Murugan.com
Murugan Andezuthu Dharmaratnam

  |  HOME   |  BLOG   |  TWITTER   |  ARTICLES   |  8086  |  C++   |  VC++   |  ASP .NET   |  VB .NET   |  JAVA SCRIPT   |  MS SQL   |  MY   |  VIDEOS   |  DOWNLOADS   |  CONTACT ME   |  



ASP .NET Disable Back Browser Button

Home   ASP.NET   ASP .NET Disable Back Browser Button         


One of the web applications after I logout when I click on back button I am able to access the admin pages I am looking to block that

Solution
------------

The "Back" browser button or any browser button cannot be actually disabled by a web application this is because the security context will not allow this 

The solution is to present the browser from caching pages

<%
Response.Buffer = true;
Response.Expires = 0;
Response.ExpiresAbsolute = DateTime.Now.AddDays( -1 );
Response.CacheControl = "no-cache";
%> 

or try this 


Response.Cache.SetCacheability(HttpCacheability.NoCache);
Response.Cache.SetExpires(DateTime.Now); //or a date much earlier than current time

In ASP.NET 1.x the code was:
Response.CacheControl = "no-cache";
Response.AddHeader("Pragma","no-cache");
Response.Expires = -1;

This causes the postback to the server everytime the back button is clicked  and prevent any caching of the pages.

the above did not work in firefox this is one code that worked for me in all browsers firefox, ie opera etc

<script type="text/javascript">
function noBack(){window.history.forward();}
noBack();
window.onload=noBack;
window.onpageshow=function(evt){if(evt.persisted)noBack();}
window.onunload=function(){void(0);}
</script> 

Read more from MS site
http://support.microsoft.com/kb/234067/EN-US






  |  HOME   |  BLOG   |  TWITTER   |  ARTICLES   |  8086  |  C++   |  VC++   |  ASP .NET   |  VB .NET   |  JAVA SCRIPT   |  MS SQL   |  MY   |  VIDEOS   |  DOWNLOADS   |  CONTACT ME   |  

Copyright 2009 @ Murugan Andezuthu Dharmaratnam