Last week, we had the author of TDD for a Shopping Website LiveProject. Friday at 11am Ranch time, Steven Solomon will be hosting a live TDD session just for us. See for the agenda and registration link
Last week, we had the author of TDD for a Shopping Website LiveProject. Friday at 11am Ranch time, Steven Solomon will be hosting a live TDD session just for us. See for the agenda and registration link
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Ron McLeod
  • Jeanne Boyarsky
  • Tim Cooke
Sheriffs:
  • Liutauras Vilda
  • paul wheaton
  • Henry Wong
Saloon Keepers:
  • Tim Moores
  • Tim Holloway
  • Stephan van Hulst
  • Carey Brown
  • Frits Walraven
Bartenders:
  • Piet Souris
  • Himai Minh

How to correctly handle a browser 'back'

 
Ranch Hand
Posts: 176
Netbeans IDE Chrome Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Folks,

I was hoping for some advice. I am building a java spring web application. A feature exists in the application whereby a user can create a booking. Once they do so, they are brought to the booking confirmation page. My question is, how should a web app behave when the user clicks 'back' at this point?

So currently, they just see a browser (Chrome) warning . I am wondering, how should I handle this? Should I intercept the back call and bring them to a 403 (or some such generic) page? Should I disable the user from clicking 'back' in the browser. I know that neither of these options are good ideas, but I am not sure what other options I have. I would love to hear how you guys handle similar situations.

Thanks again,

G
 
Sheriff
Posts: 67637
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Likes 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Glen Iris wrote:Should I intercept the back call and bring them to a 403 (or some such generic) page?


No.

Should I disable the user from clicking 'back' in the browser.


NO

I know that neither of these options are good ideas


Exactly. Any solution that tries to circumvent the browser is not only a bad idea, but ultimately will fail.

1) Implement proper cache control. (Search for examples.)

2) Be sure you are following the proper pattern such that POSTs are never "dangling" waiting to be activated by a refresh or back. See this article and pay particular attention to the "PRG pattern".
 
Glen Iris
Ranch Hand
Posts: 176
Netbeans IDE Chrome Java
  • Likes 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Perfect answer. Sincere Thanks Bear. I knew there was a way but had no idea what it was.
 
Glen Iris
Ranch Hand
Posts: 176
Netbeans IDE Chrome Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello again guys.

I have spent the past week implementing PRG and mine eyes have been opened. It is exactly what I needed.

However, I am still seeing one issue. My application uses Spring Security. I have a method to handle GET requests to '/login' (the login page) and this is fine. Any POST requests to '/login' are obviously handled by Spring as I did create a method to capture POST requests to '/login' but my break points were never hit. Therefore I cannot explicitly enforce the PRG 'Design Pattern' here as Spring is handling POST calls to the 'login' url.

The issue I am seeing is, when a user logs out, they are redirected to /login. If the user then refreshes the 'login' page, and subsequently attempts to enter his/her details, they see a 404. I had suspicious around what was causing this but so far, my investigations have not proved fruitful. Below is my Spring Security config:


I would appreciate any clues toward what you think the issue may be.

Many Thanks,

g
 
Glen Iris
Ranch Hand
Posts: 176
Netbeans IDE Chrome Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
anybody??
 
If tomatoes are a fruit, then ketchup must be a jam. Taste this tiny ad:
free, earth-friendly heat - a kickstarter for putting coin in your pocket while saving the earth
https://coderanch.com/t/751654/free-earth-friendly-heat-kickstarter
reply
    Bookmark Topic Watch Topic
  • New Topic