MyBB Community Forums

MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.2 Series > MyBB 1.2 General Support > Navigation security [PR2] : using the prev button of my browser
Full Version: Navigation security [PR2] : using the prev button of my browser
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

BubbleGooM

2005-10-26, 12:07 PM
Hello again,

try this :

add a new event in the calendar then edit it.

Just push the delete button and validate your choice.

The problem is : click on the "previous page" button of your favourite browser..

You can access AGAIN to an event which has been DELETED..

Why not delete this page from the browser-cache too ...

See you..

spicyjoe

2005-10-26, 03:09 PM
LOLz, coz when you hit back.... it takes the page that was loaded.... when you hit back... the browser won't reload the page.....

BubbleGooM

2005-10-26, 03:19 PM
spicyjoe Wrote:LOLz, coz when you hit back.... it takes the page that was loaded.... when you hit back... the browser won't reload the page.....

Ok that's possible Toungue..

I have Firefox 1.0.7 with the plugin fasterfox...I can't test it under IE..because i don't have it anymore Big Grin

spicyjoe

2005-10-27, 02:12 AM
all the browser just do that... they won't load the page again.... hehehe

BubbleGooM

2005-10-27, 08:10 AM
Ok..but i have to tell you that i developped an application based on PHP/MySQL some times ago and that i used a javascript system to clear the previous page cache for security..

So when you push the previous page button, it reloads the page before the previous page..(i hope you will understand what i say becasue i'm french and that's difficult to explain with technical words my idea..)


But if that's normal and can't make the application crash it's ok for me..

Bye.

Dennis Tsang

2005-10-29, 12:20 AM
If you delete it, it won't come back again. If you go back, it's only a copy that your browser has saved in its cache, but the event itself has been delete from the database, it doesn't recreate itself.

Now if you apply this to something seemingly more serious, such as logging out, and someone who takes over the computer goes back to the 'logged in' state, up to what I know, you're still just browsing the cache of the pages, which may cause a security risk because of other people reading the threads that you opened. However if you try to access another page not in cache, then it should go back to 'guest' because the cookies have been deleted when you logged out. However, I haven't tested this part of the theory yet for real

BubbleGooM

2005-10-29, 02:41 PM
Ok..

When my translation job (french traslation with Protocole) will be finished i will make some security tests..

Warning if there is some SQL code in the page, browsing it again will send the request again too..I will test it soon..

Bye
MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.2 Series > MyBB 1.2 General Support > Navigation security [PR2] : using the prev button of my browser