Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Set page expiration

Posted on 2013-05-30
1
Medium Priority
?
206 Views
Last Modified: 2013-06-11
I want to prevent problems with the user clicking the browser back button and so getting a display that may be invalid. I was thinking I could set the expiration on the page to something very short:
Response.Cache.SetExpires(DateTime.Now.AddSeconds(0.001));
Response.Cache.SetCacheability(System.Web.HttpCacheability.Public);
Response.Cache.SetValidUntilExpires(true);

Open in new window

Is this a good approach?

(from http://msdn.microsoft.com/en-us/library/y18he7cw(v=vs.100).aspx)
0
Comment
Question by:allelopath
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 18

Accepted Solution

by:
Andrej Pirman earned 2000 total points
ID: 39215177
I just wanted to suggest you my solution to add this piece of code on every page you want to disable BACK functionality:
<body onload="window.history.forward();">

Open in new window


...but fortunatelly I asked uncle Google what he says, and here's even better solution:
http://lennilobel.wordpress.com/2009/07/26/defeat-the-evil-back-button-in-your-asp-net-applications/

I naturally code in PHP and I use this approach:
on each page (among those, which are chainde in some procedure, forms, cradit card processing, etc) I generate 2 variables:
$old_hash
$new_hash
The $new_hash I store into _SERVER variable (server side cookie), while $old_hash I store in web page FORM hidden variable. Each page load moves new --> old, and generates new one.
Then I check if the one from FORM hidden field matches the stored one on server side cookie, and if it does, then page is not reloaded, and back button was not pressed.
This means, that everything is OK.
But if it is NOT OK, it means, that either user pressed BACK button, or pressed SUBMIT twice, or reloaded the page or something was wrong. In this case I programatically act to redirect user to desired place (instead of just displaying some error or such).
With such an approach I control quality of my forms, and also I am friendly to visitors which make mistakes.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We all know that functional code is the leg that any good program stands on when it comes right down to it, however, if your program lacks a good user interface your product may not have the appeal needed to keep your customers happy. This issue can…
Performance in games development is paramount: every microsecond counts to be able to do everything in less than 33ms (aiming at 16ms). C# foreach statement is one of the worst performance killers, and here I explain why.
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question