Prevent (registered) user access to viewing the registered pages of the asp.net website by clicking the browser back button

Question

Prevent (registered) user access to viewing the registered pages of the asp.net website by clicking the browser back button

scenario:

User "a" is registered on the website and gets access to the directory of the page participant from the library library,
User "a" logs out, leaves the browser open.
User "b" starts using the same computer by clicking the "Back" button. "a" member pages and information
User "b" cannot do anything on the pages, but simply browse (it will be redirected to the login if they click update, for example. User "b" may be able to view data in general is a security risk / error.

Current code on logout:

Session.Contents.RemoveAll();
FormsAuthentication.SignOut();
Session.Abandon();
Response.Redirect("~/LogOff.aspx", false);

, , " " , .

,

EG: ASP.NET

/ , ?

?

+3

authentication asp.net web webforms forms-authentication

RY4N 04 '12 13:55

2

JackBauer · Answer 1 · 2012-07-13T11:41:27+0000

. , , / logof.aspx. , . , .

Qasim Javaid Khan · Answer 2 · 2012-07-18T13:09:25+0000

ok [""]!= null - , , null . - page_Load, / , , "" scree ,

head

<meta http-equiv="Pragma" content="no-cache" />
    <meta http-equiv="Expires" content="-1" />
    <meta http-equiv="CACHE-CONTROL" content="NO-CACHE" />

.

Response.Cache.SetExpires(DateTime.UtcNow.AddMinutes(-1));
    Response.Cache.SetCacheability(System.Web.HttpCacheability.NoCache);
    Response.Cache.SetNoStore();

.

Prevent (registered) user access to viewing the registered pages of the asp.net website by clicking the browser back button

More articles: