I am working on a logout method for an MVC application and I ran into a problem. Every time I logout, the application checks the user authentication and returns them to the login page.
Logout method:
[HttpGet]
[CustomAuthorize]
public ActionResult Logout()
{
//Response.Cache.SetExpires(DateTime.Now);
FormsAuthentication.SignOut();
Session.Clear();
Session.Abandon();
Session.RemoveAll();
return RedirectToAction("Index", "Home");
}
The pages used after loging in all have the [CustomAuthorize] attribute.
Using MS Edge browser, if I click the Back button, the program goes through the CustomAuthorize method and if the user is logged out, it just returns them to the Login page as intended.
However, if I use any other browser (Chrome, Firefox), pressing the Back button just goes back to the previous page where I pressed the Logout button without even going through the CustomAuthorize to check the Authorization.
What could be the cause for this and what could be a possible solution to resolve this issue?
If any more information is needed, just let me know.
Thank you.
Justas
you need to disable caching globally
protected void Application_BeginRequest()
{
Response.Cache.SetCacheability(HttpCacheability.NoCache);
Response.Cache.SetExpires(DateTime.UtcNow.AddHours(-1));
Response.Cache.SetNoStore();
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.