File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes HTML, CSS and JavaScript and the fly likes windows.history.back() with tokens Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » HTML, CSS and JavaScript
Bookmark "windows.history.back() with tokens" Watch "windows.history.back() with tokens" New topic

windows.history.back() with tokens

abhishek kaul

Joined: May 13, 2010
Posts: 8

Hi all,

I have a webapp in which i am sending a token every time to server to prevent CSRF, which works fine. In case there is no token present in request or an invalid token the server rejects the request. This works fine.

In some places i have a back button which where i am using windows.history.back() to go to previous page. Problem is it sends previous URL to the server with the previous token which is invalid. Hence server rejects it. Is there a way to set a new token in the windows.history.back() ?? or some other ideas to do this ??

Thanks a lot guys...
Eric Pascarello

Joined: Nov 08, 2001
Posts: 15385
No, You have no control over the history.

Victoria Harris

Joined: Aug 23, 2010
Posts: 6
May be you could set some cookie or temporary file with exact instructions. Actually I'm guessing. What kind of application you use, is it custom-made by you?

When you can't find an answer...
Do you know why FREE is an opportunity?..
abhishek kaul

Joined: May 13, 2010
Posts: 8
Sorry for the really late response...

But yeah Eric is right... i can't control history...

I changed it to use same token for entire session. So that works fine now.

I agree. Here's the link:
subject: windows.history.back() with tokens
It's not a secret anymore!