I am too interested how we can do this.
Oftent he problem is that after logout, if user clicks back in the browser and is able to see content, this is not expected. there will be many advantages if we can disable back button especially when we require it.
one of the best and easiest way to handle issues popup because of clicking back button is to set no cache for the pages.
setting no cache:
You can use client-side code to force the user's browser to not cache a Web page.
<meta http-equiv="Expires" CONTENT="0">
<meta http-equiv="Cache-Control" CONTENT="no-cache">
<meta http-equiv="Pragma" CONTENT="no-cache">
There are a couple things to keep in mind when using the above method to force a browser to not
cache a Web page:
Pragma: no-cacheprevents caching only when used over a secure connection.
Pragma: no-cacheMETA tag is treated identically to
Expires: -1if used in a
non-secure page. The page will be cached but marked as immediately expired.
HTTP-EQUIVtags are ignored and have no effect in Internet
Explorer versions 4 or 5.
You can use both in your code. I tried this but this was not the solution because it did not work in all the
browsers so I guess if one had an intranet environment where there was some control in place then they could
use this method.
My next area of research focused on the various rewiring the back button suggestions. An article by TJ
Sylvester, Rewiring the Back Button, makes interesting reading but I
noticed that when one clicks back it does not indeed take you to the page you entered the data but if I
clicked back twice it does and we would not want that too. Basically a determined user could always figure
out a way to circumvent the preventative measures.
doesn't have the toolbar. (This makes it harder (not impossible) for the user to go back to the previous
Another, more failsafe approach (although quite annoying) is, when a form is submitted, to open a new window
and close the window that the form existed in. I didn't give this method serious thought because
I would not like my site opening up a new window everytime a user submitted a form.
Again this is workable but it is far from the best way.
I was then given the suggestion to use
location.replace to navigate form one page to another.
What this does is it replaces the current history entry with the new page so only one page will be maintained
in the history and the back button will never get enabled. This is, I guess, what a lot of people are looking
for, but again this would not be the best answer in all cases.
For one thing you will have to use client side script for this. For an anchor tag this will be easy by just
The above technique has its disadvantages: simply using
Response.Redirect will not work, since,
each time a user jumps from one page to another, you need to clear out the
through client-side code. Also, keep in mind that this will just remove the last history entry, not all
of them. Go ahead and click the above hyperlink, you will be taken to a simple HTML page. Try clicking the back button
and you will notice you will be taken to the page you were visiting before you came to this page! (Assuming,
After my exhaustive search I found that there is still no way of truly disabling the back button for all cases.
All the methods I discussed in this article will, with varying degrees of success, prevent the
user from viewing the previous page, but they, of course, all have their limitations. The best solution involves
a mixture of both client-side and server-side script; regardless, there is no way to completely disable the back
Response.Buffer = True
Response.ExpiresAbsolute = Now() - 1
Response.Expires = 0
Response.CacheControl = "no-cache"
Response.CacheControl = "no-cache";
Proxy Server Caching-
Response.CacheControl = "private";
It disables the proxy server caching and page is cached on local machine.
Response.CacheControl = "public";
Proxy server cache is enabled.
Users request pages from a local server instead of direct from the source.