The problem is when the user are authenticated and for any reason pick the back button of the browser and send the data to the server again. Or some users access directly at the url and try to login (Maybe crsf charged time before or expired) and returns the same error.
Someone knows how can prevent this?
I will show you some pictures:
- the user logged in normally
- The log in redirect to the dashboard normally,
- But if the users clicks the back button the browsers shows the login form again and the route mydomain.com/login and if the users click the "Acceder" button the server response me with and error 419
Thanks!
Aucun commentaire:
Enregistrer un commentaire