467,911 Members | 1,293 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 467,911 developers. It's quick & easy.

avoid a page going back to site after logging out

Hi,
I am working on a web site which authenticates an user using forms. And once they logout, I observed that, for any reason if they click on "BACK" button of the browser, the user is being taken back to the site instead taking them to "login" page. I used formsAuthentication signout method and also used session's abandon method in signout event. Still I don't know why I am facing that problem. Please tell me what else I need to do in order to avoid that and present them with loging page like it happens with any email web site.

Thanks,

--
Message posted via http://www.dotnetmonster.com
Nov 19 '05 #1
  • viewed: 3066
Share:
2 Replies
Most likely you're seeing the contents of the browser cache, and not a new
page generated by the server. Try hitting the back button and then F5 for
refresh; you should be redirected to login.

This isn't a security violation per-se; however it raises an interesting
question regarding the sanctity of confidential information. When you log
out, it would be nice to know that a new user approach the machine couldn't
browse the cache so easily and view your previously-seen documents.

A few possibilities;

+ Do some work to prevent the browser from caching the page. Historically,
this has been somewhat unreliable, but there are some solutions that seem to
behave consistently.

+ Immediately after logout, try writing some js out to close the browser.

+ Immediately after logout, try writing some js to clear the history.

You'll no doubt have different issues with different web browsers, and even
more complex issue dealing with proxy server caches, but it's somewhere to
start.

/// M
"nvv via DotNetMonster.com" <fo***@DotNetMonster.com> wrote in message
news:24******************************@DotNetMonste r.com...
Hi,
I am working on a web site which authenticates an user using forms. And once they logout, I observed that, for any reason if they click on "BACK"
button of the browser, the user is being taken back to the site instead
taking them to "login" page. I used formsAuthentication signout method and
also used session's abandon method in signout event. Still I don't know why
I am facing that problem. Please tell me what else I need to do in order to
avoid that and present them with loging page like it happens with any email
web site.
Thanks,

--
Message posted via http://www.dotnetmonster.com

Nov 19 '05 #2
Mr. Wells,

I am working on intranet. So, no problem of browser type or version. Is there any way that we can avoid in the way it happens in yahoo mail. I mean, whatever the page that the user requests, he must be redirected to login(that includes after logging out and hitting browser's back button). Like how it happens even with this site(dotnetmonster).
Please help. If boss wants like that, we have to do that.

Thanks,
nvv

--
Message posted via http://www.dotnetmonster.com
Nov 19 '05 #3

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

5 posts views Thread by Veeresh | last post: by
3 posts views Thread by Joel D. Kraft | last post: by
6 posts views Thread by BizWorld | last post: by
6 posts views Thread by RobGMiller | last post: by
7 posts views Thread by =?Utf-8?B?Um9iIFRob21zb24=?= | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.