CODEWITHSUNDEEP
c#javascriptasp.net
Giri
Giri

Reputation: 941

How to prvent visiting the page after logout?

I am using ASP.NET and C#.After click logout i am using this.

Session.Abandon();
Session.RemoveAll();
Page.Responce.Cache.setCacheability(HttpCacheability.NoCache);
Response.Redirect("Default.aspx");

But after this if they clicked back button in browser it is going to previous page.

Is there any way to prevent this?

Thanks..

Edit:

I did used this.

protected void Page_Load(object sender, EventArgs e)
{
    if(!IsPostBack)
    {
        if (Session["LoginId"] == null)
            Response.Redirect("frmLogin.aspx");
        else
        {
            Response.ClearHeaders();
            Response.AddHeader("Cache-Control", "no-cache, no-store, max-age=0, must-revalidate");
            Response.AddHeader("Pragma", "no-cache");
        }
    }
}

Because of this they click browser back button then the pageload will be called so there we can check for the session variable for authentication.

Upvotes: 0

Views: 4426

Answers (4)

Vaibs
Vaibs

Reputation: 11

protected void Page_Load(object sender, EventArgs e) { if (!IsPostBack) {

            if (Session["Navigation"] == null)
            {
                Response.Cache.SetExpires(DateTime.UtcNow.AddMinutes(-1));
                Response.Cache.SetCacheability(HttpCacheability.NoCache);
                Response.Cache.SetNoStore();
                Response.Redirect("~/Login.aspx");
            }                                                                               protected void lnkbtnLogOut_Click(object sender, EventArgs e)
    {

        Session["Navigation"] = null;
        Session.Abandon();

        Response.Redirect("~/Login.aspx");
    }                                                                                             but it's not working.It still redirects to prevoios page after click on back button

Upvotes: 1

Brijesh Gandhi
Brijesh Gandhi

Reputation: 570

I am posting a link I hope this guide you and Help you whatever you need click here

http://www.dotnetfunda.com/

Upvotes: 2

user841123
user841123

Reputation:

Following would serve your way:

The code disable the cache in browser.

Response.Cache.SetCacheability(HttpCacheability.NoCache);
Response.Cache.SetExpires(DateTime.UtcNow.AddHours(-1));
Response.Cache.SetNoStore();

Or

You may add script to delete history on browser, after the logout.

Page.ClientScript.RegisterStartupScript(this.GetType(),"cle","windows.history.clear",true);

Hope either of above two would work.

You may check for the Session["---"] variable availability, if Session is not available then redirect user to Login/Register page.

What I mean to say is, you are Abandoning the session, this might destroy Session variables. So when user click on back button, System will check for Session, it would not found that and user will be redirected to Login/Register page.

If you are using built-in membership classes for user management, then user [Authorize] attribute. This may prevent user visiting page after logout, and redirect unregistered user to Login/Register page.

Upvotes: 0

Jigar Pandya
Jigar Pandya

Reputation: 5987

set page attribute <outputcache=none>

Upvotes: 0

Related Questions