I have a servlet where i validate the login using POST and logout using GET. So, i want when i click on logout button, i cannot go back to previous page because the session is terminate. But it did not happen. When i click on logout button i still can go back to previous page.
so here is my code of logout in the servlet
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String action = request.getParameter("action"); if ("logout".equals(action)) { HttpSession session = request.getSession(); session.invalidate(); response.sendRedirect("loginpage.jsp"); } }logoout button code <li class="nav-item"><a class="nav-link" href="logout?action=logout">Logout</a></li>
I redirect to the loginpage but when i "click to go back" at the browser, i still can go back even i check the session
here is the code that i put at every single page to validate the session
<% HttpSession ses = request.getSession(false); if (ses == null || ses.getAttribute("name") == null) { response.sendRedirect("login-form.jsp"); return; }%>