[BangPypers] back button issues with session handling in flask

Vinayak Hegde vinayakh at gmail.com
Sat Sep 7 20:09:08 CEST 2013


On Sat, Sep 7, 2013 at 9:59 PM, Adivandhya <adivandhya at yahoo.co.in> wrote:

> Hello guys,
>     Im making my own login module in flask, and Im now facing this problem
> pertaining to browser caching.
>    Aftera user signout (by setting the session["logged_in"] =False or even
> doing session.clear() ) ,if i press the back button on the browser, i still
> can see my homepage(which is suppose to be seen only when logged in). There
> are a few constraints while dealing with this problem, first being i do not
> want to totally disablebrowser caching as i believe it is important for
> efficiency of the website ,
> and second being i cannot use other extensions like flask-login etc, as im
> trying to make it on my own.
> How do i resolve this problem within the constraints ?
>

Sometimes I have seen that the browser caches the rendered page and does
not refresh the page. For example I have seen this behavior in FF. I go to
ESPNcricinfo and click on an article and read it and go back, the page
rendered does not have the score refreshed. This same behavior is exhibited
when you press CTRL+SHIFT+T to reopen closed tabs. The rendered page is
loaded as well as the history of the tab.

Do you see this behavior with Flask-login as well ? And what browser are
you using to test ? I have seen some sites try to disable the back-button
but that might not be an elegant way to do this. Another approach could be
see if you can play with the HTTP Cache-control headers to see if they make
a difference.

-- Vinayak


More information about the BangPypers mailing list