Here is a scenario in an application where the user logs out which takes them back to the login page but when the user hits the back button, he/she can view the previous page. During the log out event, Session is cleared and caching is disabled but the previous page is still shown. So, how can we work around this?
The browser history is an option to go back to previously visited pages (both forward & backward). The browser caches psges visited and the history buttons - backward and forward can be considered as a pointer that is linked to the page previously visited by the user.
So, to fix the issue, we need to make sure the pages don't get cached. Since the pages are behind authentication - it makes perfect sense not to cache the pages at all. We can implement the caching or not caching in the following ways in asp.net.
protected void Page_Load(object sender, EventArgs e)
{
Response.Cache.SetCacheability(System.Web.HttpCacheability.NoCache);
Response.Cache.SetExpires(DateTime.UtcNow.AddHours(-1));
Response.Cache.SetNoStore();
}
<head runat="server">
<title></title>
<meta http-equiv="Cache-Control" content="no-cache" />
<meta http-equiv="Pragma" content="no-cache" />
<meta http-equiv="Expires" content="0" />
</head>
In the above code, you can paste the code in the master page for the authenticated pages or alternatively, if there is no fixed master page for authenticated pages - then, it needs to be places on all all required pages.
No comments:
Post a Comment