[Koha-bugs] [Bug 5371] Back-button in OPAC shows previous user's details, after LOGOUT
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Fri Oct 2 14:18:59 CEST 2015
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=5371
--- Comment #31 from Marc Véron <veron at veron.ch> ---
(In reply to Kyle M Hall from comment #30)
> (In reply to Katrin Fischer from comment #29)
> > I tested a few times - maybe it's a firefox thing? I was using Firefox in
> > Ubuntu. It was described as a privacy measure to not request pages not
> > cached automatically again.
>
> I also was testing this patch using Chrome and Firefox on OS X. My
> experience is that some pages would give the "cache miss" error in both
> browsers and some would just redirect to the login screen.
I think that happens if the page where you crawl back to is a page that was the
result of a (log-in)form. See first point on comment #19
To reproduce (Firefox 40.1 Win / Chrome 45.0.2454.101 m / ):
- Close all browser windows to have a clear base line
- Open OPAC main page
- Log in as user AAAA with the login form at the right on the main page
- You are now on opac-user.pl
- Go to 'your fines'
- Log out
- You are redirected to the main page
- Hit back button
- You are now on opac-account.pl, it displays the login form
- Hit back button again
- In browser address field you have .../cgi-bin/koha/opac-user.pl
and the browser displays a message "Document expired... Try again"
- Hit "ry again"
- Brower displays a pop-up, something like "Send data again..."
with buttons 'Send again' / 'Cancel'
- Hit 'Send again'
Result:
- Firefox: ...you are logged in with user AAA and can browse to other pages
- Chrome: the message on .../cgi-bin/koha/opac-user.pl says something
like "Confirm sendign data again" and the string ERR_CACHE_MISS
- IE: the message on .../cgi-bin/koha/opac-user.pl says something like
'Webite expired... local copy no longer valid...
Fazit: The patches are fine to fix things for Chrome and IE (at least the
version I tested), but with FF 40.1 I was able to get back again to a page with
a valid login.
Since the browsers behave differently (maybe additionally depending on
individual browser settings), I would like to repeat my proposition from
comment #11 (in addition to the patches):
After a logout, display a message similar to the following:
"Logout privacy warning: Please close this browser window if other persons have
access to this computer."
--
You are receiving this mail because:
You are watching all bug changes.
You are the QA Contact for the bug.
More information about the Koha-bugs
mailing list