[Seaside] Re: Logging out from a webpage
Klaus D. Witzel
klaus.witzel at cobss.com
Tue Jul 31 07:46:56 UTC 2007
on Tue, 31 Jul 2007 07:02:47 +0200, you wrote:
> 2007/7/30, Klaus D. Witzel <klaus.witzel at cobss.com>:
>> On Mon, 30 Jul 2007 22:18:57 +0200, Michael Gorsuch wrote:
>> > On Mon, Jul 30, 2007 at 04:12:30PM -0400, Richard Eng wrote:
>> >> If I ?logout? from a webpage, which takes me to a new webpage, how
>> do I
>> >> ?invalidate? the previous page or otherwise prevent the user from
>> >> revisiting
>> >> it (either through the back button or using history)?
>> > I would look at WATask's 'isolate' method. This expires previous
>> It's also possible to tell the browset to rewrite history, see
>> for examples. I use that to invalidate the previous page when it can be
>> done from a click on a hyperlink.
> How very uncool ;) How very low-level
This is all that Seaside can do: send cryptic messages to a browser at the
lowest-level it understands and then hope that is looks cool and works
If Seaside can do more to the browser then please tell me.
I'm *not* talking about putting Smalltalk code into methods and classes
and, once they work make them available for use and reuse in a component
framework, since this is taken for granted.
> and unreliable. We use #isolate:
> and #expire for this.
I'm keen to see what that tells the browser to do, i.e. how pages are
expired which are already in its cache "history" and at the time of
arrival had no expire-at-logout-time set because logout time is not known
Test case: send pages to which the user can return with #back, then
#logout and take the browser offline (which is the same as being connect
to a so called reliable network). Now demonstrate that the pages cannot be
accessed any longer, in this case not from the browser's cache "history".
This should take an experienced Seaside developer ca. 1 1/2 minutes.
More information about the Seaside