Ask a Question related to ASP.NET Security, Design and Development.
-
Sink #1
IE Page caching
I am using forms authentication and session variables
to control access and disallow "data stripping".
Some query strings are used, but the Users access is
verified before allowing access.
Illegal access is diagnosed, the user is logged off,
session vars are cleared and he is redirected to a
login page with a warning for the security violation.
All works fine, but if he hits the back key in the browser,
he returns to his previous page, no page_load events
are notified.
At first I thought this was a problem with sessions
and the forms security, but realized this is simply IE
caching at work, hence no events.
Is there a way clear out the IE cache upon such a
violation, i.e., clear the cache when I want to ?
Thanks for reading this,
Sink
Sink Guest
-
Force page to refresh/prevent caching
Greetings JGLADNICK. This is referring to your post on CFusion/WebForums of one year ado regarding "Prevent Caching". Have you ever been able to... -
Page and Data Caching in .Net
I found some good information On Page and Data Caching in .Netat this site http://www.dedicatedsolutions.co.uk/DesktopDefault.aspx?tabid=62 It is... -
to prevent client side web page caching
Hi, I wish to avoid caching asp pages at the user end . Currently I have declared Response.Expires=0 at the top of my asp page. I have also used... -
PHP page caching issue
Hi folks. I have an interesting problem with regards to some PHP pages of mine. Basically, I have a form page where the user is able to use list... -
Page Caching Problem
I am having a problem with web forms I have uploaded to my hosting site not running the most recent version. The .aspx file I have FTPed to my... -
Joe Audette #2 IE Page caching
You might try expiring the content immediately to prevent
IE from caching it.
Response.Expires = -1;
Joe
browser,>-----Original Message-----
>I am using forms authentication and session variables
>to control access and disallow "data stripping".
>Some query strings are used, but the Users access is
>verified before allowing access.
>Illegal access is diagnosed, the user is logged off,
>session vars are cleared and he is redirected to a
>login page with a warning for the security violation.
>All works fine, but if he hits the back key in the>he returns to his previous page, no page_load events
>are notified.
>At first I thought this was a problem with sessions
>and the forms security, but realized this is simply IE
>caching at work, hence no events.
>Is there a way clear out the IE cache upon such a
>violation, i.e., clear the cache when I want to ?
>Thanks for reading this,
>Sink
>.
>Joe Audette Guest
-
Sink #3 IE Page caching
Hi Joe,
Thanks for the response. The only problem I would
have with having all responses expire immediately is
that then the back button would never work and
the expired message is really annoying.
Is there another way?
Sink
>-----Original Message-----
>You might try expiring the content immediately to prevent
>IE from caching it.
>Response.Expires = -1;
>
>Joe
>>browser,>>-----Original Message-----
>>I am using forms authentication and session variables
>>to control access and disallow "data stripping".
>>Some query strings are used, but the Users access is
>>verified before allowing access.
>>Illegal access is diagnosed, the user is logged off,
>>session vars are cleared and he is redirected to a
>>login page with a warning for the security violation.
>>All works fine, but if he hits the back key in the>.>>he returns to his previous page, no page_load events
>>are notified.
>>At first I thought this was a problem with sessions
>>and the forms security, but realized this is simply IE
>>caching at work, hence no events.
>>Is there a way clear out the IE cache upon such a
>>violation, i.e., clear the cache when I want to ?
>>Thanks for reading this,
>>Sink
>>.
>>
>Sink Guest
-
MSFT #4 RE: IE Page caching
Hi Sink,
you can't actually disable back button but you can prevent it going back,
by using javascripts history.forward function. When you logged off from
page A and wants to goto page C, take page B as middle page ...instead of
going to page C directly ..go via page B:
your page B will redirect to page C and will be having javascript
history.forward function.
here is the code
you need to put in pageB
<script language="javascript">
window.location="pageC.html"
window.history.forward(2);
</script>
Hope this help,
Luke
Microsoft Online Support
Get Secure! [url]www.microsoft.com/security[/url]
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
MSFT Guest
-
MSFT #5 RE: IE Page caching
And here is a tested solution for ASPX:
Webform1:
<%@ Page language="c#" Codebehind="WebForm1.aspx.cs"
AutoEventWireup="false" Inherits="WebApplication8.WebForm1" %>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<HTML>
<HEAD>
<title>WebForm2</title>
<meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1">
<meta name="CODE_LANGUAGE" Content="C#">
<meta name="vs_defaultClientScript" content="JavaScript">
<meta name="vs_targetSchema"
content="http://schemas.microsoft.com/intellisense/ie5">
<script language="javascript">
function b() {
window.open("webform2.aspx","_self",null,true);
}
</script>
</HEAD>
<body MS_POSITIONING="GridLayout">
<form id="Form1" method="post" runat="server">
<INPUT id="button2" onclick="b();" type="button" value="Button">
</form>
</body>
</HTML>
In webform2:
private void Page_Load(object sender, System.EventArgs e)
{
Response.Redirect ("WebForm3.aspx");
}
After you click the button on Webform1, the browser will open webform3 and
the Back button is disabled.
Hope this help,
Luke
Microsoft Online Support
Get Secure! [url]www.microsoft.com/security[/url]
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
MSFT Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
