We have a J2EE application deployed on tomcat (https). Users are getting a “Warning: Page has Expired” message when they try to click on back button. Users are required to check “Do not save encrypted pages to disk”. Is there any workaround to fix this? (I think whenever they click back button check if action=submitted, if not show the form; may work.)
I suspect that this problem is exhibited after a user submits a form?
If this is the case, you should have the form submit to the action via POST and redirect to the same action (implicit GET).
Yes, this problem occurs after user submits a form on Page A and gets redirected to Page B. On Page B clicks browser back button.
As far as I know, the expires header merely works if you submit twice.
for example, screen A ->submit->screen B ->submit->screen C
Besides, you should use "POST" method in each submit. Then, when you click on Back button, the page is going to expire.