×

Loading...
Ad by
  • 推荐 OXIO 加拿大高速网络,最低月费仅$40. 使用推荐码 RCR37MB 可获得一个月的免费服务
Ad by
  • 推荐 OXIO 加拿大高速网络,最低月费仅$40. 使用推荐码 RCR37MB 可获得一个月的免费服务

Hi Jabber, Could you re-post the old posts that discussing the problems caused by browser's caching page, such as click BACK button. etc.

For security reason, I don't want some pages that accessed by a authorised user can alse be possibly viewed by another user with lower level access right when two users using same browser in same PC. To be more specific in my project, a user with lower access right will only allowed to see his own data, while a administrator can do much more thing. If the two kind of users use each own PC, then no problem will happen. The problem only happened is when after administror using the browser to do some work and then a lower user use the same brower. It is possible for the second user to type in URLs to see some pages that should not be allowed.

Do you think I should spend time on this problem which on usual situation is unlikely happened?
Report

Replies, comments and Discussions:

  • 工作学习 / IT技术讨论 / Hi Jabber, Could you re-post the old posts that discussing the problems caused by browser's caching page, such as click BACK button. etc.
    For security reason, I don't want some pages that accessed by a authorised user can alse be possibly viewed by another user with lower level access right when two users using same browser in same PC. To be more specific in my project, a user with lower access right will only allowed to see his own data, while a administrator can do much more thing. If the two kind of users use each own PC, then no problem will happen. The problem only happened is when after administror using the browser to do some work and then a lower user use the same brower. It is possible for the second user to type in URLs to see some pages that should not be allowed.

    Do you think I should spend time on this problem which on usual situation is unlikely happened?
    • Please refer to #26724. In fact you can get it by searching this forum.
      • The point is to use "document.replace(...)", so that the second URL does not enter the history list. It is HH who worked out this.