How to disable the back button in browser when user logout in asp.net c#

Question

Our problem is we are able to clear session on logout.

But if a user clicks the back button then he/she can go through all previous screens.

But the advantag

Answer 1

You could go Outlook Web Access style, and simply have JavaScript close the current window/tab.

Also, you can make sure that your "logout" page is a postback. That will force the user on a Back button in most browsers to retry the postback, at which point you can detect that they are no longer logged in and can redirect them back to the login page.

Edit: Someone else mentioned a Response.Redirect. You could actually make your "logout" link go to a page that does a redirect, and ALWAYS redirect to a second "landing page". If the user clicks "Back", they will land on the redirect again and put them back where they started.

There's no way to prevent browser history so it's important to use a couple of methods together and don't plan on a user "not going backwards" to ensure your application security.