如何使浏览器会话失效
如何使浏览器会话无效。我正在使用JSP。 在 web.xml 中,session-timeout 设置为 180 秒,我只希望这样。但问题是在某些特殊场合,某些用户的浏览器会话需要在表单提交后立即失效。
我已经使用 session.invalidate(); 来使会话无效,并且还使用了
response.setHeader("Cache-Control", "no-cache");
response.setHeader("Pragma", "no-cache");
response.setDateHeader("Expires", 0);
但是,当我单击后退按钮时,它仍然会将我带到同一个用户会话。这是从浏览器缓存加载吗?
这就是我的 JSP 中的内容:
<head>
<script type="text/javascript">
function submitForm(){window.document.submitFrm.submit();}
</script>
</head>
<body onload="submitForm()">
<%String output = (String)(request.getAttribute("strOut"));
String hookUrl = (String)(request.getAttribute("hookUrl"));
System.out.println("hookUrl in cwsGroup.jsp : "+hookUrl);%>
<form method="post" action="<%=hookUrl%>" name="submitFrm" id="submitFrm">
<input type="hidden" name="cxml-urlencoded" value='<%=output%>' />
</form>
<%
response.setHeader("Cache-Control","no-cache");
response.setHeader("Pragma","no-cache");
response.setDateHeader( "Expires", 0 );
session.removeValue("domineName");
session.invalidate();%>
</body>
我错过了什么吗?
How can I invalidate Browser Session. I am using JSP's.
In web.xml the session-timeout is been set to 180 seconds and I want it like that only. But the problem is on some special occasion for some user's browser session need to be invalidated immediately right after a form submit.
I have used session.invalidate(); to invalidate session and also used
response.setHeader("Cache-Control", "no-cache");
response.setHeader("Pragma", "no-cache");
response.setDateHeader("Expires", 0);
But, still when I click the back button it will take me to the same users session. Is this loading from browser cache?
This is what i have in my JSP :
<head>
<script type="text/javascript">
function submitForm(){window.document.submitFrm.submit();}
</script>
</head>
<body onload="submitForm()">
<%String output = (String)(request.getAttribute("strOut"));
String hookUrl = (String)(request.getAttribute("hookUrl"));
System.out.println("hookUrl in cwsGroup.jsp : "+hookUrl);%>
<form method="post" action="<%=hookUrl%>" name="submitFrm" id="submitFrm">
<input type="hidden" name="cxml-urlencoded" value='<%=output%>' />
</form>
<%
response.setHeader("Cache-Control","no-cache");
response.setHeader("Pragma","no-cache");
response.setDateHeader( "Expires", 0 );
session.removeValue("domineName");
session.invalidate();%>
</body>
Am I missing something?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
这些标题不完整。这仅适用于 Internet Explorer,但在其他浏览器中会失败。完整的设置是
,您还需要在前面 JSP 页面中设置它们。在 JSP 内调用此方法只会禁用当前 JSP 页面的缓存。您需要将其复制粘贴到所有 JSP 页面上(颤抖)。或者更好的是,使用映射到
*.jsp上的Filter。有关示例,请参阅此答案。Those headers are incomplete. This would only work in Internet Explorer, but would fail in others. The complete set is
And you also need to set them in the previous JSP pages as well. Calling this inside a JSP would only disable caching the current JSP page. You need to copypaste it over all JSP pages (shudder). Or even better, use a
Filterfor this which is mapped on*.jsp. For an example, see this answer.正如您所说,单击后退按钮会话变得无效。因此,请使会话在“后退”按钮事件上无效。
请添加<代码>“<” ">" 表示代码片段中的第一行和 lasr 行
As you said, onclicking back button session is getting invalidate. SO please make session invalidate session on Back button event.
please add
"<" ">"for first and lasr line in code snippet