在Firefox和Chrome会在ASP.Net(C#) [英] Session in ASP.Net(C#) in Firefox and Chrome
问题描述
我想问一下有关会话丢失注销后:
我写了code,但它仅在Internet Explorer中工作,而不是在Mozilla Firefox或谷歌浏览器。在这两种浏览器,做了注销后,如果我点击后退按钮,它会返回到用户的帐户。
注销页面code(在页面加载) -
FormsAuthentication.SignOut();
Session.Abandon();
会话[客户编号] = NULL;
FormsAuthentication.RedirectToLoginPage();
在所有其他网页或母版页 -
Response.Cache.SetCacheability(HttpCacheability.NoCache);
如果(会话[客户编号] == NULL)
{
的Response.Redirect(〜/的Login.aspx);
}
在网络配置文件 -
<身份验证模式=表格>
<形式的名称=myCookie时loginUrl =的Login.aspx保护=所有超时=90slidingExpiration =真>< /形式GT;
< /认证>
如果您preSS回来,你仍然可以看到该用户的信息是,即使用户将被注销,是因为你没有照顾缓存浏览器,使得网页浏览器不被缓存。
要,你不希望留在浏览器缓存,你需要设置的所有页面:
CurrentPage.Response.Cache.SetExpires(DateTime.UtcNow.AddYears(-4));
CurrentPage.Response.Cache.SetValidUntilExpires(假);
CurrentPage.Response.Cache.SetCacheability(HttpCacheability.NoCache);
CurrentPage.Response.Cache.SetRevalidation(HttpCacheRevalidation.AllCaches);
CurrentPage.Response.Cache.SetNoStore();
CurrentPage.Response.ExpiresAbsolute = DateTime.Now.Subtract(新时间跨度(1,0,0,0));
CurrentPage.Response.Expires = 0;
CurrentPage.Response.CacheControl =无缓存;
CurrentPage.Response.AppendHeader(杂注,无缓存);
CurrentPage.Response.Cache.AppendCacheExtension(必须重新验证,代理重新验证,检查后= 0,pre-检查= 0);
现在,IE浏览器不会保存数据,以及其他让他们的理由是,因为每个浏览器中选择工作设置的,或者您已设置。这里的关键是,你必须有控制,而不是让浏览器使用默认的设置,如果你想避免把这个数据在浏览器缓存。
另外单独也许HttpCacheability.NoCache足以让一个浏览器,但没有足够的一切。同时它能够更好地使用SSL,因为这个页面可以由代理的道路上高速缓存...
I would like to ask about the session lost after logout:
I wrote the code but it is only working in Internet Explorer and not in Mozilla Firefox or Google Chrome. In both of these browsers, after doing a logout if I click the back button, it is going back into the user's account.
Logout Page code (on page load)-
FormsAuthentication.SignOut();
Session.Abandon();
Session["CustomerId"] = null;
FormsAuthentication.RedirectToLoginPage();
In every other page or on master page-
Response.Cache.SetCacheability(HttpCacheability.NoCache);
if (Session["CustomerId"] == null)
{
Response.Redirect("~/Login.aspx");
}
In web-config file-
<authentication mode="Forms">
<forms name="MyCookie" loginUrl="Login.aspx" protection="All" timeout="90" slidingExpiration="true"></forms>
</authentication>
If you press back and you still see the user information's even if the user is logged out, is because you do not have take care the cache browser, so that the pages not cached by the browser.
To all the page that you do not wish to stay on browser cache you need to set:
CurrentPage.Response.Cache.SetExpires(DateTime.UtcNow.AddYears(-4));
CurrentPage.Response.Cache.SetValidUntilExpires(false);
CurrentPage.Response.Cache.SetCacheability(HttpCacheability.NoCache);
CurrentPage.Response.Cache.SetRevalidation(HttpCacheRevalidation.AllCaches);
CurrentPage.Response.Cache.SetNoStore();
CurrentPage.Response.ExpiresAbsolute = DateTime.Now.Subtract(new TimeSpan(1, 0, 0, 0));
CurrentPage.Response.Expires = 0;
CurrentPage.Response.CacheControl = "no-cache";
CurrentPage.Response.AppendHeader("Pragma", "no-cache");
CurrentPage.Response.Cache.AppendCacheExtension("must-revalidate, proxy-revalidate, post-check=0, pre-check=0");
Now the reason that IE not keep the data, and the other keep them is because of the setup that each browser select to work, or you have set. The point here is that you must have the control and not let the browser use the default settings if you like to avoid to keep this data in browser cache.
Also the HttpCacheability.NoCache alone maybe is enough for one browser but not enough for all. Also its better to use SSL because this pages may cached by proxy on the road...
这篇关于在Firefox和Chrome会在ASP.Net(C#)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
