart Busschots wrote: > I wouldn't rely on the client side for this. With FireFox and a few > extensions you can have your wicked way on the client side and send > anything you want to the server. Hence it's up to the server to look > after security not the client. If you rely on the client alone your > system will be very vulnerable to attack. > > The way I would do it would be to have a variable in session scope to > store whether or not page two is available and then wrap all the code in > page3.jsp inside a logic:if tag that will only display it if the > variable in session says it's OK. > > Hope that's some help. > > Bart. > > Raghuveer wrote: >> I am able restrict the user going back to previous page from current >> page by >> browser "BACK" button. >> >> <script language="javascript"> >> window.history.forward(1); >> </script> >> >> How to restrict the user going to previous page by removing the Previous >> page accessed by user from BROWSER HISTORY(Cntrl+H in IE). >> I am using Struts Tiles Web application i have few modules to navigate >> from >> home page after login. >> >> >> HOME PAGE >> - Module 1 >> - Module 2 >> - Module 3 >> >> In my Module 1 i have >> page1.d0 >> page2.do >> page3.do. >> >> >> Page3.do will load page3.jsp. >> This Jsp page can be viewed by User only if he comes from >> Home->page1.do >> page1.do->page2.do >> page2.do->page3.do >> page3.do->Home page >> >> User After Submit Form in page3 he will navigate to HOME page with >> message >> records saved succefully. >> >> My Requirment is he cannot go to page 3 from browser BACK Button or from >> Browser History. >> >> So, >> page 3.do is accessed only if user navigates all before 2 pages. >> What ever i write code for this issue can be written only in Page3.jsp, >> >> Any Suggestions on this. >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
