Spring浏览器后退按钮处理
[英]Spring browser back button handling
问题描述
Using Spring 4.2.9 
使用Spring 4.2.9
Web-Flow : My web-flow has three pages page-1, page-2 and error-Page Web流 :我的网络流有三页第1页,第2页和错误页面
Scenario : User clicks on a link in the email, my back-end code consumes the link and user lands on a page-1(the link in the address bar now is different than what the user clicked on), the user does the required stuff on page-1 and clicks continue button and lands on page-2. 场景 :用户点击电子邮件中的链接,我的后端代码消耗链接,用户登陆页面1(地址栏中的链接现在与用户点击的链接不同),用户执行了所需操作页面1上的内容和点击继续按钮并登陆第2页。
What I need when the user is on page-2 : 当用户在第2页时我需要什么 :
- User presses browser back button they should go to error-Page. 用户按下浏览器后退按钮,他们应该转到错误页面。
- The user had copied the link when they were on page-1 and open a new tab and paste the page-1 link, they should land on error-page. 用户在第1页上复制了链接并打开新选项卡并粘贴了第1页链接,他们应该登陆错误页面。
3 个解决方案
解决方案1
0 2018-01-19 14:24:30
It's a quite common problem.
这是一个非常普遍的问题。 A simple google search gave some possible solutions. 简单的谷歌搜索提供了一些可能的解决方案。 Did you tried them? 你试过吗? If yes, then update the question with more specifics on the issue. 如果是,则更新问题,更详细地说明问题。 If not, here are a couple of links: 如果没有,这里有几个链接: You can achieve this by configuring a Spring MVC filter (or interceptor).
您可以通过配置Spring MVC过滤器(或拦截器)来实现此目的。 There you can check if the request is GET and it contains the url that you want to block. 在那里,您可以检查请求是否为GET,并且它包含您要阻止的URL。 If true, you can redirect that request to the error or access denied page. 如果为true,则可以将该请求重定向到错误或访问被拒绝页面。
解决方案2
0 2018-01-24 18:06:10
To prevent the user from resetting values when going back with the browser back button you can put a variable in the conversationScope, variables in this scope are not reverted to their previous state when you use the back button. 为了防止用户在使用浏览器返回按钮返回时重置值,您可以在conversationScope中放置一个变量,当您使用后退按钮时,此范围中的变量不会恢复到之前的状态。 You can this way set a variable when they reach part 2 and check for it when you load part 1, but for this to work part 1 and part 2 need to be in the same flow. 您可以通过这种方式设置变量到达第2部分并在加载第1部分时检查它,但是为了使其工作,第1部分和第2部分需要在同一个流程中。
To prevent the users from using a link again, if they are authenticated users you can save a flag in the database that say they have finished the flow and simply look at the database when loading part 1 and throw an exception if the user shouldn't have access. 为了防止用户再次使用链接,如果他们是经过身份验证的用户,您可以在数据库中保存一个标志,表示他们已完成流程,只需在加载第1部分时查看数据库,如果用户不应该抛出异常有访问权。 If they are unauthenticated users (like when doing surveys), give each users a token in the url (the token should be random enough that it cannot be brute forced easily) and store it in your database, when part 1 load check that the token is in the database and when your flow is done remove the token from the database. 如果他们是未经身份验证的用户(比如在进行调查时),请为每个用户提供一个令牌(令牌应该足够随机,以至于无法轻易强行推送)并将其存储在您的数据库中,当第1部分加载时检查令牌在数据库中,当您的流程完成后,从数据库中删除令牌。
If you can't do any of this, you can use cookies, just send a cookie to the user when they arrive on part 2, their browser will automatically send it on any new request so if you see it on part 1 you can throw an exception. 如果您不能做任何此类操作,您可以使用cookies,只需在用户到达第2部分时向其发送cookie,他们的浏览器会自动发送任何新请求,因此如果您在第1部分看到它,您可以扔一个例外。 But users will be able to delete their cookies to circumvent the protection. 但是用户将能够删除他们的cookie以绕过保护。
解决方案3
0 2018-03-16 18:32:00
Changing page-2 to end-state solved the problem. 将page-2更改为end-state解决了这个问题。 The solution was mentioned in "The Definitive Guide to Spring Web Flow". 该解决方案在“Spring Web Flow的权威指南”中提到。 Thank you all for your help. 感谢大家的帮助。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.