• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 220
  • Last Modified:

Set page expiration

I want to prevent problems with the user clicking the browser back button and so getting a display that may be invalid. I was thinking I could set the expiration on the page to something very short:
Response.Cache.SetExpires(DateTime.Now.AddSeconds(0.001));
Response.Cache.SetCacheability(System.Web.HttpCacheability.Public);
Response.Cache.SetValidUntilExpires(true);

Open in new window

Is this a good approach?

(from http://msdn.microsoft.com/en-us/library/y18he7cw(v=vs.100).aspx)
0
allelopath
Asked:
allelopath
1 Solution
 
Andrej PirmanCommented:
I just wanted to suggest you my solution to add this piece of code on every page you want to disable BACK functionality:
<body onload="window.history.forward();">

Open in new window


...but fortunatelly I asked uncle Google what he says, and here's even better solution:
http://lennilobel.wordpress.com/2009/07/26/defeat-the-evil-back-button-in-your-asp-net-applications/

I naturally code in PHP and I use this approach:
on each page (among those, which are chainde in some procedure, forms, cradit card processing, etc) I generate 2 variables:
$old_hash
$new_hash
The $new_hash I store into _SERVER variable (server side cookie), while $old_hash I store in web page FORM hidden variable. Each page load moves new --> old, and generates new one.
Then I check if the one from FORM hidden field matches the stored one on server side cookie, and if it does, then page is not reloaded, and back button was not pressed.
This means, that everything is OK.
But if it is NOT OK, it means, that either user pressed BACK button, or pressed SUBMIT twice, or reloaded the page or something was wrong. In this case I programatically act to redirect user to desired place (instead of just displaying some error or such).
With such an approach I control quality of my forms, and also I am friendly to visitors which make mistakes.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now