I am trying to set up a login-logout website. I have a cookie about the
login status. I put it as logout once the logout link is clicked. And
I put a little security check about the status of the cookie variable
everytime before loading the detailed member profiling.
The page layout is like:
Login page,-->check the login name/password database-->profile page(only
login cookie is true, redirect back to login if false)
Logout link, set login cookie as false and redirect to the login page.
However, after I check a profile and then click logout, I can still get
back to profile page by click "back" button in browser. I was told
those are in the browser cache and the check of the "login" cookie does
not actually work in this situation.
Is there anyway to force the browser to clear the cache after I click
the "logout". It should be possible since lots of websites do that. I
just do not how to. Any help is highly appreciated! 7 4325
Make sure the page isn't cached: http://www.aspfaq.com/2022 http://msdn.microsoft.com/library/en...am07032000.asp
Also, you can use a client-side redirect (e.g.
window.location .replace('newUr l.asp');) to prevent the current page from
being in the history.
If the page isn't cached and the session value is re-checked, after you've
issued a session.abandon () they shouldn't be able to see the secure content
again without logging in. However, after I check a profile and then click logout, I can still get back to profile page by click "back" button in browser.
Thank you. I will try tomorrow and let you know if I fail.
Aaron Bertrand [SQL Server MVP] wrote: Also see http://www.aspfaq.com/2017 Is there anyway to force the browser to clear the cache after I click the "logout".
Hi George,
I use the following function in an include:
<%
function noCache()
response.addhea der "Cache-Control", "no-store"
response.addhea der "Cache-Control", "no-cache"
response.addhea der "Pragma", "no-cache"
response.addhea der "Cache-Control", "max-age=0, must-revalidate"
response.addhea der "Expires", Now-1
end function
%>
and then at the top of any page I don't want cached I simply put <% noCache
%>
hope this helps!
Duane
"George" <sh*********@ya hoo.com> wrote in message
news:ek******** ******@tk2msftn gp13.phx.gbl... I am trying to set up a login-logout website. I have a cookie about the login status. I put it as logout once the logout link is clicked. And I put a little security check about the status of the cookie variable everytime before loading the detailed member profiling.
The page layout is like:
Login page,-->check the login name/password database-->profile page(only login cookie is true, redirect back to login if false)
Logout link, set login cookie as false and redirect to the login page.
However, after I check a profile and then click logout, I can still get back to profile page by click "back" button in browser. I was told those are in the browser cache and the check of the "login" cookie does not actually work in this situation.
Is there anyway to force the browser to clear the cache after I click the "logout". It should be possible since lots of websites do that. I just do not how to. Any help is highly appreciated!
I tried your code in a couple of test pages... and I could not get this to
work. Test.asp had a link to Test_2.asp and if I had the <% noCache %>
included on the second page in the head it would give me a page error. Also
if I did not include the <% noCache %> on the second page I could still
click the back button and the page would open....
--
Regards,
Carroll
"Duane Jackson" <dj******@keyon e.co.uk> wrote in message
news:42******** **************@ ptn-nntp-reader04.plus.n et... Hi George,
I use the following function in an include:
<% function noCache() response.addhea der "Cache-Control", "no-store" response.addhea der "Cache-Control", "no-cache" response.addhea der "Pragma", "no-cache" response.addhea der "Cache-Control", "max-age=0, must-revalidate" response.addhea der "Expires", Now-1 end function %>
and then at the top of any page I don't want cached I simply put <%
noCache %>
hope this helps!
Duane
"George" <sh*********@ya hoo.com> wrote in message news:ek******** ******@tk2msftn gp13.phx.gbl...I am trying to set up a login-logout website. I have a cookie about the login status. I put it as logout once the logout link is clicked. And I put a little security check about the status of the cookie variable everytime before loading the detailed member profiling.
The page layout is like:
Login page,-->check the login name/password database-->profile page(only login cookie is true, redirect back to login if false)
Logout link, set login cookie as false and redirect to the login page.
However, after I check a profile and then click logout, I can still get back to profile page by click "back" button in browser. I was told
those are in the browser cache and the check of the "login" cookie does not actually work in this situation.
Is there anyway to force the browser to clear the cache after I click
the "logout". It should be possible since lots of websites do that. I just
do not how to. Any help is highly appreciated!
> it would give me a page error.
Could you be more specific?
> included on the second page in the head it would give me a page error.
It has to be *BEFORE* any HTML. This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: John |
last post by:
Hi,
I have to catch the "back" browser's functionality from the menu. I
already can catch the key-stroke combination for IE + NS/Firefox and
inactivate the mouse right-button, but I still have to catch the event
of the browser's "back" functionality from the menu bar.
Does anybody have an idea how can I catch this with JavaScript?
Thank you very much for your answerz
John
|
by: VB Programmer |
last post by:
I know some sites will display the following message if you click on the
BACK button in your browser. How do I implement this feature?
Warning: Page has Expired The page you requested was created using
information you submitted in a form. This page is no longer available. As a
security precaution, Internet Explorer does not automatically resubmit your
information for you.
To resubmit your information and view this Web page, click the...
|
by: VB Programmer |
last post by:
I created a page which I am using to prevent the user from hitting the BACK
button. I'll call it my "Auto Jump" page. When it is called it basically
auto-redirects to a page specified in the QueryString. (We'll call the page
it goes to the "destination page".) If the user hits BACK on the
destination page it should goto the "Auto Jump" page which should put you
right back to where you hit the button.
In Page_Load of this "Auto Jump"...
|
by: Barry Fitzgerald |
last post by:
I have a site that requires a large number of pages to complete the entry of
all the information. The information collected also varies depending on some
of the data entered. I would like to prevent the back button from working.
Can that be done? Can I prevent a page from displaying when the back button
is clicked somehow, perhaps by requiring that it always be loaded from the
web sever and not cached on the user pc?
--
Barry...
|
by: Leszek Taratuta |
last post by:
Hello,
I am using the following code to prevent users to see the previous pages:
Response.CacheControl = "no-cache";
Response.AddHeader( "Pragma", "no-cache" );
Response.Expires = -1;
When users select the "Back" button in IE, they see the message:
| |
by: John A Grandy |
last post by:
asp.net 1.1
ie 6
how to lock-out the user from clicking the browser "Back" button ?
|
by: Diffident |
last post by:
Hello All,
Most of you might be familiar with this problem i.e, viewstate is lost
whenever we navigate from the one page to another. Does anyone have a remedy
for this problem?
On Page A, I have a datalist which has a "select" link for each row(I have
1000's of such rows). When a user clicks a particular select link, I am
redirecting him to Page B(this redirection is being done in
Datalist_ItemCommand). Once on Page B, when user...
|
by: Coleen |
last post by:
Yes, I know why would I want to create a back button when there is one on
the browser? Because that's what the users want! they want a "Previous"
button that they can click from any web page in our application that will do
the exact same thing as the Back button in the browser. Can anyone give me
any suggestions on how to do this using VB .Net? I have Googled for "Create
Back Button" and found stuff in JavaScript and HTML but nothing in...
|
by: sagarp86 |
last post by:
How to lock / deactivate "Refresh" and "Back" button on browser.
Problem is in voting application. Once we click for a vote application goes to next page and increament one vote in the database. But when we click on "Refresh" button on the browser, the query is fired again and again one vote is added un-necessarily..Only one vote should be posted from each pc / user.
Same thing is with "Back" button on browser. when we click on vote,...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
| |
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |