back button logout symfony2 php error -
i developing symfony2 app , have problem.
when log out of app, correctly, if press button of browser, go page in logged.
if write url go page, can't.
thanks in advance
this security.yml
security: encoders: simple\profilebundle\entity\user: algorithm: sha1 encode_as_base64: false iterations: 1 role_hierarchy: role_admin: [role_user] providers: main: entity: class: simple\profilebundle\entity\user property: username firewalls: secured_area: pattern: ^/ anonymous: ~ form_login: login_path: login check_path: login_check always_use_default_target_path: true default_target_path: /logged/portada logout: path: /logout target: /portada access_control: - { path: ^/logged, roles: role_admin }
i tested scenario in own symfony 2.3 applications , found in fact security flaw comes browser cache (not framework issue because it's out of command of framework.)
here discussion around issue. general (but not complete) solution send "expire" headers browser may (or may not) pay attending when utilize back-button behaviour. here's symfony docs http cache headers
i have not tested in 2.5.* environment yet, may have been addressed in later version of symfony.
php symfony2 button logout back
No comments:
Post a Comment