Session not getting destroyed on Logout on Rails

Setelah aplikasi logout, harusnya session sudah hilang / terhapus. Ternyata ketika di klik tombol BACK di browser, maka dapat kembali ke halaman sebelumnya tanpa login.

Ini sebenernya masalah cache di Browser, untuk menghindari itu pada application_controller.rb tambahkan seperti berikut

[ruby]

before_filter :set_cache_buster

def set_cache_buster
response.headers["Cache-Control"] = "no-cache, no-store, max-age=0, must-revalidate"
response.headers["Pragma"] = "no-cache"
response.headers["Expires"] = "Fri, 01 Jan 1990 00:00:00 GMT"
end

[/ruby]

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.