sessions and Safari

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
ggoose
Forum Newbie
Posts: 4
Joined: Tue Mar 09, 2010 1:52 pm

sessions and Safari

Post by ggoose »

Greetings,
I am creating a web site using sessions and upon logging out in both IE and FF I am directed to the login page when hitting the 'back' button (a good thing). My problem is after logging out with Safari and hitting the back button, it steps me through the entire history (a bad thing), though hitting any link while doing so will direct me to the login page. I am using session_cache_limiter(nocache) and, upon logout, session_destroy(), but to no avail. Any advice appreciated...prefer the good kind.
Thanks
ggoose
User avatar
AbraCadaver
DevNet Master
Posts: 2572
Joined: Mon Feb 24, 2003 10:12 am
Location: The Republic of Texas
Contact:

Re: sessions and Safari

Post by AbraCadaver »

The browser is most likely caching the pages. This happens in IE and FF as well. The only thing I can think of is to send the different cache headers for every page telling the browser not to cache.
mysql_function(): WARNING: This extension is deprecated as of PHP 5.5.0, and will be removed in the future. Instead, the MySQLi or PDO_MySQLextension should be used. See also MySQL: choosing an API guide and related FAQ for more information.
ggoose
Forum Newbie
Posts: 4
Joined: Tue Mar 09, 2010 1:52 pm

Re: sessions and Safari

Post by ggoose »

Thanks for the reply AC,
AbraCadaver wrote:The browser is most likely caching the pages. This happens in IE and FF as well. The only thing I can think of is to send the different cache headers for every page telling the browser not to cache.
Yes, I thought that was the purpose of the session_cache_limiter(nocache) function - to tell the browser not to cache. Doesn't seem to help with Safari.
gene
User avatar
kaisellgren
DevNet Resident
Posts: 1675
Joined: Sat Jan 07, 2006 5:52 am
Location: Lahti, Finland.

Re: sessions and Safari

Post by kaisellgren »

ggoose wrote:Thanks for the reply AC,
AbraCadaver wrote:The browser is most likely caching the pages. This happens in IE and FF as well. The only thing I can think of is to send the different cache headers for every page telling the browser not to cache.
Yes, I thought that was the purpose of the session_cache_limiter(nocache) function - to tell the browser not to cache. Doesn't seem to help with Safari.
gene
Not session_cache_limiter(), send HTTP caching headers. Here's a good resource: http://www.mnot.net/cache_docs/
Post Reply