After gmail logs out, cannot go back through browser back button

  • Thread starter Thread starter Author
  • Start date Start date
A

Author

After we log out gmail, if we then click on the back button of our
browser, we cannot go back to our inbox. I've tried both Firefox and
IE, both work nicely like this. How did they achieve this?

In my asp.net web application using forms authentication, one can
still go back through the browser back button after one logs out my
application, although, clicking on anything will still kick the user
out.

How can I also prevent people from going back through the browser back
button after one has logged out, just like gmail?

Thanks a lot.
 
After we log out gmail, if we then click on the back button of our
browser, we cannot go back to our inbox.  I've tried both Firefox and
IE, both work nicely like this.  How did they achieve this?

In my asp.net web application using forms authentication, one can
still go back through the browser back button after one logs out my
application, although, clicking on anything will still kick the user
out.

How can I also prevent people from going back through the browser back
button after one has logged out, just like gmail?

Thanks  a lot.
Click to expand...

OK, I've tried all kinds of suggestions such as history.forward(1);
onload = "if(history.length>0)history.go(+1);" It just does not work.

Does anyone know of a solution that *really* works, like that of gmail
logout? Thanks.
 
Try to add following headers to your page

Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Then when you click back button browser will request the page again and it's
up to your code to check if user is not logged in and redirect to login
page.

George.
 
Try to add following headers to your page

Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Then when you click back button browser will request the page again and it's
up to your code to check if user is not logged in and redirect to login
page.

George.
Click to expand...

Thanks. I tried like what you said, but the problem is that it does
not work, either in firefox or in IE. This is my html code (the
relevant part only).

<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>Untitled Page</title>
<meta http-equiv="pragma" content="no-cache" />
<meta http-equiv="Cache-Control" content="no-cache, no-store, max-
age=0, must-revalidate" />
<meta http-equiv="Expires" content="Fri, 01 Jan 1990 00:00:00
GMT" />
</head>
<body>

After I logout, I hit the back button of the browser, and it still
goes back to the page and shows everything I have there, apparently
from the cache and no post-back happens.

No one really knows the gmail logout secret? Is it really a secret in
the first place?
 
When I said page headers I meant using
Response.AddHeader and not meta tags.

Sorry for confusion

George.

Try to add following headers to your page

Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Then when you click back button browser will request the page again and
it's
up to your code to check if user is not logged in and redirect to login
page.

George.
Click to expand...

Thanks. I tried like what you said, but the problem is that it does
not work, either in firefox or in IE. This is my html code (the
relevant part only).

<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>Untitled Page</title>
<meta http-equiv="pragma" content="no-cache" />
<meta http-equiv="Cache-Control" content="no-cache, no-store, max-
age=0, must-revalidate" />
<meta http-equiv="Expires" content="Fri, 01 Jan 1990 00:00:00
GMT" />
</head>
<body>

After I logout, I hit the back button of the browser, and it still
goes back to the page and shows everything I have there, apparently
from the cache and no post-back happens.

No one really knows the gmail logout secret? Is it really a secret in
the first place?
 
Actually I would advice you to get 2 useful tools.

1. Fiddler. It shows communication between server and IE.
http://www.fiddlertool.com/fiddler/

That is how I found out about headers Gmail sent.

2. Firefox with FireBug.
I can not thank developers of FireBug enough for such useful tool and wish
IE had something close to that.
Very useful if you doing a lot of JavaScript or AJAX.

George.


When I said page headers I meant using
Response.AddHeader and not meta tags.

Sorry for confusion

George.
Click to expand...

You rocked, George. Thanks a lot. It worked.
 
Back
Top