Logout > Back Button in Browser
-
Hi Guys, When i LogOut a user on my site a User is still able to hit the Back button in their browser and essentially view a logged in only page. Ideal scenario would be for this page to send them to Login screen. What would be the best way to stop this from happening? FYI. When a user logs in, i store a loggedIn value in a session variable. On logout i reset this session to indicate the user is loggedOut. I am using c# .net Many Thanks.
-
Hi Guys, When i LogOut a user on my site a User is still able to hit the Back button in their browser and essentially view a logged in only page. Ideal scenario would be for this page to send them to Login screen. What would be the best way to stop this from happening? FYI. When a user logs in, i store a loggedIn value in a session variable. On logout i reset this session to indicate the user is loggedOut. I am using c# .net Many Thanks.
You need to make sure the browser doesn't cache your page. If you hit refresh, does it go to the login page ? If so, this is your problem. Put Response.Cache.SetCacheability(HttpCacheability.NoCache) in your pages, preferably via a common base page ( the place where you check if the session is set is a good place to do it.
Christian Graus No longer a Microsoft MVP, but still happy to answer your questions.