Sensitive Info is exposed when clicking the back button after logging out.

[GKARLOZ]

Contributing as a tester reporting bugs.
Not sure on what repository to leave this issue.

Description:

Potential security risk of sensitive information being exposed such as API keys.

If a user decides to log out from the API page, the tokens can be seen and copied by pressing the back button on the browser without logging back in.

Environment:

1. Windows 10
2. Chrome Version 120.0.6099.225

Preconditions:

1. Open the Application (https://openweathermap.org/) in Chrome Browser.
2. User is logged in.

Steps to reproduce

1. Click on the Dropdown menu next to the username.
2. Select "My API keys" .<Verify ER -1>
3. Click on the Dropdown menu next to the username.
4. Select "Logout" option <Verify ER -2>
5. Click on Browser back button <Verify ER -3>

Expected result

1. User should see the API keys page.
2. User should be taken to the login page and a red alert message should appear displaying "You need to sign in or sign up before continuing".
3. User should not get logged in nor should sensitive information be shown.

Actual Result:

1. User appears to be logged in and API keys can be copied.

issue1.1.mp4

[GKARLOZ]

I found this bug while doing a testing framework project. Feel free to use it.
Also, feel free to transfer this issue to the right repository. I wasn't sure where to leave it. I hope it helps. 👍

https://github.com/GKARLOZ/OpenWeather-Testing-Framework