Hi,
I have an application which runs with secure access. User logs in,
uses the services, and logs out. After logging out, if the user click
the back button, it actually takes them to that page. How can I
prevent this?
Is there a way, that if the person clicks the back button or access a
browser history, how can I make sure that the latest page is displayed
instead of just the cache. Or, clicking the back/history should
refresh that page.
If this is in any FAQs, could anyone direct me to the right one.
thanks,
Indu 8 1143
Indu wrote: I have an application which runs with secure access. User logs in, uses the services, and logs out. After logging out, if the user click the back button, it actually takes them to that page. How can I prevent this?
Use POST requests and server-side sessions.
Google is your friend. [psf 6.1]
PointedEars
I am using POST request, and server side sessions. When you click
back/next buttons on the browser, no request is made, and the browser
shows the page.
Is there a way to refresh/reload the page when a person clicks a back
button?
thanks,
Indu
Indu wrote on 30 jan 2006 in comp.lang.javascript : I am using POST request, and server side sessions. When you click back/next buttons on the browser, no request is made, and the browser shows the page.
Please quote what you are replying to.
If you want to post a followup via groups.google.com, don't use the
"Reply" link at the bottom of the article. Click on "show options" at the
top of the article, then click on the "Reply" at the bottom of the article
headers. <http://www.safalra.com/special/googlegroupsreply/>
Is there a way to refresh/reload the page when a person clicks a back button?
No.
--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
Indu wrote: I am using POST request, and server side sessions. When you click back/next buttons on the browser, no request is made, and the browser shows the page.
Not here.
Is there a way to refresh/reload the page when a person clicks a back button?
No.
PointedEars
On 2006-01-30, Indu <in******@gmail.com> wrote: Hi,
I have an application which runs with secure access. User logs in, uses the services, and logs out. After logging out, if the user click the back button, it actually takes them to that page. How can I prevent this?
don't use HTTP for your security. (implement a login form...)
Is there a way, that if the person clicks the back button or access a browser history, how can I make sure that the latest page is displayed instead of just the cache. Or, clicking the back/history should refresh that page.
no. if they select "browse offline" they will get the local cache.
Bye.
Jasen
Jasen Betts wrote: On 2006-01-30, Indu <in******@gmail.com> wrote: I have an application which runs with secure access. User logs in, uses the services, and logs out. After logging out, if the user click the back button, it actually takes them to that page. How can I prevent this?
don't use HTTP for your security. (implement a login form...)
That is not possible with a Web application. HTTPS, which you probably
mean, is merely HTTP over SSL/TLS.
PointedEars
On 2006-02-05, Thomas 'PointedEars' Lahn <Po*********@web.de> wrote: Jasen Betts wrote:
On 2006-01-30, Indu <in******@gmail.com> wrote: I have an application which runs with secure access. User logs in, uses the services, and logs out. After logging out, if the user click the back button, it actually takes them to that page. How can I prevent this?
don't use HTTP for your security. (implement a login form...)
That is not possible with a Web application. HTTPS, which you probably mean, is merely HTTP over SSL/TLS.
no, not what I mean at all, I mean don't use HTTP authenticcation. use a
login form and a server based session.
Bye.
Jasen
Jasen Betts wrote: On 2006-02-05, Thomas 'PointedEars' Lahn <Po*********@web.de> wrote: Jasen Betts wrote: On 2006-01-30, Indu <in******@gmail.com> wrote: I have an application which runs with secure access. User logs in, uses the services, and logs out. After logging out, if the user click the back button, it actually takes them to that page. How can I prevent this? don't use HTTP for your security. (implement a login form...) That is not possible with a Web application. HTTPS, which you probably mean, is merely HTTP over SSL/TLS.
no, not what I mean at all, I mean don't use HTTP authenticcation. use a login form and a server based session.
However, this recommendation is not well founded. In fact, HTTP
Authentication provides less attack points than server-side programming
does, and it does not require server-side programming. Both approaches
have their drawbacks, of course.
Still, I wonder how you got the idea that the OP is using HTTP
Authentication in the first place.
PointedEars This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: robert |
last post by:
well, talk about timely. i'm tasked to implement a security feature,
and would rather do so in the database than the application code. the
application is generally Oracle, but sometimes DB2. ...
|
by: Mike MacSween |
last post by:
S**t for brains strikes again!
Why did I do that? When I met the clients and at some point they vaguely
asked whether eventually would it be possible to have some people who could
read the data...
|
by: Ashish |
last post by:
Hi Guys
I am getting the following error while implementing authentication using
WS-security.
"Microsoft.Web.Services2.Security.SecurityFault: The security token could
not be authenticated...
|
by: prithvi g via .NET 247 |
last post by:
Hi
I am a newbie to .NET remoting, I am trying to implementauthorization using SSPI example provided by Michael Barnett. Ihave included the required dll(Microsoft.Samples.Security.SSPI.dll...
|
by: Earl Teigrob |
last post by:
Background:
When I create a ASP.NET control (User or custom), it often requires security to be set for certain functionality with the control. For example, a news release user control that is...
|
by: Magdelin |
last post by:
Hi,
My security team thinks allowing communication between the two IIS instances
leads to severe security risks. Basically, we want to put our presentation
tier on the perimeter network and the...
|
by: Jay C. |
last post by:
Jay
3 Jan. 11:38 Optionen anzeigen
Newsgroups: microsoft.public.dotnet.framework.webservices.enhancements
Von: "Jay" <p.brunm...@nusurf.at> - Nachrichten dieses Autors suchen
Datum: 3 Jan...
|
by: Velvet |
last post by:
I ran FxCop on one of the components for my web site and the security rules
what me to add " tags like the ones listed
below:
This breaks my ASP.NET application. So my question is,...
|
by: Jeremy S. |
last post by:
..NET's code Access Security enables administrators to restrict the types of
things that a .NET application can do on a local computer. For example, a
..NET Windows Forms application can be...
|
by: Budhi Saputra Prasetya |
last post by:
Hi,
I managed to create a Windows Form Control and put it on my ASP .NET page. I
have done the suggestion that is provided by modifying the security settings.
From the stack trace, I would...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: ryjfgjl |
last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
| |