sgiehl
commented
4 years ago Using the history back might imho always load the page from browser cache. Maybe setting a Cache-Control: no-cache header for pages including a nonce might help 🤔
Open mattab opened 4 years ago
sgiehl
commented
4 years ago Using the history back might imho always load the page from browser cache. Maybe setting a Cache-Control: no-cache header for pages including a nonce might help 🤔
mattab
commented
4 years ago sounds good to me :+1:
On any page with a form, we use nonces. If we wait more than 5 minutes after loading the page, to submit the form, the form submit fails and the error page is displayed. Then naturally we click "Go Back", but then it seems to sometimes load the same cached page again. So the form that we submitted late still has the same nonce and re-submitting the form still fails. Instead, when clicking "Go back" we expected a page refresh so a new nonce is generated. (maybe a simple solution could be to add a random URL parameter to the "Go back" link).
I've had this issue a few times recently, maybe this behavior was changed in the browser in recent weeks/months (firefox), as i didn't have this issue before. Reproduced on our cloud instance