Uploaded image for project: 'Crowd Data Center'
  1. Crowd Data Center
  2. CWD-4877

Using browser back button after logout shows page content

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Cannot Reproduce
    • Icon: High High
    • None
    • None
    • None

      Summary

      After logging out of Crowd, it is possible to use the browser back button to view the previous pages. Though you cannot click through links or interact with the data it is still visible, which could be problematic with sensitive information on pages or the admin panel.

      Steps to Reproduce

      1. Browse through Confluence
      2. Log out of Confluence
      3. Press the "back" button in the browser

      Expected Results

      1. You will be required to log in
      2. Or receive a permissions issue

      Actual Results

      1. You're able to view the complete contents of the previous page

      Notes

      This was previously addressed in Bitbucket: BSERV-6996

      Workaround

      1. You can clear the browser cache after logging out to avoid this

            [CWD-4877] Using browser back button after logout shows page content

            Gaurav Agarwal (Inactive) added a comment -

            We've tested Crowd 3.1.1 using all the supported browsers:

            • Chrome - Version 63.0.3239.84
            • Internet Explorer - 11
            • Mozilla Firefox - Version 57.0.2
            • Safari - Version 11.0.2 (12604.4.7.1.4)

            The cache headers we currently add in Crowd are enough to prevent the behaviour with all the supported browsers. Closing as not reproducible

            Gaurav Agarwal (Inactive) added a comment - We've tested Crowd 3.1.1 using all the supported browsers: Chrome - Version 63.0.3239.84 Internet Explorer - 11 Mozilla Firefox - Version 57.0.2 Safari - Version 11.0.2 (12604.4.7.1.4) The cache headers we currently add in Crowd are enough to prevent the behaviour with all the supported browsers. Closing as not reproducible

              Unassigned Unassigned
              rlouie Robert Louie
              Affected customers:
              0 This affects my team
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: