A user logs into a web site. He is then redirected to a web page of his choosing - based on menu options - for example: "WeeklyReport.aspx" is a page the user is currently viewing
If the user session times out, I redirect the user to a "logoff.aspx" web page that now informs the user he must relogin to the web site
Question: Is there anyway to clear the browser's history list (prior to Response.Redirect("logoff.aspx") - to ensure the user can't depress the "back" button to return to the page where the timeout occurred
If this is not possible - what if after I detect the session timeout - Is it then possible to close the current browser where the timeout occurred - and open a new browser with "logoff.aspx" information - How would I do this?
6  1629 
Try the following code in Page Load event
Response.Expires = 0
Response.ExpiresAbsolute = Now()
Response.CacheControl = "no-cache"
> Question: Is there anyway to clear the browser's history list (prior to
Response.Redirect("logoff.aspx") - to ensure the user can't depress the
"back" button to return to the page where the timeout occurred?
No. If this is not possible - what if after I detect the session timeout - Is
it then possible to close the current browser where the timeout occurred -
and open a new browser with "logoff.aspx" information - How would I do this?
You can't do anything on the client because of a Session Timeout. The
Session Timeout occurs without any Request, and the server can only react on
the client via a client Request.
What you CAN do is to use JavaScript or a META Refresh tag on the client to
redirect after a certain period of time. You can set the time to the same
interval as a Session Timeout.
--
HTH,
Kevin Spencer
..Net Developer
Microsoft MVP
Big things are made up
of lots of little things.
"David" <an*******@discussions.microsoft.com> wrote in message
news:D1**********************************@microsof t.com... A user logs into a web site. He is then redirected to a web page of his
choosing - based on menu options - for example: "WeeklyReport.aspx" is a
page the user is currently viewing.
If the user session times out, I redirect the user to a "logoff.aspx" web
page that now informs the user he must relogin to the web site.
Question: Is there anyway to clear the browser's history list (prior to
Response.Redirect("logoff.aspx") - to ensure the user can't depress the
"back" button to return to the page where the timeout occurred?
If this is not possible - what if after I detect the session timeout - Is
it then possible to close the current browser where the timeout occurred -
and open a new browser with "logoff.aspx" information - How would I do this?
Kevin
I did the redirect using a META tag. But I get the same result - i.e., I get the back button enabled and with the prior history
Unless I did this wrong - but basically - I get the same as if I placed in the Page_Init the following code..
if Session.IsNewSession then Response.Redirect(...
Basically - I can get the page as I requested - but I'd like to either disable the back button or have this opened in a 2nd window. Is their anyway to use the META refresh tag to open a 2nd browser window - then somehow close the 1st?
Hi David, I did the redirect using a META tag. But I get the same result - i.e., I
get the back button enabled and with the prior history.
You asked 2 distinct questions, and I answered them individually. The answer
to the second question had nothing to do with the answer to the first.
Basically - I can get the page as I requested - but I'd like to either
disable the back button or have this opened in a 2nd window. Is their
anyway to use the META refresh tag to open a 2nd browser window - then
somehow close the 1st?
No. The remark about the META Refresh tag was in answer to your question
about how to redirect after a Session Timeout.
It would help if you discuss what your business requirement is. What is it
that you are wanting to prevent from happening? And by that, I don't mean
technically, e.g. not using the Back button or preventing the user from
navigating back to a page. What I need to know is, what business requirement
are you trying to fulfill by this?
--
HTH,
Kevin Spencer
..Net Developer
Microsoft MVP
Big things are made up
of lots of little things.
"David" <an*******@discussions.microsoft.com> wrote in message
news:51**********************************@microsof t.com... Kevin,
I did the redirect using a META tag. But I get the same result - i.e., I
get the back button enabled and with the prior history.
Unless I did this wrong - but basically - I get the same as if I placed in
the Page_Init the following code... if Session.IsNewSession then Response.Redirect(...)
Basically - I can get the page as I requested - but I'd like to either
disable the back button or have this opened in a 2nd window. Is their
anyway to use the META refresh tag to open a 2nd browser window - then
somehow close the 1st?
Summary of my initial request... "A user logs into a web site. He is then redirected to a web page of his choosing - based on menu options - for example: "WeeklyReport.aspx" is a page the user is currently viewing. If the user session times out, I redirect the user to a "logoff.aspx" web page that now informs the user he must relogin to the web site. Question: Is there anyway to clear the browser's history list (prior to Response.Redirect("logoff.aspx") - to ensure the user can't depress the "back" button to return to the page where the timeout occurred? If this is not possible - what if after I detect the session timeout - Is it then possible to close the current browser where the timeout occurred - and open a new browser with "logoff.aspx" information - How would I do this?
Basically - what business requirement are you trying to fulfill by this? Answer: Security
Reason: When the session times out, I require the user to NOT navigate again with the current browser - I want to prevent navigating to either the timed out page or any other page of their history list. I require the user to simply relogin - by connecting from main login page - that is visible on the desktop. The user's history list will be specific to the business needs of the organization - pages relative to main login page / so timeout means relogin - you lose your history
In summary: Yesterday PM - I Did implement a solution myself. Part 2 of question - I found a feasible solution. I basically open a new browser (back and forward buttons disabled) - only information in this window is message informing user of timeout and requirement to relogin to the web site. I also successfully close the main browser where the timeout occured
In any event, Thank you for reviewing my questions and your help.
You could put the following line in the script section of your page:
history.go(1);
This is a JavaScript command that when the page loads will always try
to go to the next page. This stops the back button's use.
Hope that this helps you.
Kalz
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: lawrence |
last post by:
How is it possible that the question "How do I detect which browser
the user has" is missing from this FAQ:
http://www.faqts.com/knowledge_base/index.phtml/fid/125
and is only here on this...
|
by: R. Smits |
last post by:
I've have got this script, the only thing I want to be changed is the first
part. It has to detect IE version 6 instead of just "Microsoft Internet
Explorer". Can somebody help me out?
I tried...
|
by: anonieko |
last post by:
You can try this code:
>
>
>
>
>
<!--- filename: mypage.html ---->
<html>
....blah blah blah
<script language=JavaScript src=/Javascript/center.js></script>
|
by: someone |
last post by:
Let's say I have a Session timeout of 20 minutes. If the browser
periodically request a graphic file, will that keep its Session alive?
What keeps the Session alive? Is it the Session cookie that...
|
by: Eric Caron |
last post by:
Hi everybody,
I was doing some cross-browser tests today and I found out that if you
specify the width and height for a button type control, asp.net doesn't
output the style information when...
|
by: petermichaux |
last post by:
Hi,
Does anyone have a a cross-browser setOpacity function that does not
use browser sniffing? I looked at the Yahoo! UI function and it detects
IE by looking for window.ActiveXObject. I also...
|
by: Nathan Sokalski |
last post by:
I want to make sure I am doing a browser detection that will work once IE7
is released. My current detection statement (written using VB.NET) is:
If Me.Request.Browser.Browser.ToUpper() = "IE"...
|
by: David Golightly |
last post by:
This is just a quick poll for all you web devs out there: What
browsers do you test on/are concerned about compatibility with?
Obviously, you're going to test on current-generation browsers such...
|
by: Conrad Lender |
last post by:
In a recent thread in this group, I said that in some cases object
detection and feature tests weren't sufficient in the development of
cross-browser applications, and that there were situations...
|
by: ryjfgjl |
last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
| |
