0

I have set up a nginx server with cgi on Linux. A specific program is used to end a user's session (logout) and to redirect the user to another page, but first the mentioned program processes some data (cookies) and answers the browser with different cookies.

This program is called whenever a user clicks on the logout-button.

HTTP-Request-Header:
Cookie: EMAIL=test@dummy; SID=1234

The program changes a database-entry and then returns:

HTTP-Response-Header:
Set-Cookie: EMAIL=NULL; SID=0
Status: 301 Location: https://<myIP>/index.html

The described procedure works if the user's browser-cache is empty. --> The user has accessed the page for the first time after browser-startupt.

The log files /var/log/nginx/error.log and /var/log/nginx/access.log show the expected reactions and contents. When a user logs in again and clicks on the logout-button, the program is not executed at all. Only after clearing the history, cache and cookies of the user's browser the logout-procedure works as it should.

I already tried Cache-Control: no-cache as a HTTP-Response-Header-Field with no effect.

What is necessary to make the program execute every time the user clicks on the logout-button?

Cdrmoi
  • 43
  • 1
  • 8
  • How does you app work if you turn off cache via Chrome Web Developer toolbar? Please try it according to that tip: http://stackoverflow.com/a/7000899/290338 – Anatoly Aug 08 '15 at 16:12
  • I don't use chrome, but if I use the network analysis function in firefox' dev. tools it works every time. – Cdrmoi Aug 08 '15 at 21:24
  • Not really matters the tool you use, the behaviour within HTTP request/response cycle should be same regardless of client. If cache is problem disabling it helps, otherwise trouble has nothing shared with caching headers (Cache-Conteol, E-Tag, Last-Modified). – Anatoly Aug 09 '15 at 11:34
  • I've changed the `Cache-Control` to `Cache-Control: no-store, no-cache, must-revalidate, max-age=0` It seems to be working in the following browsers: _Firefox (Linux / Windows), Epiphany (Linux), Opera (Android)_ How can I be sure that it works in every other browser? – Cdrmoi Aug 11 '15 at 09:50
  • there is no other way rather than to test all major browsers to be 100% sure. – Anatoly Aug 11 '15 at 19:42
  • I tested in on many different systems. It seems to be working. :) – Cdrmoi Aug 14 '15 at 08:20

0 Answers0