Page Timeout

  • Thread starter Thread starter Brandon Owensby
  • Start date Start date
B

Brandon Owensby

I am using ASP.NET 2.0 and programming in C#. I am trying to make it so that
the secure pages in my web application time out in the browsers cache such
that hitting the back button won't show the page just because someone hit
the back button. I've seemingly done everything it says in the help about
the Cache property of Response. The code I used is below and it still
seems to allow me to hit the back button and see the previous page event
after I have waited longer than the timeout period.

Thanks for any help you can provide,
Brandon

this.Response.Cache.SetExpires(DateTime.Now.AddSeconds(5));

this.Response.Cache.SetCacheability(HttpCacheability.Public);

this.Response.Cache.SetValidUntilExpires(false);
 
I am using ASP.NET 2.0 and programming in C#. I am trying to make it so that
the secure pages in my web application time out in the browsers cache such
that hitting the back button won't show the page just because someone hit
the back button. I've seemingly done everything it says in the help about
the Cache property of Response. The code I used is below and it still
seems to allow me to hit the back button and see the previous page event
after I have waited longer than the timeout period.

Thanks for any help you can provide,
Brandon

this.Response.Cache.SetExpires(DateTime.Now.AddSeconds(5));

this.Response.Cache.SetCacheability(HttpCacheability.Public);

this.Response.Cache.SetValidUntilExpires(false);
Click to expand...

if you have no problem with permanetly off cache then try this

this.Response.Cache.SetCacheability(HttpCacheability.nocache);

or check it
http://authors.aspalliance.com/aspxtreme/webapps/settingoutputcachelocation.aspx

hope this help

nahid
http://nahidulkibria.blogspot.com/
http://www.kaz.com.bd
 
We may end up having to go with the no caching policy and I had already
tested that and it worked but my boss prefers the timeout approach. Can you
think of any reason why it wouldn't work for me? I seem to be following the
instructions found in every place I've looked for setting up the
HttpCachePolicy. There wouldn't be a reason why testing it with the server
and the client being the same computer would affect anything would it?

Thanks,
Brandon
 
We may end up having to go with the no caching policy and I had already
tested that and it worked but my boss prefers the timeout approach. Can you
think of any reason why it wouldn't work for me? I seem to be following the
instructions found in every place I've looked for setting up the
HttpCachePolicy. There wouldn't be a reason why testing it with the server
and the client being the same computer would affect anything would it?

Thanks,
Brandon









- Show quoted text -
Click to expand...

well,
then forgot cache use session time out, in each of your secure pages
add following code. it detect new session and redirect to another page

protected override void OnPreRender(EventArgs e)
{
base.OnPreRender(e);
if (Context.Session != null)
{
if (Context.Session.IsNewSession)
{
string sCookieHeader =
Page.Request.Headers["Cookie"];
if ((null != sCookieHeader) &&
(sCookieHeader.IndexOf("ASP.NET_SessionId") >= 0))
{
//optional
// if (Page.Request.IsAuthenticated)
// {
// FormsAuthentication.SignOut();
// }

Page.Response.Redirect("Sessiontimeout.aspx");
}
}
}
}
}

not in error. aspx page do some java script magic.

<HTML>
<HEAD>
<SCRIPT>
function back()
{
window.location="Sessiontimeout.aspx";
}
</SCRIPT>
</HEAD>
<BODY onbeforeunload="back()">
</BODY>
</HTML>

now if anytime session expire user come in Sessiontimeout.aspx and
can't go back.

calution do not apply it in home page.

hope help ,,,,let me know it you can collect better idea

nahid
http://nahidulkibria.blogspot.com/
http://www.kaz.com.bd
 
Back
Top