Click here to Skip to main content
15,916,180 members
Please Sign up or sign in to vote.
4.33/5 (6 votes)
I used the below code in master page
<script type="text/javascript">
        function noBack()
        window.onload = noBack;
        window.onpageshow = function(evt) { if (evt.persisted) noBack() }
        window.onunload = function() { void (0) }

It is working good for me, but still I have a problem.
As I have set the logout operation in a master page, the browser back button is disabled for every page associated with the master page.It is because,code is executed for every page associated with the master page.
I need to Disable Browser Back Button functionality only when logout is clicked.
Updated 4-May-23 20:48pm
Prince Antony G 15-Nov-11 5:15am    
i too have the same problem..
Member 9379643 17-Sep-12 0:38am    
Its working good for me yaar...Thanks
Dheerajs975 23-Jan-18 1:09am    
it works for me too.. thanks

Instead of disabling back functionality you should check user's authentication on your application's pages
(i.e check whether the user has logged in from login page and user has proper keys or not) if he doesn't that he should be redirected to the login page.
You could do this by applying proper authentication on your application.

for more information go here[^]
Share this answer
Kosimek 25-Apr-14 14:34pm    
Not a solution. The problem is not caused by clicking a link on an active page, the problem is the cached pages. These pages will not check to see if a user has logged since they are served from the client side.
srikanthvuppula wrote: I need to Disable Browser Back Button functionality only when logout is clicked.

No you don't. You need to rethink your application logic so that it doesn't matter if the user presses the back button.

You know whether or not a person is logged in when viewing a page, so why not simply display a message "you must be logged in to view this page", or display generic, nonm-user-specific information, or at worst force a redirect if they view a page while not logged in.

Don't try and mess with the browser. It's either going to only work sporadically, and then, only for those with javascript enabled, and is subject to the whims of those who write the browsers.
Share this answer
Sandeep Mewara 24-Jan-11 6:56am    
For doing any of these: 'You know whether or not a person is logged in when viewing a page, so why not simply display a message "you must be logged in to view this page", or display generic, nonm-user-specific information, or at worst force a redirect if they view a page while not logged in.'
One has to run certain code on server side. During browser's back button case, server code is not executed and hence we don't have any control on it. Thus, in such scenario, I guess we are left with playing around with History.

If I am missing something please share.
Chris Maunder 24-Jan-11 7:00am    
Why are you trying to stop someone hitting the back button? I'm assuming it's to stop them viewing a page that should only be viewed when logged in.

So, my comment relates to what to do if someone tries to view a page they aren't meant to, and the answer is, handle this on the server side when they try and view the page.

If you are trying to stop them, at the client side, from viewing a page you can't. If javascript is disabled then you scripting efforts are a waste. If they manually look up their history and go to the page, or have bookmarked a page and then go to the bookmark, then you're back to square 1.

Discourage someone from viewing a page, yes, but don't mess with the history, and don't assume they won't get to the page.
Ed Nutting 19-May-11 16:15pm    
Good answer, my 4 :) Please see my answer :)
Akinmade Bond 2-Nov-12 12:12pm    
I like the login in your answer. +4
Kosimek 25-Apr-14 14:56pm    
@Chris Bad answer. This issue has zero to do with rethinking application logic. Pages from the Back button are served from the client side and do not involve the server side where the application logic is located. <br><br>
I have been struggling with this issue for years, have tried every "solution" I have come across and most do not work at all, a few only work on some browsers. There is certainly no published, working, javascript independent, platform independent, cross-browser solution for this issue or I would have found it.<br><br>
The question posed clearly states that Back button functionality should be prevented AFTER logout. Even not caching the page is useless on most browsers since rapid clicking of the Back button will get you past most obstacles. Any javascript solution that does work can be subverted in any case by turning off javascript.<br><br>
In my apps you can still see previously viewed pages even though clicking on any link in them sends you directly back to the login page. However, these viewed pages may contain personal/sensitive information that should not be accessible to anyone just by clicking the Back button.<br><br>
It is of course possible. All banking applications and Hotmail to name some, send you back to the login page when you click the Back button, even when using rapid clicking of the Back button. How this is done is apparently a well-kept secret.<br><br>
If anyone has a REAL cross browser solution for this, I am all ears! And please don't tell me not to mess with the Back button. It's being done all the time. The question is how?

Your code is not all browser supported. Check it for all browser. You have to handle this thing into your code. So don't wast your time in browser back button.
Share this answer
check this[^] trick
Share this answer
Ed Nutting 19-May-11 16:17pm    
Good answer, my 5 :) Basically what I said though you probably should have said what 'this' was in your answer, because you didn't, I posted my answer assuming this question hadn't been answered properly :P
Dalek Dave 19-May-11 19:13pm    
I have always found disabling browser caching solves this. It means the browser HAS to recall a page from your server, even if it is through back button, thus allowing you to handle things properly. Try using:

Response.ExpiresAbsolute = DateTime.Now.Subtract(new TimeSpan(1, 0, 0, 0));
Response.Expires = 0;
Response.CacheControl = "no-cache";

in the Page_Load event of your C# code server side.
Share this answer
BobJanova 20-May-11 4:58am    
Indeed. The problem here (if there is one at all) is with users seeing cached copies of the pages they were looking at before. If you think that is a problem, turn caching off for the 'inside' pages (though I believe they can still see them in their history).
<script type="text/javascript">
function back_block()

call it on body onload event
Share this answer
Member 10189719 9-Apr-15 2:47am    
but this code does not work in my index page
Omid Nasri 17-Oct-15 1:45am    
And me.
Use This Code On Home Page Or Redirecting PAge Where You Redirect Control After Log out<html>
<title> Rizwan </title>
<script type="text/javascript">
function back_block() {
<body önload="javascript:back_block();">
Share this answer
[no name] 16-Jan-13 6:56am    
Very Good Nice one........
markovl 16-Jan-13 7:08am    
What's up with resurrecting an already resolved question from 1.5 years ago? Why would you do that? Is it points? Is it boredom? What?
Kosimek 25-Apr-14 15:04pm    
@markovl Nothing was resolved 1.5 years ago (now 2.2 years ago). Instead of being insulting to someone posting a question to which to my knowledge no working, javascript independent, platform independent, cross-browser solution is available, I suggest that you either post such solution or refer to the page where such solution can be found.
You will do a gazillion people a big favour. I am certainly all ears!
Instead of Disabling the back button on the click of the logout button clear the cache

Response.ExpiresAbsolute = DateTime.Now;
      Response.Expires = 0;
      Response.CacheControl = "no-cache";
Share this answer

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900