473,397 Members | 1,972 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp / active server pages > questions > prevent "back" buttom in browser

Join Bytes to post your question to a community of 473,397 software developers and data experts.

Prevent "Back" Buttom in Browser

I am trying to set up a login-logout website. I have a cookie about the
login status. I put it as logout once the logout link is clicked. And
I put a little security check about the status of the cookie variable
everytime before loading the detailed member profiling.

The page layout is like:

Login page,-->check the login name/password database-->profile page(only
login cookie is true, redirect back to login if false)

Logout link, set login cookie as false and redirect to the login page.
However, after I check a profile and then click logout, I can still get
back to profile page by click "back" button in browser. I was told
those are in the browser cache and the check of the "login" cookie does
not actually work in this situation.

Is there anyway to force the browser to clear the cache after I click
the "logout". It should be possible since lots of websites do that. I
just do not how to. Any help is highly appreciated!
Jul 22 '05 #1
7 4309
Make sure the page isn't cached:
http://www.aspfaq.com/2022
http://msdn.microsoft.com/library/en...am07032000.asp

Also, you can use a client-side redirect (e.g.
window.location.replace('newUrl.asp');) to prevent the current page from
being in the history.

If the page isn't cached and the session value is re-checked, after you've
issued a session.abandon() they shouldn't be able to see the secure content
again without logging in.


However, after I check a profile and then click logout, I can still get
back to profile page by click "back" button in browser.

Jul 22 '05 #2
Also see http://www.aspfaq.com/2017


Is there anyway to force the browser to clear the cache after I click
the "logout".

Jul 22 '05 #3
Thank you. I will try tomorrow and let you know if I fail.

Aaron Bertrand [SQL Server MVP] wrote:
Also see http://www.aspfaq.com/2017

Is there anyway to force the browser to clear the cache after I click
the "logout".


Jul 22 '05 #4
Hi George,

I use the following function in an include:

<%
function noCache()
response.addheader "Cache-Control", "no-store"
response.addheader "Cache-Control", "no-cache"
response.addheader "Pragma", "no-cache"
response.addheader "Cache-Control", "max-age=0, must-revalidate"
response.addheader "Expires", Now-1
end function
%>

and then at the top of any page I don't want cached I simply put <% noCache
%>

hope this helps!

Duane

"George" <sh*********@yahoo.com> wrote in message
news:ek**************@tk2msftngp13.phx.gbl...
I am trying to set up a login-logout website. I have a cookie about the
login status. I put it as logout once the logout link is clicked. And I
put a little security check about the status of the cookie variable
everytime before loading the detailed member profiling.

The page layout is like:

Login page,-->check the login name/password database-->profile page(only
login cookie is true, redirect back to login if false)

Logout link, set login cookie as false and redirect to the login page.
However, after I check a profile and then click logout, I can still get
back to profile page by click "back" button in browser. I was told those
are in the browser cache and the check of the "login" cookie does not
actually work in this situation.

Is there anyway to force the browser to clear the cache after I click the
"logout". It should be possible since lots of websites do that. I just do
not how to. Any help is highly appreciated!

Jul 22 '05 #5
I tried your code in a couple of test pages... and I could not get this to
work. Test.asp had a link to Test_2.asp and if I had the <% noCache %>
included on the second page in the head it would give me a page error. Also
if I did not include the <% noCache %> on the second page I could still
click the back button and the page would open....

--
Regards,

Carroll
"Duane Jackson" <dj******@keyone.co.uk> wrote in message
news:42**********************@ptn-nntp-reader04.plus.net...
Hi George,

I use the following function in an include:

<%
function noCache()
response.addheader "Cache-Control", "no-store"
response.addheader "Cache-Control", "no-cache"
response.addheader "Pragma", "no-cache"
response.addheader "Cache-Control", "max-age=0, must-revalidate"
response.addheader "Expires", Now-1
end function
%>

and then at the top of any page I don't want cached I simply put <% noCache %>

hope this helps!

Duane

"George" <sh*********@yahoo.com> wrote in message
news:ek**************@tk2msftngp13.phx.gbl...
I am trying to set up a login-logout website. I have a cookie about the
login status. I put it as logout once the logout link is clicked. And I
put a little security check about the status of the cookie variable
everytime before loading the detailed member profiling.

The page layout is like:

Login page,-->check the login name/password database-->profile page(only
login cookie is true, redirect back to login if false)

Logout link, set login cookie as false and redirect to the login page.
However, after I check a profile and then click logout, I can still get
back to profile page by click "back" button in browser. I was told those are in the browser cache and the check of the "login" cookie does not
actually work in this situation.

Is there anyway to force the browser to clear the cache after I click the "logout". It should be possible since lots of websites do that. I just do not how to. Any help is highly appreciated!


Jul 22 '05 #6
> it would give me a page error.

Could you be more specific?
Jul 22 '05 #7
> included on the second page in the head it would give me a page error.

It has to be *BEFORE* any HTML.
Jul 22 '05 #8
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

3
How can I catch the "back" from the browser's menu ? (IE+NS)
by: John | last post by:
Hi, I have to catch the "back" browser's functionality from the menu. I already can catch the key-stroke combination for IE + NS/Firefox and inactivate the mouse right-button, but I still have to...
Javascript
12
Question: How can I "expire" a web page (prevent BACK button)
by: VB Programmer | last post by:
I know some sites will display the following message if you click on the BACK button in your browser. How do I implement this feature? Warning: Page has Expired The page you requested was...
ASP.NET
2
Weird Problem: Auto-Jump page doesn't show up in "BACK" history
by: VB Programmer | last post by:
I created a page which I am using to prevent the user from hitting the BACK button. I'll call it my "Auto Jump" page. When it is called it basically auto-redirects to a page specified in the...
ASP.NET
2
Prevent "back" functionality
by: Barry Fitzgerald | last post by:
I have a site that requires a large number of pages to complete the entry of all the information. The information collected also varies depending on some of the data entered. I would like to...
ASP.NET
2
Automatic refresh when users selects "Back" button in Internet Explorer
by: Leszek Taratuta | last post by:
Hello, I am using the following code to prevent users to see the previous pages: Response.CacheControl = "no-cache"; Response.AddHeader( "Pragma", "no-cache" ); Response.Expires = -1; When...
ASP.NET
11
lock-out "Back" button
by: John A Grandy | last post by:
asp.net 1.1 ie 6 how to lock-out the user from clicking the browser "Back" button ?
ASP.NET
5
"Back" button and ViewState
by: Diffident | last post by:
Hello All, Most of you might be familiar with this problem i.e, viewstate is lost whenever we navigate from the one page to another. Does anyone have a remedy for this problem? On Page A, I...
ASP.NET
8
Creating a "Back" button in VB.Net/ASP.Net
by: Coleen | last post by:
Yes, I know why would I want to create a back button when there is one on the browser? Because that's what the users want! they want a "Previous" button that they can click from any web page in...
Visual Basic .NET
0
How to lock / deactivate "Refresh" and "Back" button on browser.
by: sagarp86 | last post by:
How to lock / deactivate "Refresh" and "Back" button on browser. Problem is in voting application. Once we click for a vote application goes to next page and increament one vote in the database....
ASP / Active Server Pages
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!