> Question: Is there anyway to clear the browser's history list (prior to
Response.Redirect("logoff.aspx") - to ensure the user can't depress the
"back" button to return to the page where the timeout occurred?
No.
If this is not possible - what if after I detect the session timeout - Is
it then possible to close the current browser where the timeout occurred -
and open a new browser with "logoff.aspx" information - How would I do this?
You can't do anything on the client because of a Session Timeout. The
Session Timeout occurs without any Request, and the server can only react on
the client via a client Request.
What you CAN do is to use JavaScript or a META Refresh tag on the client to
redirect after a certain period of time. You can set the time to the same
interval as a Session Timeout.
--
HTH,
Kevin Spencer
..Net Developer
Microsoft MVP
Big things are made up
of lots of little things.
"David" <an*******@discussions.microsoft.com> wrote in message
news:D1**********************************@microsof t.com... A user logs into a web site. He is then redirected to a web page of his
choosing - based on menu options - for example: "WeeklyReport.aspx" is a
page the user is currently viewing.
If the user session times out, I redirect the user to a "logoff.aspx" web
page that now informs the user he must relogin to the web site.
Question: Is there anyway to clear the browser's history list (prior to
Response.Redirect("logoff.aspx") - to ensure the user can't depress the
"back" button to return to the page where the timeout occurred?
If this is not possible - what if after I detect the session timeout - Is
it then possible to close the current browser where the timeout occurred -
and open a new browser with "logoff.aspx" information - How would I do this?