473,836 Members | 1,996 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Prevent "Back" Buttom in Browser

I am trying to set up a login-logout website. I have a cookie about the
login status. I put it as logout once the logout link is clicked. And
I put a little security check about the status of the cookie variable
everytime before loading the detailed member profiling.

The page layout is like:

Login page,-->check the login name/password database-->profile page(only
login cookie is true, redirect back to login if false)

Logout link, set login cookie as false and redirect to the login page.
However, after I check a profile and then click logout, I can still get
back to profile page by click "back" button in browser. I was told
those are in the browser cache and the check of the "login" cookie does
not actually work in this situation.

Is there anyway to force the browser to clear the cache after I click
the "logout". It should be possible since lots of websites do that. I
just do not how to. Any help is highly appreciated!
Jul 22 '05 #1
7 4346
Make sure the page isn't cached:
http://www.aspfaq.com/2022
http://msdn.microsoft.com/library/en...am07032000.asp

Also, you can use a client-side redirect (e.g.
window.location .replace('newUr l.asp');) to prevent the current page from
being in the history.

If the page isn't cached and the session value is re-checked, after you've
issued a session.abandon () they shouldn't be able to see the secure content
again without logging in.


However, after I check a profile and then click logout, I can still get
back to profile page by click "back" button in browser.

Jul 22 '05 #2
Also see http://www.aspfaq.com/2017


Is there anyway to force the browser to clear the cache after I click
the "logout".

Jul 22 '05 #3
Thank you. I will try tomorrow and let you know if I fail.

Aaron Bertrand [SQL Server MVP] wrote:
Also see http://www.aspfaq.com/2017

Is there anyway to force the browser to clear the cache after I click
the "logout".


Jul 22 '05 #4
Hi George,

I use the following function in an include:

<%
function noCache()
response.addhea der "Cache-Control", "no-store"
response.addhea der "Cache-Control", "no-cache"
response.addhea der "Pragma", "no-cache"
response.addhea der "Cache-Control", "max-age=0, must-revalidate"
response.addhea der "Expires", Now-1
end function
%>

and then at the top of any page I don't want cached I simply put <% noCache
%>

hope this helps!

Duane

"George" <sh*********@ya hoo.com> wrote in message
news:ek******** ******@tk2msftn gp13.phx.gbl...
I am trying to set up a login-logout website. I have a cookie about the
login status. I put it as logout once the logout link is clicked. And I
put a little security check about the status of the cookie variable
everytime before loading the detailed member profiling.

The page layout is like:

Login page,-->check the login name/password database-->profile page(only
login cookie is true, redirect back to login if false)

Logout link, set login cookie as false and redirect to the login page.
However, after I check a profile and then click logout, I can still get
back to profile page by click "back" button in browser. I was told those
are in the browser cache and the check of the "login" cookie does not
actually work in this situation.

Is there anyway to force the browser to clear the cache after I click the
"logout". It should be possible since lots of websites do that. I just do
not how to. Any help is highly appreciated!

Jul 22 '05 #5
I tried your code in a couple of test pages... and I could not get this to
work. Test.asp had a link to Test_2.asp and if I had the <% noCache %>
included on the second page in the head it would give me a page error. Also
if I did not include the <% noCache %> on the second page I could still
click the back button and the page would open....

--
Regards,

Carroll
"Duane Jackson" <dj******@keyon e.co.uk> wrote in message
news:42******** **************@ ptn-nntp-reader04.plus.n et...
Hi George,

I use the following function in an include:

<%
function noCache()
response.addhea der "Cache-Control", "no-store"
response.addhea der "Cache-Control", "no-cache"
response.addhea der "Pragma", "no-cache"
response.addhea der "Cache-Control", "max-age=0, must-revalidate"
response.addhea der "Expires", Now-1
end function
%>

and then at the top of any page I don't want cached I simply put <% noCache %>

hope this helps!

Duane

"George" <sh*********@ya hoo.com> wrote in message
news:ek******** ******@tk2msftn gp13.phx.gbl...
I am trying to set up a login-logout website. I have a cookie about the
login status. I put it as logout once the logout link is clicked. And I
put a little security check about the status of the cookie variable
everytime before loading the detailed member profiling.

