Click here to Skip to main content
12,635,671 members (25,197 online)
Rate this:
 
Please Sign up or sign in to vote.
See more: C# ASP.NET Javascript MVC
I want to disable browser's back button after log out.
I have already set session["session-id"] to null on log out event.
But when I am pressing Back button of browser,it will redirect me to that secure page from which I've already log out.
Please Give me any solution about this problem.
Posted 25-Sep-12 21:15pm
Rate this: bad
 
good
Please Sign up or sign in to vote.

Solution 1

Hey Bro.... try this out

I Perfectly got the solution.


When we request any page from server, browser maintains its cache in local system. When user press back button the cached page opened in front of user.

Its mean we have to disable the cache functionality for our session pages. So for this you have to insert this code into “Page_Load” event of the session page or to master page that is used for secure pages.
Response.Buffer= true;
Response.ExpiresAbsolute=DateTime.Now.AddDays(-1d);
Response.Expires =-1500;
Response.CacheControl = "no-cache";
if(Session["SessionId"] == null)
{
Response.Redirect ("WhereYouWantToGo.aspx");
}
}

This code just disable the cache for current page and save this page in buffer.

And buffer is maintained in memory so when user log
out the buffer will
destroy and no backup copy of that page available to view.

So its mean we successfully disable the back button.
  Permalink  
v3
Comments
Meet Raval 26-Sep-12 2:23am
   
Thanks Hemant...
This works well in Internet Explorer.
But it is not working in Mozilla Firefox.
Plz tell me if you or anybody have solution about this issue...

Once again thanks hemant..
Have a nice day...
swaroopanalla 24-Jul-13 6:40am
   
It works fine in firefox and chrome but not in IE
Developer Hemant Patel 26-Sep-12 3:56am
   
thanks
sarathkumarnallathambi 11-Jan-13 7:41am
   
Hi.. Its Not WOrking In Chrome...
Rate this: bad
 
good
Please Sign up or sign in to vote.

Solution 2

Your Welcome Dude..

Try this out

add this line to your secure page
Response.Cache.SetNoStore()

add this logout button
Session.Abandon()

In my case it work in Mozilla..
Try it and review about this...
  Permalink  
v2
Comments
Meet Raval 26-Sep-12 2:32am
   
Yes Hemant,
It's working well.
Thanks once again for giving me this solutions.
Genius Dude!!!!
Sandeep Mewara 26-Sep-12 2:33am
   
You can either update your answer using 'Improve Solution' or use comment feature to respond to follow up questions of Op instead of posting a new answer.
Rate this: bad
 
good
Please Sign up or sign in to vote.

Solution 3

Have a look at this Tip: Browser back button issue after logout[^]
  Permalink  
Comments
Meet Raval 26-Sep-12 2:43am
   
Yes,Mr.Sandeep,Thanks..
I've seen the link that you have given..
But it looks more complicated than previous solution.
Sandeep Mewara 26-Sep-12 2:47am
   
It has multiple ways suggested. Strange to hear - it's complicated! :)
Rate this: bad
 
good
Please Sign up or sign in to vote.

Solution 4

Here is how i did it

Assuming that you have a Login.aspx and Home.aspx and Moreover you have "Login" Button in the Login.aspx and a "SignOut" Button in the Home.aspx;

Put this under the Page Load event of the Login.aspx
Session["LoginId"] = null;


Put this under the click event of "Login" button [NB. put this code after you validate the password]
Session["LoginId"] = TextBox_UserName.Text;
// TextBox_UserName is the text box on the Login.aspx page that is used to input the username
Response.Redirect("HomePage.aspx");


Put this under the Page Load event of the Home.aspx
if (!IsPostBack)
    {
       if (Session["LoginId"] == null)
       Response.Redirect("Login.aspx");
       else
       {
          Response.ClearHeaders();
          Response.AddHeader("Cache-Control", "no-cache, no-store, max-age=0, must-revalidate");
          Response.AddHeader("Pragma", "no-cache");
       }

    }


Put this under the Click event of "SignOut" button
try
{
   Session.Abandon();
   Session["LoginId"] = null;
   Response.Cache.SetCacheability(HttpCacheability.NoCache);
   Response.Buffer = true;
   Response.ExpiresAbsolute = DateTime.Now.AddDays(-1d);
   Response.Expires = -1000;
   Response.CacheControl = "no-cache";
   Response.Redirect("Login.aspx", true);
}
catch (Exception ex)
{
   Response.Write(ex.Message);
}


What happens is that When the user clicks back button and the Login.aspx page appears then the session is set to null so pressing the back button to access the home page again would not open the home page rather it redirects it to the Login.aspx page. Same is true if the user press the "SignOut" button, the back button redirects it to Login.aspx.
  Permalink  
Rate this: bad
 
good
Please Sign up or sign in to vote.

Solution 5


public void SetPageNoCache()
  {
      Response.Cache.SetCacheability(HttpCacheability.NoCache);
      Response.Cache.SetExpires(DateTime.Now.AddSeconds(-1));
      Response.Cache.SetAllowResponseInBrowserHistory(false);
      Response.Cache.SetNoStore();
  }



Call this function in Page_Load event
  Permalink  

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month


Advertise | Privacy | Mobile
Web02 | 2.8.161208.2 | Last Updated 23 Jul 2015
Copyright © CodeProject, 1999-2016
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100