可以将文章内容翻译成中文,广告屏蔽插件可能会导致该功能失效(如失效,请关闭广告屏蔽插件后再试):
问题:
Basically all pages on this site I am building cannot be accessed when the user clicks on "Back" (or with key control) in the browser, and the page should expire if one is trying to navigate back in history.
I put into Global.asax::Application_BeginRequest
Response.Cache.SetCacheability(HttpCacheability.NoCache) Response.Cache.SetExpires(DateTime.UtcNow.AddDays(-1)) Response.Cache.SetValidUntilExpires(False) Response.Cache.SetRevalidation(HttpCacheRevalidation.AllCaches) Response.Cache.SetNoStore()
This would clear out the cache and disallow going back to any pages when the user is logged out, but doesn't do the job while the user is logged in.
I saw posts where people suggested using a javascript approach, by calling
History.Forward(1)
on the page. But I wouldn't like to do this, as it will require javascript enabled to work (which user can disable).
Appreciate any suggestions.
回答1:
The only way you can consistently do this is if you are using https. If not you have no way to enforce the browser to not use a cached page. There are the hacks you mentioned about but they are not full proof. If it is really important, use https because each request will force a reload.
回答2:
After much time spent on investigations and trials, I have implemented a workaround and decided to share it in case someone else might find it useful. This (closest to solution but only with the exception on Firefox) workaround will cause:
- IE6 - 8: "Page expired" comes up
- Chrome: "Confirm Form Resubmission" comes up
- Firefox: A dialog box would come up asking to resend the post data
Workaround:
- With the Response.Cache settings listed in the original problem posted above
- Change all hyperlinks to a different page within the site to LinkButton.
- Set the
PostBackURL in the LinkButton to the link href URL.This is necessary, because only with POST, along with the header we set, that the browser would expire the originally posted page in history and ask for a resend. - Instead of using Response.Redirect in the code behind, use
Server.Transfer, as Response.Redirect will use a GET to another page.
This solution does not prohibit the user to navigate back to a page in history, but whether confirm whether to post data once again. The History.Forward(1) doesn't work quite well, as mentioned in the original post, and I also recognize the possibility of automatically reposting to a page without any warnings, essentially resulting with multiple requests submitted to the server.
The main idea is to POST to every page instead of GET, and so every page visited in the site would yield to the Page Expired page when navigating back. Now the user can always refresh to repost the data.
