Solved

Set page expiration

Posted on 2013-05-30
1
194 Views
Last Modified: 2013-06-11
I want to prevent problems with the user clicking the browser back button and so getting a display that may be invalid. I was thinking I could set the expiration on the page to something very short:
Response.Cache.SetExpires(DateTime.Now.AddSeconds(0.001));
Response.Cache.SetCacheability(System.Web.HttpCacheability.Public);
Response.Cache.SetValidUntilExpires(true);

Open in new window

Is this a good approach?

(from http://msdn.microsoft.com/en-us/library/y18he7cw(v=vs.100).aspx)
0
Comment
Question by:allelopath
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 18

Accepted Solution

by:
Andrej Pirman earned 500 total points
ID: 39215177
I just wanted to suggest you my solution to add this piece of code on every page you want to disable BACK functionality:
<body onload="window.history.forward();">

Open in new window


...but fortunatelly I asked uncle Google what he says, and here's even better solution:
http://lennilobel.wordpress.com/2009/07/26/defeat-the-evil-back-button-in-your-asp-net-applications/

I naturally code in PHP and I use this approach:
on each page (among those, which are chainde in some procedure, forms, cradit card processing, etc) I generate 2 variables:
$old_hash
$new_hash
The $new_hash I store into _SERVER variable (server side cookie), while $old_hash I store in web page FORM hidden variable. Each page load moves new --> old, and generates new one.
Then I check if the one from FORM hidden field matches the stored one on server side cookie, and if it does, then page is not reloaded, and back button was not pressed.
This means, that everything is OK.
But if it is NOT OK, it means, that either user pressed BACK button, or pressed SUBMIT twice, or reloaded the page or something was wrong. In this case I programatically act to redirect user to desired place (instead of just displaying some error or such).
With such an approach I control quality of my forms, and also I am friendly to visitors which make mistakes.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is for Object-Oriented Programming (OOP) beginners. An Interface contains declarations of events, indexers, methods and/or properties. Any class which implements the Interface should provide the concrete implementation for each Inter…
Exception Handling is in the core of any application that is able to dignify its name. In this article, I'll guide you through the process of writing a DRY (Don't Repeat Yourself) Exception Handling mechanism, using Aspect Oriented Programming.
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question