Browser back button

Question

I’m using following line of code to disable the browser back button problem after logout.

function LogoutOnClick() {
    window.history.go(-1);
}

But, there is one problem with this code, supposing I’ve three page first is login page(login.cshtml) and second successfully logged in page(home.cshtml) and third page is about page (about.cshtml),

now I do login then it will redirect me on home.cshtml page now that I move on the third page about.cshtml and after that I do logout from about.cshtml page, it redirects me on login.cshtml page.

And now if I clicked on browser back button then redirects me on about.cshtml page again but there user couldn’t change or add anything.

So let me know is there any appropriate code or method to resolved this problem.

score 6 · Accepted Answer · answered Mar 14 '13 at 09:23

6

You'll need to disable browser caching of pages that are only visible when logged in to prevent users from going back to pages they had when they were logged in, after they've logged out. Then you won't need to worry about disabling the back button. If they try access a page that requires them to be logged in, you'll redirect them to the login page.

answered Mar 14 '13 at 09:23

Bernhard Hofmann

10,321
12
59
78

1

How can I disable Caching of pages using javascript or jquery? – Pravesh Singh Mar 14 '13 at 09:53
@user1273915 What are you using to produce the pages? Whatever does, needs to add these meta tags in the `` tag: ` ` – Bernhard Hofmann Mar 14 '13 at 11:32

score 4 · Answer 2 · edited May 23 '17 at 12:05

4

To disable the back browser button learn more : here

I think that this code will can help you :

 <SCRIPT type="text/javascript">
    window.history.forward();
    function noBack() { window.history.forward(); }
</SCRIPT>
</HEAD>
<BODY onload="noBack();"
    onpageshow="if (event.persisted) noBack();" onunload="">

EDIT : For disable after a logout check this : here

edited May 23 '17 at 12:05

Community

1
1

answered Mar 14 '13 at 09:22

Francois Borgies

2,378
31
38

1

Above code stop back button for all time but i want to stop back button only in case of logout. – Pravesh Singh Mar 14 '13 at 09:32

score 1 · Answer 3 · answered Mar 14 '13 at 09:28

1

I do not think, that disabling the back-button in the browser is what you want, or not what you should want! From a security point of view, you should try to destroy the session. And you should proof the permissions at every request of the page.

Think about, what you want to archive ;-)

answered Mar 14 '13 at 09:28

Anton

449
4
14

then I do not understand why you want to disable the back-button? – Anton Mar 14 '13 at 09:42
because after logout when I click on back button it will move in the Admin menu if I was travers all the pages in the AdminPanel. – Pravesh Singh Mar 14 '13 at 09:49
as Bernhard said, disable browser caching and make sure, that you proof the session-permissions on every request... – Anton Mar 14 '13 at 09:52

Browser back button

3 Answers3

Linked