I am testing my Angular application that uses ui.router and authentication token. There is a partial page that is available only to authorized users. Here is the steps to reproduce:
1) Login
2) Navigate to partial user profile page
3) Logout
- it deletes authentication header like this:
delete $http.defaults.headers.common['x-access-token'];
- then navigates to a different page
4) In the browser address bar manually navigate back to the profile page.
- browser sends http request with the token I just removed! I can see it in Chrome Network view.
5) Subsequent requests to the profile page are issued without the token and gets rejected
This problem does not happen in Safari.