如何在用户在asp.net中注销后阻止用户使用javascript访问以前的页面 [英] How can I prevent user to visit previous pages using javascript after user logout in asp.net
问题描述
大家好,我有2个母版页Default.aspx来自Site.Master,还有一些来自Admin.Master的页面,我使用的代码是为了防止用户在注销后返回到以前的页面。 br />
这是我的代码
<前lang =Javascript> 功能 preventBack()
{
window 。 history .forward();
}
setTimeout( preventBack(),< span class =code-digit> 0 );
window .onunload = function (){ null };
我面临的问题是我可以在使用Admin的页面之间返回。
主页即我有Home.aspx,AboutUs.aspx,Admin.aspx,AddItem.aspx我也无法在这些页面之间导航。请告诉我如何解决这个问题。我也尝试了其他方法,但仍面临同样的问题。
在此先感谢
Ganesh
确保客户端未缓存管理页面(根本不缓存或仅短时间)。无法阻止用户访问以前的网址,但您可以阻止他们查看其中的内容。当然,禁用缓存会增加Web服务器往返。这样的javascript片段是无用的,因为它们可以被禁用,并以多种方式解决。
参见这篇文章: http://www.extremeexperts.com/Net/FAQ/DisablingBackButton.aspx [ ^ ]用于从代码和web.config处理此问题: http://msdn.microsoft.com/en-us/library/ms178606(VS.80).aspx [ ^ ]
我认为最好在登录页面设置一个会话变量,然后在pageload上检查每个页面的登录会话并防止缓存,例如:
Response.Cache.SetCacheability(HttpCacheability。 NoCache的);
if (会话[ mysession]!= null )
{
response.redirect( login.aspx)
}
else {....}
需要清除缓存,以便浏览器没有历史记录(这将返回/转发)浏览器中的按钮显示为灰色禁用。)以下是各种方法:人们可以这样做:
可以通过JavaScript清除浏览器历史记录:
< SCRIPT LANGUAGE = javascript >
{
var Backlen = history.length;
history.go(-Backlen);
window.location.href = page url
}
< / SCRIPT >
可以在注销事件中设置此项:
protected void LogOut()
{
Session.Abandon();
string nextpage =Logoutt.aspx;
Response.Write(< script 语言 = javascript > );
Response.Write({);
Response.Write(var Backlen = history.length;);
Response.Write(history.go(-Backlen););
Response.Write(window.location.href ='+ nextpage +';);
Response.Write(});
Response.Write(< / script > );
}
Hi friends, I have 2 master pages Default.aspx is from Site.Master and some more pages that are from Admin.Master, I have used the code that to prevent the user from going back to previous pages after logout.
Here is my code
function preventBack()
{
window.history.forward();
}
setTimeout("preventBack()", 0);
window.onunload = function () { null };
The problem I am facing is that I am able to go back among pages that uses Admin.
Master page i.e I have Home.aspx, AboutUs.aspx,Admin.aspx,AddItem.aspx I was unable to navigate between those pages also. Please tell me how to solve this. I have tried other methods also, but still facing same problem.
Thanks in Advance
Ganesh
Make sure that admin pages are not cached (at all or just for a short period) on client side. There is no way to prevent user accessing the previous urls but you can prevent them seeing what was on them. Of course, disabling caching will increase web server roundtrips. Such javascript snippets are useless, since they can be disabled, and worked around in several ways.
See this article: http://www.extremeexperts.com/Net/FAQ/DisablingBackButton.aspx[^] for dealing with this from code, and from web.config: http://msdn.microsoft.com/en-us/library/ms178606(VS.80).aspx[^]
I think It's better to set a session variable at login page then check the login session every page on pageload and prevent caching eg:
Response.Cache.SetCacheability(HttpCacheability.NoCache); if(Session["mysession"] != null) { response.redirect("login.aspx") } else {....}
One needs to clear the cache such that browser has no history (this will make back/forward button in browser grayed out disabled.) Here are various ways of how one can do it:
One can clear browser history through JavaScript:
<SCRIPT LANGUAGE="javascript"> { var Backlen=history.length; history.go(-Backlen); window.location.href=page url } </SCRIPT>
one can set this in logout event:
protected void LogOut() { Session.Abandon(); string nextpage = "Logoutt.aspx"; Response.Write("<script language="javascript">"); Response.Write("{"); Response.Write(" var Backlen=history.length;"); Response.Write(" history.go(-Backlen);"); Response.Write(" window.location.href='" + nextpage + "'; "); Response.Write("}"); Response.Write("</script>"); }
这篇关于如何在用户在asp.net中注销后阻止用户使用javascript访问以前的页面的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
