I am facing issue of disabling browser back button on logout

Question

I am using mvc4 and I am facing a issue of disabling back button after logout, the logout link is on the _Topheader view, I wrote the javascript code here,

<a href="/Account/LogOff" onload="noBack();" onpageshow="if (event.persisted) noBack();" onunload="">Logout
</a>
<script type="text/javascript">
   window.history.forward();
   function noBack() { 
     window.history.forward(); 
   }

which disables all the back button after logout and also in case if I am log in and switching to different pages, it here too disables the back button. I only need to disable it after LOg out not every time.

Please suggest solution for it.

Answer 1

use following code after logout page.

 function DisableBackButton() {
        changeHashOnLoad()
    }
    DisableBackButton();
    window.onload = DisableBackButton;
    window.onpageshow = function (evt) { if (evt.persisted) DisableBackButton() }
    window.onunload = function () { void (o) }
    function changeHashOnLoad() {
        window.location.href += "#";
        setTimeout("changeHashAgain()", "50");
    }
    function changeHashAgain() {
        window.location.href += "1";
    }
    var storedHash = window.location.hash;
    window.setInterval(function () {
        if (window.location.hash != storedHash) {
            window.location.hash = storedHash;
        }
    },
    50);

Answer 2

When you logout session will destroy. Disable the back button when session is not in use. Session become set when an user login, at that time enable the back button.I don't know is this will help you??

Answer 3

Here is an article how the Session an "Web security" works pretty simple with ASP.NET MVC 4

The main point is, with the Attribute [Authorize] you can secure the Controller, so if the user is logs off. The server will reject the requests, to those pages.

i hope this helps.