• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 235
  • Last Modified:

Set page expiration

I want to prevent problems with the user clicking the browser back button and so getting a display that may be invalid. I was thinking I could set the expiration on the page to something very short:
Response.Cache.SetExpires(DateTime.Now.AddSeconds(0.001));
Response.Cache.SetCacheability(System.Web.HttpCacheability.Public);
Response.Cache.SetValidUntilExpires(true);

Open in new window

Is this a good approach?

(from http://msdn.microsoft.com/en-us/library/y18he7cw(v=vs.100).aspx)
0
allelopath
Asked:
allelopath
1 Solution
 
Andrej PirmanCommented:
I just wanted to suggest you my solution to add this piece of code on every page you want to disable BACK functionality:
<body onload="window.history.forward();">

Open in new window


...but fortunatelly I asked uncle Google what he says, and here's even better solution:
http://lennilobel.wordpress.com/2009/07/26/defeat-the-evil-back-button-in-your-asp-net-applications/

I naturally code in PHP and I use this approach:
on each page (among those, which are chainde in some procedure, forms, cradit card processing, etc) I generate 2 variables:
$old_hash
$new_hash
The $new_hash I store into _SERVER variable (server side cookie), while $old_hash I store in web page FORM hidden variable. Each page load moves new --> old, and generates new one.
Then I check if the one from FORM hidden field matches the stored one on server side cookie, and if it does, then page is not reloaded, and back button was not pressed.
This means, that everything is OK.
But if it is NOT OK, it means, that either user pressed BACK button, or pressed SUBMIT twice, or reloaded the page or something was wrong. In this case I programatically act to redirect user to desired place (instead of just displaying some error or such).
With such an approach I control quality of my forms, and also I am friendly to visitors which make mistakes.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now