The page layout is like:

Login page,-->check the login name/password database-->profile page(only
login cookie is true, redirect back to login if false)

Logout link, set login cookie as false and redirect to the login page.
However, after I check a profile and then click logout, I can still get
back to profile page by click "back" button in browser. I was told those are in the browser cache and the check of the "login" cookie does not
actually work in this situation.

Is there anyway to force the browser to clear the cache after I click the "logout". It should be possible since lots of websites do that. I just do not how to. Any help is highly appreciated!


Jul 22 '05 #6
> it would give me a page error.

Could you be more specific?
Jul 22 '05 #7
> included on the second page in the head it would give me a page error.

It has to be *BEFORE* any HTML.
Jul 22 '05 #8

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

3
1942
by: John | last post by:
Hi, I have to catch the "back" browser's functionality from the menu. I already can catch the key-stroke combination for IE + NS/Firefox and inactivate the mouse right-button, but I still have to catch the event of the browser's "back" functionality from the menu bar. Does anybody have an idea how can I catch this with JavaScript? Thank you very much for your answerz John
12
10178
by: VB Programmer | last post by:
I know some sites will display the following message if you click on the BACK button in your browser. How do I implement this feature? Warning: Page has Expired The page you requested was created using information you submitted in a form. This page is no longer available. As a security precaution, Internet Explorer does not automatically resubmit your information for you. To resubmit your information and view this Web page, click the...
2
2056
by: VB Programmer | last post by:
I created a page which I am using to prevent the user from hitting the BACK button. I'll call it my "Auto Jump" page. When it is called it basically auto-redirects to a page specified in the QueryString. (We'll call the page it goes to the "destination page".) If the user hits BACK on the destination page it should goto the "Auto Jump" page which should put you right back to where you hit the button. In Page_Load of this "Auto Jump"...
2
1561
by: Barry Fitzgerald | last post by:
I have a site that requires a large number of pages to complete the entry of all the information. The information collected also varies depending on some of the data entered. I would like to prevent the back button from working. Can that be done? Can I prevent a page from displaying when the back button is clicked somehow, perhaps by requiring that it always be loaded from the web sever and not cached on the user pc? -- Barry...
2
3812
by: Leszek Taratuta | last post by:
Hello, I am using the following code to prevent users to see the previous pages: Response.CacheControl = "no-cache"; Response.AddHeader( "Pragma", "no-cache" ); Response.Expires = -1; When users select the "Back" button in IE, they see the message:
11
2706
by: John A Grandy | last post by:
asp.net 1.1 ie 6 how to lock-out the user from clicking the browser "Back" button ?
5
3678
by: Diffident | last post by:
Hello All, Most of you might be familiar with this problem i.e, viewstate is lost whenever we navigate from the one page to another. Does anyone have a remedy for this problem? On Page A, I have a datalist which has a "select" link for each row(I have 1000's of such rows). When a user clicks a particular select link, I am redirecting him to Page B(this redirection is being done in Datalist_ItemCommand). Once on Page B, when user...
8
23239
by: Coleen | last post by:
Yes, I know why would I want to create a back button when there is one on the browser? Because that's what the users want! they want a "Previous" button that they can click from any web page in our application that will do the exact same thing as the Back button in the browser. Can anyone give me any suggestions on how to do this using VB .Net? I have Googled for "Create Back Button" and found stuff in JavaScript and HTML but nothing in...
0
3531
by: sagarp86 | last post by:
How to lock / deactivate "Refresh" and "Back" button on browser. Problem is in voting application. Once we click for a vote application goes to next page and increament one vote in the database. But when we click on "Refresh" button on the browser, the query is fired again and again one vote is added un-necessarily..Only one vote should be posted from each pc / user. Same thing is with "Back" button on browser. when we click on vote,...
0
9670
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
0
10844
Oralloy
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...
0
10548
jinu1996
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...
0
10254
tracyyun
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
0
6979
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...
0
5649
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
0
5826
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
2
4016
muto222
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
3
3115
bsmnconsultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.