<a href="abc.jsp" onclick='<% session.invalidate(); %>'>LOGOUT</a> |
The above statement gets converted to Servlet CODE :
| out.write("<a href=\"abc.jsp\" onclick='"); session.invalidate(); out.write("'>LOGOUT</a>"); |
Conclusion:
What ever scriplet you write in onclick, will get executed every time the JSP is called. Not only on onclick as can be wrongly assumed.
Yep yep yep, just figured it out, it's better to simply do a small doGet servlet with this code:
ReplyDeleterequest.getSession().invalidate();
response.sendRedirect("REDIRECT_URL");
I was trying the other way because I tought that making a sevlet just for logging out was ridiculous but here I am.