469,607 Members | 2,048 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,607 developers. It's quick & easy.

ASP.NET Browser Question

A user logs into a web site. He is then redirected to a web page of his choosing - based on menu options - for example: "WeeklyReport.aspx" is a page the user is currently viewing

If the user session times out, I redirect the user to a "logoff.aspx" web page that now informs the user he must relogin to the web site

Question: Is there anyway to clear the browser's history list (prior to Response.Redirect("logoff.aspx") - to ensure the user can't depress the "back" button to return to the page where the timeout occurred

If this is not possible - what if after I detect the session timeout - Is it then possible to close the current browser where the timeout occurred - and open a new browser with "logoff.aspx" information - How would I do this?
Nov 18 '05 #1
6 1494
Try the following code in Page Load event

Response.Expires = 0
Response.ExpiresAbsolute = Now()
Response.CacheControl = "no-cache"
Nov 18 '05 #2
> Question: Is there anyway to clear the browser's history list (prior to
Response.Redirect("logoff.aspx") - to ensure the user can't depress the
"back" button to return to the page where the timeout occurred?

No.
If this is not possible - what if after I detect the session timeout - Is it then possible to close the current browser where the timeout occurred -
and open a new browser with "logoff.aspx" information - How would I do this?

You can't do anything on the client because of a Session Timeout. The
Session Timeout occurs without any Request, and the server can only react on
the client via a client Request.

What you CAN do is to use JavaScript or a META Refresh tag on the client to
redirect after a certain period of time. You can set the time to the same
interval as a Session Timeout.

--
HTH,
Kevin Spencer
..Net Developer
Microsoft MVP
Big things are made up
of lots of little things.

"David" <an*******@discussions.microsoft.com> wrote in message
news:D1**********************************@microsof t.com... A user logs into a web site. He is then redirected to a web page of his choosing - based on menu options - for example: "WeeklyReport.aspx" is a
page the user is currently viewing.
If the user session times out, I redirect the user to a "logoff.aspx" web page that now informs the user he must relogin to the web site.
Question: Is there anyway to clear the browser's history list (prior to Response.Redirect("logoff.aspx") - to ensure the user can't depress the
"back" button to return to the page where the timeout occurred?
If this is not possible - what if after I detect the session timeout - Is

it then possible to close the current browser where the timeout occurred -
and open a new browser with "logoff.aspx" information - How would I do this?
Nov 18 '05 #3
Kevin

I did the redirect using a META tag. But I get the same result - i.e., I get the back button enabled and with the prior history

Unless I did this wrong - but basically - I get the same as if I placed in the Page_Init the following code..
if Session.IsNewSession then Response.Redirect(...

Basically - I can get the page as I requested - but I'd like to either disable the back button or have this opened in a 2nd window. Is their anyway to use the META refresh tag to open a 2nd browser window - then somehow close the 1st?
Nov 18 '05 #4
Hi David,
I did the redirect using a META tag. But I get the same result - i.e., I get the back button enabled and with the prior history.

You asked 2 distinct questions, and I answered them individually. The answer
to the second question had nothing to do with the answer to the first.
Basically - I can get the page as I requested - but I'd like to either disable the back button or have this opened in a 2nd window. Is their
anyway to use the META refresh tag to open a 2nd browser window - then
somehow close the 1st?

No. The remark about the META Refresh tag was in answer to your question
about how to redirect after a Session Timeout.

It would help if you discuss what your business requirement is. What is it
that you are wanting to prevent from happening? And by that, I don't mean
technically, e.g. not using the Back button or preventing the user from
navigating back to a page. What I need to know is, what business requirement
are you trying to fulfill by this?

--
HTH,
Kevin Spencer
..Net Developer
Microsoft MVP
Big things are made up
of lots of little things.

"David" <an*******@discussions.microsoft.com> wrote in message
news:51**********************************@microsof t.com... Kevin,

I did the redirect using a META tag. But I get the same result - i.e., I get the back button enabled and with the prior history.
Unless I did this wrong - but basically - I get the same as if I placed in the Page_Init the following code... if Session.IsNewSession then Response.Redirect(...)

Basically - I can get the page as I requested - but I'd like to either

disable the back button or have this opened in a 2nd window. Is their
anyway to use the META refresh tag to open a 2nd browser window - then
somehow close the 1st?
Nov 18 '05 #5
Summary of my initial request... "A user logs into a web site. He is then redirected to a web page of his choosing - based on menu options - for example: "WeeklyReport.aspx" is a page the user is currently viewing. If the user session times out, I redirect the user to a "logoff.aspx" web page that now informs the user he must relogin to the web site. Question: Is there anyway to clear the browser's history list (prior to Response.Redirect("logoff.aspx") - to ensure the user can't depress the "back" button to return to the page where the timeout occurred? If this is not possible - what if after I detect the session timeout - Is it then possible to close the current browser where the timeout occurred - and open a new browser with "logoff.aspx" information - How would I do this?

Basically - what business requirement are you trying to fulfill by this? Answer: Security
Reason: When the session times out, I require the user to NOT navigate again with the current browser - I want to prevent navigating to either the timed out page or any other page of their history list. I require the user to simply relogin - by connecting from main login page - that is visible on the desktop. The user's history list will be specific to the business needs of the organization - pages relative to main login page / so timeout means relogin - you lose your history

In summary: Yesterday PM - I Did implement a solution myself. Part 2 of question - I found a feasible solution. I basically open a new browser (back and forward buttons disabled) - only information in this window is message informing user of timeout and requirement to relogin to the web site. I also successfully close the main browser where the timeout occured

In any event, Thank you for reviewing my questions and your help.
Nov 18 '05 #6
You could put the following line in the script section of your page:
history.go(1);
This is a JavaScript command that when the page loads will always try
to go to the next page. This stops the back button's use.

Hope that this helps you.
Kalz
Nov 18 '05 #7

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

8 posts views Thread by R. Smits | last post: by
3 posts views Thread by anonieko | last post: by
2 posts views Thread by Eric Caron | last post: by
7 posts views Thread by Nathan Sokalski | last post: by
27 posts views Thread by David Golightly | last post: by
10 posts views Thread by Conrad Lender | last post: by
reply views Thread by guiromero | last post: by
reply views Thread by devrayhaan | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.