Solved

Disabling Back button of Browser on Logout click

Posted on 2011-02-23
15
885 Views
Last Modified: 2012-05-11
How to disable back button of the browser after logout  like Yahoo,Gmail etc for Security in asp.net
0
Comment
Question by:Shahid-Abbasi
  • 6
  • 4
  • 2
  • +3
15 Comments
 
LVL 9

Expert Comment

by:s_chilkury
ID: 34967620
The following javascript disables the back button

<script language="JavaScript">
      javascript:window.history.forward(1);
</script>

It works for both IE and Firefox
0
 
LVL 39

Expert Comment

by:Pratima Pharande
ID: 34967629
It is done by javascript. Cut the below script into your page where u want to disable the back button of IE

<script language="JavaScript">
  javascript:window.history.forward(1);
</script>
0
 
LVL 14

Expert Comment

by:quizwedge
ID: 34967638
The JavaScript solutions will work, if they have JavaScript enabled. If you have someone disable JavaScript, you'll still have problems.

One of the clearer articles I found on how to do this from the ASP.NET side is http://www.4guysfromrolla.com/webtech/111500-1.shtml They discuss "disabling" the back button for other reasons, but it should work for you.

Other ASP.NET solutions / explanation of the solution can be found at
http://www.codeproject.com/KB/aspnet/NoCaching.aspx?msg=1193078
http://ranafaisal.wordpress.com/2009/02/20/disabling-browsers-back-functionality-on-logout-from-aspnet/
http://geekswithblogs.net/Frez/articles/back-button-issue-after-logout-in-asp.net.aspx
0
 
LVL 39

Expert Comment

by:Pratima Pharande
ID: 34967644
0
 
LVL 53

Expert Comment

by:Dhaest
ID: 34967662
The "Back" browser button (or for that matter any other browser button) cannot be actually disabled by a web application as the security context will not allow this (think of what nasty things could happen if web applications can remove buttons from client browsers!)

See for more information: http://geekswithblogs.net/vivek/archive/2007/02/24/107148.aspx


I have had a lot of people ask, "How to I disable the back button?" or, "How do I prevent a user from clicking the back button and going back to the previous screen?" In fact, this is one of the most commonly asked questions on the ASPMessageboard and, sadly, the answer is quite simple: You CANNOT disable the back button of the browser.

Source: http://www.4guysfromrolla.com/webtech/111500-1.shtml
0
 
LVL 8

Expert Comment

by:PagodNaUtak
ID: 34967703
If you are using master page then put the below code in the very first line of your master page page_load event otherwise put the below code in the page_load event of every page of your web application.

The code below ensures that the page is created and the one stored in the browser cached.
Response.Cache.SetCacheability(HttpCacheability.NoCache);

Open in new window

0
 

Author Comment

by:Shahid-Abbasi
ID: 34968612
thanks for reply me,i use Response.Cache.SetCacheability(HttpCacheability.NoCache); it work fine in ie but not in firefox i also use   Response.Buffer = true;
            Response.ExpiresAbsolute = DateTime.Now.AddDays(-1d);
            Response.Expires = -1500;
            Response.CacheControl = "no-cache";
but same behaviour so how i can solve this issue in firefox
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 
LVL 14

Expert Comment

by:quizwedge
ID: 34968680
Did you try the following from http://www.4guysfromrolla.com/webtech/111500-1.shtml

<html>
<head>
  <meta http-equiv="Expires" CONTENT="0">
  <meta http-equiv="Cache-Control" CONTENT="no-cache">
  <meta http-equiv="Pragma" CONTENT="no-cache">
</head>

Open in new window


There are some other JavaScript solutions at http://www.4guysfromrolla.com/webtech/111500-1.2.shtml though there is always the possibility that the user will turn JavaScript off.

The directions at http://geekswithblogs.net/Frez/articles/back-button-issue-after-logout-in-asp.net.aspx seem to be a combination of the solutions, which should work for Firefox as well.  If the solution itself doesn't work, you could do what he suggests in the paragraph that starts with "One solution might be to send appropriate headers"
0
 

Author Comment

by:Shahid-Abbasi
ID: 34968781
I try meta tags but doesn't work in firefox , so when i use this script to disable back button like
  <script type="text/javascript">
                  function noBack() {
              window.history.forward();
              document.getElementById("<%=hdnfirsthit.ClientID %>").value = "1";            
          }
          noBack();
          window.onload = noBack;
          window.onpageshow = function(evt) { if (evt.persisted) noBack(); }
          window.onunload = function() { void (0); }            
</script>

it work in firefox but i want only execute on logout button not other pages.
0
 
LVL 14

Expert Comment

by:quizwedge
ID: 34969283
You can use ClientScript.RegisterStartupScript (see http://bytes.com/topic/c-sharp/answers/849468-client-side-script) to call that function on the logout page.
0
 

Author Comment

by:Shahid-Abbasi
ID: 34977105
I try this code but it doesn't work in firefox and ie work fine,how i can execute this script after logout
  protected void Page_Init(object Sender, EventArgs e)
    {
        Response.Cache.SetCacheability(HttpCacheability.NoCache);
        Response.Cache.SetExpires(DateTime.Now.AddDays(-1));

    }



  protected void lbtnLogOut_Click(object sender, EventArgs e)
    {
   try
        {
           Page.ClientScript.RegisterStartupScript(this.GetType(), "MyScript", "DisableBackBT();", true);
            Session["LoginType"] = null;
            this.Session.Clear();
            Response.Redirect("Login.aspx", false);
            Response.Cache.SetExpires(DateTime.Now);
        }
        catch (Exception ex)
        {
        }

}

  //Clientside script
   <script type="text/javascript">
   
   
          function noBack() {
              window.history.forward();
                 
          }

          function DisableBackBT()
          {
          noBack();
          window.onload = noBack;
          window.onpageshow = function(evt) { if (evt.persisted) noBack(); }
          window.onunload = function() { void (0); }
          }    
       
</script>




0
 
LVL 14

Expert Comment

by:quizwedge
ID: 34978477
Change your Response.Redirect to
Response.Redirect("Login.aspx?DisableBack=1", false);

Open in new window


Then, instead of Page.ClientScript.RegisterStartupScript being in the lbtnLogOut_Click method, put it in the Page_Load method of the login page. Only run it if the URL variable DisableBack equals 1.

The following line is also not running because it is after the redirect

Response.Cache.SetExpires(DateTime.Now);

Open in new window


0
 

Author Comment

by:Shahid-Abbasi
ID: 35146443
i will try this solution
0
 

Accepted Solution

by:
Shahid-Abbasi earned 0 total points
ID: 35372611
Response.Cache.SetCacheability(HttpCacheability.NoCache);
Response.Cache.SetExpires(DateTime.Now.AddDays(-1));
Response.Cache.SetNoStore();

These are the lines thats work for me, It works both on IE and Firefox.
0
 

Author Closing Comment

by:Shahid-Abbasi
ID: 35406754
test comments
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

For those of you who don't follow the news, or just happen to live under rocks, Microsoft Research released a beta SDK (http://www.microsoft.com/en-us/download/details.aspx?id=27876) for the Xbox 360 Kinect. If you don't know what a Kinect is (http:…
Introduction This article shows how to use the open source plupload control to upload multiple images. The images are resized on the client side before uploading and the upload is done in chunks. Background I had to provide a way for user…
This video discusses moving either the default database or any database to a new volume.
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now