在ASP.NET中注销后如何阻止/阻止用户返回上一页

Question

I'm creating a website in ASP.NET (Framework 4.0). I have maintained session in this website. I have written code for logout where FormsAuthentication , session value is Abandon . My Code as follow for logout button click .

 protected void LinkButton1_Click(object sender, EventArgs e)
    {
        if (Request.Cookies["ASP.NET_SessionId"] != null)
        {
            Response.Cookies["ASP.NET_SessionId"].Value = string.Empty;
            Response.Cookies["ASP.NET_SessionId"].Expires = DateTime.Now.AddMonths(-20);
        }
        FormsAuthentication.SignOut();
        Session.Abandon();
        Response.Redirect(FormsAuthentication.DefaultUrl);


    }

How to disable / block /prevent to previous page when logged out & without javascript. Because when user gets logout ,he redirect to default page, but users click browser back button he redirects to previous page (ie users home page ) instead of login page.

Answer 1

I think you have to use javascript . If you are using master page , then write this code in head section.

<script type="text/javascript">
        window.history.forward(-1);
    </script>

And in Master page (Page_Load) mode write this code.

Response.Cache.SetCacheability(HttpCacheability.NoCache);
Response.Cache.SetExpires(DateTime.UtcNow.AddHours(-1));
Response.Cache.SetNoStore();

Answer 2

You can use this , but i think it will work on some browser. Use on this Master (page_load).

Response.Cache.SetCacheability(HttpCacheability.NoCache);
Response.Cache.SetExpires(DateTime.Now.AddSeconds(360));
Response.Cache.SetCacheability(HttpCacheability.Private)
Response.Cache.SetSlidingExpiration(true);

Follow this Link for more details.