Re: Browser Back button problem
From: Andy Fish (ajfish_at_blueyonder.co.uk)
Date: 02/24/05
- Next message: Viorel Ghilas: "Impersonation"
- Previous message: Andy Fish: "forms authentication returns 401 instead of going to login page"
- In reply to: GMK: "Browser Back button problem"
- Next in thread: removethis: "Re: Browser Back button problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 24 Feb 2005 15:21:48 -0000
If the browser does not re-request the page when he uses the back button,
and simply displays the cached page, (IE does this with the default
settings) there is nothing you can do since no request is re-sent to the
server when he clicks back.
If the back button is requesting the page from the server and your app
thinks he is logged in, it seems you are not doing a very good job of
logging him out !! To log him out you should do this:
Session.Clear();
Session.Abandon();
FormsAuthentication.SignOut();
(assuming you are using forms authentication). Then when he clicks back, he
will just see the login page.
Andy
"GMK" <georgeskaddoum@yahoo.com> wrote in message
news:eiikkaNGFHA.3732@TK2MSFTNGP14.phx.gbl...
> Dear all
> I'm having a probelm concerning the security of my application.
> the problem is when a user is loggoed in and then he looged out i redirect
> him to the main page of my appkication but if he clicks on the Browser's
> "back button" he could then enter to the application.
> i'm removing all sessions concerning the applcation on logout but i would
> like to know how could i handle the "Back button click event" of the
> browser"
>
> Thanks in advance for your help/
>
>
- Next message: Viorel Ghilas: "Impersonation"
- Previous message: Andy Fish: "forms authentication returns 401 instead of going to login page"
- In reply to: GMK: "Browser Back button problem"
- Next in thread: removethis: "Re: Browser Back button problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
