我尝试在用户注销时杀死浏览器缓存。我实现了 LogoutSuccessHandlerInterface 来扩展 onLogoutSuccess 方法。没有错误,但是当我注销时,我可以在浏览器中按返回按钮,我看到我的profil页面=> 如果我刷新此页面,我会自动重定向,因此我已正确注销。
安全.yml
logout:
path: /logout
target: /
invalidate_session: true
success_handler: project_user.handler.logout_handler
服务.yml
project_user.handler.logout_handler:
class: Project'UserBundle'Handler'LogoutHandler
Project/UserBundle/Handler/LogoutHandler.php
<?php
namespace Project'UserBundle'Handler;
use Symfony'Component'Security'Http'Logout'LogoutSuccessHandlerInterface;
use Symfony'Component'HttpFoundation'Request;
use Symfony'Component'HttpFoundation'RedirectResponse;
class LogoutHandler implements LogoutSuccessHandlerInterface
{
public function onLogoutSuccess( Request $request )
{
$response = new RedirectResponse( '/' );
$response->headers->addCacheControlDirective( 'no-cache', true );
$response->headers->addCacheControlDirective( 'max-age', 0 );
$response->headers->addCacheControlDirective( 'must-revalidate', true );
$response->headers->addCacheControlDirective( 'no-store', true );
return $response;
}
}
我尝试使用此解决方案并且效果很好,但是每个请求都调用此方法(每个页面多次调用)并导致速度变慢。请帮忙!
感谢
试试这个,对我有用。
<?php
namespace YourBundle;
use Symfony'Component'EventDispatcher'EventSubscriberInterface;
use Symfony'Component'HttpKernel'KernelEvents;
use Symfony'Component'HttpKernel'Event'FilterResponseEvent;
class KernelSubscriber implements EventSubscriberInterface {
public static function getSubscribedEvents() {
return array(
KernelEvents::RESPONSE => array(
array('clearBrowserCache', 434255),
),
);
}
public function clearBrowserCache(FilterResponseEvent $event) {
$response = $event->getResponse();
$response->headers->addCacheControlDirective('no-cache', true);
$response->headers->addCacheControlDirective('max-age', 0);
$response->headers->addCacheControlDirective('must-revalidate', true);
$response->headers->addCacheControlDirective('no-store', true);
}
}
服务.yml
kernel_subscriber:
class: YourBundle'KernelSubscriber
tags:
- { name: kernel.event_subscriber }
我使用的一种成功的方法只是在注销后重定向到上一页。如果上一页是安全的,您的身份验证系统将重定向回登录页面。现在,当您按下后退按钮时,您应该再次点击登录页面。
请参阅我的帖子 这里 关于拉拉维尔的例子:https://laracasts.com/discuss/channels/requests/back-button-browser