-1

Possible Duplicate:
Disable browser's back button
Prevent user from going back to the previous secured page after logout

I am developing an online course registration portal in which after successfully login the user redirects to his home page. In his home page there is a hyperlink for logout which when the user clicks directs to a servlet which invalidate the session and redirects to the portal home page. In the portal home page i am using the following script in the head section of the html code:

<script>
    window.history.forward(1);
</script>

In the body section of the html code I am using this.

<body onunload="javascript:history.go(1)">

But the problem is that still the back button redirects me to the user home page after logout. But after that when I click the back button it remains on the user home page. But i want to restrict it to the portal home page.

Community
  • 1
  • 1
user976754
  • 361
  • 1
  • 4
  • 19
  • 2
    Please, please don't try to disable the back button. It is the user's choice whether to go back, not yours. What you're seeing is most likely a result of browser caching anyway, you need to control it on the server side. By the way I've +1'd your question to restore the balance, I don't think it's an unreasonable question. – Clive Nov 01 '11 at 17:40
  • If you do not want the user to go back, learn about caching headers and get vs post. – epascarello Nov 01 '11 at 17:41
  • No, Actually I just want to have the functionality like gmail when the user clicks the back button after logout it redirects to the same page. – user976754 Nov 01 '11 at 17:42
  • epascarello, Can you throw some light on caching headers. – user976754 Nov 01 '11 at 17:45
  • Read the duplicate question link. – BalusC Nov 01 '11 at 17:52
  • Prevent user from going back to the previous page after logout worked!!!!!!! Thanks Jigar – user976754 Nov 01 '11 at 18:16

1 Answers1

1

No, Actually I just want to have the functionality like gmail when the user clicks the back button after logout it redirects to the same page.

If that is all you want, then what I think you need to do, is

  1. Have the page contain a call to the server for "update".
  2. Validate the session. This will fail.
  3. Do a redirect.
Shmuel A. Kam
  • 72
  • 8