safety problem
Asked Modified Viewed 3,361 times
asked
Hello
when I logout form my site and make the browser work offline, I can see some of pages which I had visited when I was logged in , even private messages and admin section. this is very serious because I'm not the only person who uses the computer and also I know many of my users don't use their personal computer.
I have tried the following to disable cache. it works just when you are online but when get offline you can see some of visited pages :
I know there should be a soloution for this like what yahoo mail or gmail does. also this is not a good idea to tell my users clear browser cache before they leave. they expect something like other sites.
Best wishes,
when I logout form my site and make the browser work offline, I can see some of pages which I had visited when I was logged in , even private messages and admin section. this is very serious because I'm not the only person who uses the computer and also I know many of my users don't use their personal computer.
I have tried the following to disable cache. it works just when you are online but when get offline you can see some of visited pages :
Code Download source
header("Cache-Control: no-cache, no-store, private");
header("Pragma: no-cache") ;
header("Expires: -1") ;I know there should be a soloution for this like what yahoo mail or gmail does. also this is not a good idea to tell my users clear browser cache before they leave. they expect something like other sites.
Best wishes,
Edited by cs84 on 17-01-2006 10:20,
answered
Have you tried adding the meta tags to subheader.php ?
answered
Quote
Have you tried adding the meta tags to subheader.php ?
yes , I have added the following code to header section of subheader.php (but not at the top of head tag) and also to footer (for the 64KB issue) :
Code Download source
<meta http-equiv='Pragma' content='no-cache'>
<meta http-equiv='Expires' content='-1'>I have done these based on previous posts on forum.
But still problem exists.
Thanks,
Edited by cs84 on 17-01-2006 14:15,
answered
I have also changed body tag in subheader.php to :
Please help me to solve this security problem.
Do you have the same problem?
I use 6.00.303 and IE 6 SP2.
Code Download source
<body bgcolor='$body_bg' text='$body_text' onLoad=\"javascript: if ('Navigator' == navigator.appName) document.forms[0].reset();\">\n";Please help me to solve this security problem.
Do you have the same problem?
I use 6.00.303 and IE 6 SP2.
Falk
Falk 131
Need help?, Having trouble?
• View our Documentation for Guides, Standards and Functions
• Name and Organize your Topics and Content correctly in the corresponding Forums for best support results
• Attaching Log Files and Screenshots when reporting issues will help
• Provide with an URL to live example if one exists
• Please read the How to Report an Error post
• Please read and comply with the Code of Conduct
• View our Documentation for Guides, Standards and Functions
• Name and Organize your Topics and Content correctly in the corresponding Forums for best support results
• Attaching Log Files and Screenshots when reporting issues will help
• Provide with an URL to live example if one exists
• Please read the How to Report an Error post
• Please read and comply with the Code of Conduct
(¯·._.·(¯°·._.·°º*[ Project Manager ]*º°·._.·°¯)·._.·¯)
- Super Admin, joined since
- Contributed 6,201 posts on the community forums.
- Started 639 threads in the forums
- Answered 11 questions
I'll look into it, but, its not majorly serious in that no action can be carried out by the person viewing the page. The browser would need to physically reconnect in which case the browser would redirect back to the main site.
answered
Quote
its not majorly serious in that no action can be carried out by the person viewing the page. The browser would need to physically reconnect in which case the browser would redirect back to the main site.
I don't think so, being able to read private messages of others is a very impotant security issue.
Best regards,
gojuryu
gojuryu 10
www.gojuryu.net
Online since 1998 & running PHP-Fusion since 2004
Online since 1998 & running PHP-Fusion since 2004
- Member, joined since
- Contributed 105 posts on the community forums.
- Started 16 threads in the forums
isn't this the responsibility of the end user? I can do the same with php-bb and others. If I disable or limit the cache and cookies on my system it turns into a different story.
Category Forum
Bugs and Errors - 6Labels
None yet
Statistics
- Views 0 views
- Posts 6 posts
- Votes 0 votes
- Topic users 4 members
0 participants
Notifications
Track thread
You are not receiving notifications from this thread.
Related Questions