Solved

Set page expiration

Posted on 2013-05-30
1
188 Views
Last Modified: 2013-06-11
I want to prevent problems with the user clicking the browser back button and so getting a display that may be invalid. I was thinking I could set the expiration on the page to something very short:
Response.Cache.SetExpires(DateTime.Now.AddSeconds(0.001));
Response.Cache.SetCacheability(System.Web.HttpCacheability.Public);
Response.Cache.SetValidUntilExpires(true);

Open in new window

Is this a good approach?

(from http://msdn.microsoft.com/en-us/library/y18he7cw(v=vs.100).aspx)
0
Comment
Question by:allelopath
1 Comment
 
LVL 18

Accepted Solution

by:
Andrej Pirman earned 500 total points
Comment Utility
I just wanted to suggest you my solution to add this piece of code on every page you want to disable BACK functionality:
<body onload="window.history.forward();">

Open in new window


...but fortunatelly I asked uncle Google what he says, and here's even better solution:
http://lennilobel.wordpress.com/2009/07/26/defeat-the-evil-back-button-in-your-asp-net-applications/

I naturally code in PHP and I use this approach:
on each page (among those, which are chainde in some procedure, forms, cradit card processing, etc) I generate 2 variables:
$old_hash
$new_hash
The $new_hash I store into _SERVER variable (server side cookie), while $old_hash I store in web page FORM hidden variable. Each page load moves new --> old, and generates new one.
Then I check if the one from FORM hidden field matches the stored one on server side cookie, and if it does, then page is not reloaded, and back button was not pressed.
This means, that everything is OK.
But if it is NOT OK, it means, that either user pressed BACK button, or pressed SUBMIT twice, or reloaded the page or something was wrong. In this case I programatically act to redirect user to desired place (instead of just displaying some error or such).
With such an approach I control quality of my forms, and also I am friendly to visitors which make mistakes.
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Suggested Solutions

For those of you who don't follow the news, or just happen to live under rocks, Microsoft Research released a beta SDK (http://www.microsoft.com/en-us/download/details.aspx?id=27876) for the Xbox 360 Kinect. If you don't know what a Kinect is (http:…
A long time ago (May 2011), I have written an article showing you how to create a DLL using Visual Studio 2005 to be hosted in SQL Server 2005. That was valid at that time and it is still valid if you are still using these versions. You can still re…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now