From 9b48732cd21f8245a510cadc4e1ddf247cfca55c Mon Sep 17 00:00:00 2001
From: snipe <snipe@snipe.net>
Date: Mon, 4 Oct 2021 12:52:48 -0700
Subject: [PATCH] Force revalidation headers when user logs out

Signed-off-by: snipe <snipe@snipe.net>
---
 app/Http/Kernel.php                        |  1 +
 app/Http/Middleware/PreventBackHistory.php | 23 ++++++++++++++++++++++
 2 files changed, 24 insertions(+)
 create mode 100644 app/Http/Middleware/PreventBackHistory.php

diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php
index bedb8bcca52f..66abc7c20ce8 100644
--- a/app/Http/Kernel.php
+++ b/app/Http/Kernel.php
@@ -23,6 +23,7 @@ class Kernel extends HttpKernel
         \App\Http\Middleware\CheckForDebug::class,
         \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
         \App\Http\Middleware\SecurityHeaders::class,
+        \App\Http\Middleware\PreventBackHistory::class,
 
     ];
 
diff --git a/app/Http/Middleware/PreventBackHistory.php b/app/Http/Middleware/PreventBackHistory.php
new file mode 100644
index 000000000000..ae6ac194f4c0
--- /dev/null
+++ b/app/Http/Middleware/PreventBackHistory.php
@@ -0,0 +1,23 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+
+class PreventBackHistory
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+        $response = $next($request);
+        return $response->header('Cache-Control','no-cache, no-store, max-age=0, must-revalidate')
+            ->header('Pragma','no-cache')
+            ->header('Expires','Sun, 02 Jan 1990 00:00:00 GMT');
+    }
+}
\ No newline at end of file