Beefy Boxes and Bandwidth Generously Provided by pair Networks
There's more than one way to do things

Re^6: How do you do sessions in Web Sites

by awwaiid (Friar)
on Oct 16, 2005 at 17:03 UTC ( #500592=note: print w/replies, xml ) Need Help??

in reply to Re^5: How do you do sessions in Web Sites
in thread How do you do sessions in Web Sites

You can actually set up the caching headers such that most browsers (ie/firefox at least) will cache Everything. You can do this by adding the header "Cache-Control: cache". I think.

One idea I had (and tested successfully) is to use always-cached pages along with some javascript to do fancy things. JS gets re-executed, but gets to keep some variables (so you can tell that you've already been viewed). You can also do those fancy xmlhttprequest thingies.

So most of the time when you go back it just shows you the page. But you could also have your js ask the server if it is OK to re-display this particular page, and then display a message (or nuke the page through DOM or whatever) if its not OK. That way they can't mess with you much if the go back to a one-time page --- a "are you sure you want to delete X" page or "Are you sure you want to charge 1 million dollars to your credit card?"

I give each page I display its own unique ID, so it would be easy to just keep a server-side list of which pages to "expire" or invalidate.

As always, however, Javascript is helpful for useability and does nothing for security.

  • Comment on Re^6: How do you do sessions in Web Sites

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://500592]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others contemplating the Monastery: (4)
As of 2021-09-19 09:26 GMT
Find Nodes?
    Voting Booth?

    No recent polls found