Click here to Skip to main content
12,406,098 members (72,732 online)
Rate this:
 
Please Sign up or sign in to vote.
See more: ASP.NET Javascript
Hi friends, I have 2 master pages Default.aspx is from Site.Master and some more pages that are from Admin.Master, I have used the code that to prevent the user from going back to previous pages after logout.

Here is my code
 function preventBack() 
   {
   window.history.forward();
 
   }
setTimeout("preventBack()", 0);
window.onunload = function () { null };

The problem I am facing is that I am able to go back among pages that uses Admin.

Master page i.e I have Home.aspx, AboutUs.aspx,Admin.aspx,AddItem.aspx I was unable to navigate between those pages also. Please tell me how to solve this. I have tried other methods also, but still facing same problem.

Thanks in Advance

Ganesh
Posted 3-Oct-12 20:53pm
Ganeshcse2.6K
Updated 3-Oct-12 22:26pm
DaveAuld187.3K
v2
Comments
Joan Murt 4-Oct-12 3:04am
   
Wouldn't it be better to check the logged status in all the pages at the beginning? if you are not logged in then at the page load you could redirect the user to another place...

I can imagine a simple way to kill your javascript method: going to the history of the browser you are using and then clicking on a link which you would like to protect...
Rate this: bad
 
good
Please Sign up or sign in to vote.

Solution 1

Make sure that admin pages are not cached (at all or just for a short period) on client side. There is no way to prevent user accessing the previous urls but you can prevent them seeing what was on them. Of course, disabling caching will increase web server roundtrips. Such javascript snippets are useless, since they can be disabled, and worked around in several ways.
See this article: http://www.extremeexperts.com/Net/FAQ/DisablingBackButton.aspx[^] for dealing with this from code, and from web.config: http://msdn.microsoft.com/en-us/library/ms178606(VS.80).aspx[^]
  Permalink  
v2
Rate this: bad
 
good
Please Sign up or sign in to vote.

Solution 2

I think It's better to set a session variable at login page then check the login session every page on pageload and prevent caching eg:
Response.Cache.SetCacheability(HttpCacheability.NoCache);
if(Session["mysession"] != null)
{
response.redirect("login.aspx")
} 
else {....}


  Permalink  
v2
Comments
Ganeshcse 4-Oct-12 23:38pm
   
Yes I have done this way but I am un able to go. All I want is that to Update the session value using javascript. I know that we cannot update the session variable using javascript but with the combination of Js and cookies it can be done but I didnot know how to do that. So Please tell me an alternative way of doing this.
Rate this: bad
 
good
Please Sign up or sign in to vote.

Solution 3

One needs to clear the cache such that browser has no history (this will make back/forward button in browser grayed out disabled.) Here are various ways of how one can do it:




One can clear browser history through JavaScript:

<SCRIPT LANGUAGE="javascript">
{
     var Backlen=history.length;
     history.go(-Backlen);
     window.location.href=page url
}
</SCRIPT>

one can set this in logout event:
protected void LogOut()
{
     Session.Abandon();
     string nextpage = "Logoutt.aspx";
     Response.Write("<script language="javascript">");
     Response.Write("{");
     Response.Write(" var Backlen=history.length;");
     Response.Write(" history.go(-Backlen);");
     Response.Write(" window.location.href='" + nextpage + "'; ");
     Response.Write("}");
     Response.Write("</script>");
}
  Permalink  
Rate this: bad
 
good
Please Sign up or sign in to vote.

Solution 4

I do this:
1) Load the page checking if session exists.
2) end session at the end of the page. Meaning put your end session command at the end of the page
3) Now if the user tries to go back, by browser button or back space, he will be redirected to your default page i.e login or index as per your set preference.

Note: It only works when user is on the last page he/she should see. I had this specific requirement so it worked out for me.
  Permalink  

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month


Advertise | Privacy | Mobile
Web02 | 2.8.160726.1 | Last Updated 11 Sep 2015
Copyright © CodeProject, 1999-2016
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100