Hello,

For security purposes I would like to know how to disable
the back button in the browser and/or expire the page
similar to an online banking institution does.
e.g. when you hit the back button in the browser it gives
the warning that page has expired.

Thanks
Joe

[ Post a follow-up to this message ]

The expiry is set using HTTP headers.
You can't disable the back button per se.

You can set the HTTP headers either using IIS Manager, or you can
dynamically set them using server-side code. For example in ASP you'd do:

<%
Response.ExpiresAbsolute = #1/1/1980#
Response.AddHeader "cache-control", "no-cache"
Response.AddHeader "pragma", "no-cache"
%>

Cheers
Ken

"Joe" <anonymous@discussions.microsoft.com> wrote in message
 news:1e22d01c454e3$b42b1c10$a401280a@phx
.gbl...
: Hello,
:
: For security purposes I would like to know how to disable
: the back button in the browser and/or expire the page
: similar to an online banking institution does.
: e.g. when you hit the back button in the browser it gives
: the warning that page has expired.
:
: Thanks
: Joe

[ Post a follow-up to this message ]

Please take the time and read the page you're talking about. It does not
mean the page expired. It means that IE will not automatically re-submit
your previous request (because it was submitted with a POST method, sending
some data to the server).

Jerry

"Joe" <anonymous@discussions.microsoft.com> wrote in message
 news:1e22d01c454e3$b42b1c10$a401280a@phx
.gbl...
> Hello,
>
> For security purposes I would like to know how to disable
> the back button in the browser and/or expire the page
> similar to an online banking institution does.
> e.g. when you hit the back button in the browser it gives
> the warning that page has expired.
>
> Thanks
> Joe

[ Post a follow-up to this message ]

On Thu, 17 Jun 2004 20:24:03 -0700, "Joe"
<anonymous@discussions.microsoft.com> wrote:

>Hello,
>
>For security purposes I would like to know how to disable
>the back button in the browser and/or expire the page
>similar to an online banking institution does.
>e.g. when you hit the back button in the browser it gives
>the warning that page has expired.
>
>Thanks
>Joe

Joe,

Try this :

Disabling the Back Button
http://www.htmlgoodies.com/tutors/nobackbutton.html


Regards,

Paul Lynch
MCSE

[ Post a follow-up to this message ]

Thanks Ken for your reply.

Where can I learn to do this in the HTTP headers via IIS
manager? I am not too familiar with .asp just getting
started
>-----Original Message-----
>The expiry is set using HTTP headers.
>You can't disable the back button per se.
>
>You can set the HTTP headers either using IIS Manager, or
you can
>dynamically set them using server-side code. For example
in ASP you'd do:
>
><%
>Response.ExpiresAbsolute = #1/1/1980#
>Response.AddHeader "cache-control", "no-cache"
>Response.AddHeader "pragma", "no-cache"
>%>
>
>Cheers
>Ken
>
>"Joe" <anonymous@discussions.microsoft.com> wrote in
message
> news:1e22d01c454e3$b42b1c10$a401280a@phx
.gbl...
>: Hello,
>:
>: For security purposes I would like to know how to
disable
>: the back button in the browser and/or expire the page
>: similar to an online banking institution does.
>: e.g. when you hit the back button in the browser it
gives
>: the warning that page has expired.
>:
>: Thanks
>: Joe
>
>
>.
>

[ Post a follow-up to this message ]

Joe,

All you have to do is paste the following into the page_load event on each p
age in your ASP.Net app (assuming VB.Net)

Response.Cache.SetCacheability(HttpCacheability.NoCache)

This will force no cache on the client machine and thus if the back buttton 
is pressed, the page expired warning comes up.

regards

Shaun

 ****************************************
******************************
Sent via Fuzzy Software @ http://www.fuzzysoftware.com/
Comprehensive, categorised, searchable collection of links to ASP & ASP.NET 
resources...

[ Post a follow-up to this message ]

No it will not.

Jerry

"Shaun Stewart" <shaun.stewart@hsbeil.com> wrote in message
news:ubBw%23vRWEHA.2928@tk2msftngp13.phx.gbl...
> Joe,
>
> All you have to do is paste the following into the page_load event on each
> page in your ASP.Net app (assuming VB.Net)
>
> Response.Cache.SetCacheability(HttpCacheability.NoCache)
>
> This will force no cache on the client machine and thus if the back
> buttton is pressed, the page expired warning comes up.
>
> regards
>
> Shaun
>
>  ****************************************
******************************
> Sent via Fuzzy Software @ http://www.fuzzysoftware.com/
> Comprehensive, categorised, searchable collection of links to ASP &
> ASP.NET resources...

[ Post a follow-up to this message ]