Reputation: 13
Page Expire in Asp.Net
My site has a master page, that part of it is a login section. Some of the content pages can be viewed by all visitors, including guests, while others are subject to security level. After logging out, I want to prevent the user from pressing the back button on the browser. If possible, showing a Page Expired form.
Upvotes: 1
Views: 1414
Answers (2)
Reputation: 73113
Well what you should be doing is applying the PRG (Post-Redirect-Get) pattern.
After logging out, redirect to another page (like the homepage).
So if the user presses the back button, they will be taken back to the Logout page (and redirected again).
That's my opinion.
But if you want to try and display the Expired Page, you could try adding this to the code on your Logout.aspx page (prior to Redirect).
// Warning: Untested
Response.Cache.SetExpires(DateTime.Now.AddDays(-1))
Response.Cache.SetCacheability(HttpCacheability.NoCache)
Response.Cache.SetValidUntilExpires(false)
Upvotes: 0
Reputation: 3569
Add Expires meta tag to the pages if you don't want back functionality.
<META HTTP-EQUIV="EXPIRES" CONTENT="0">
Or alternately in ASP.NET
<%@ OutputCache location="none" %>
Upvotes: 3
Related Questions
- Asp.net Identity Expire Session Cookie
- Asp.net pages -> session expired when its in use in
- Forms authentication - sliding expiration
- Forms Authentication Cookie Expiration
- expire ASP.Net page
- ASP.Net 4 Session expires on postback
- ASP.NET Forms Authentication Expiry
- Authentication cookie expiration
- asp.net login control - set user auth ticket expiration date
- MVC3 Razor - Expiring pages