Disable Browser Back Button

In this quick code you will learn how to disable browser back button. As this is a client side solution, I would never suggest to use when it comes to confidential websites like banking sector.

Use following code on the page which you don't want to display when user comes by clicking back button.

<script type="text/javascript">
    function stopBack() { window.history.forward(); }
    setTimeout("stopBack()", 0);
    window.onunload = function () { null };
</script>

Let’s assume you have 2 pages Default.aspx and About.aspx, put above code on Default.aspx page and then click on a link which takes you to About.aspx page, then try to click back button. You will notice back button not working to take you back on Default.aspx page.

If you want this functionality to work on entire website then place above code in separate .js file and reference it in MasterPage in ASP.NET applications or place reference on each single html pages.

When security is concern

If security is main concern I would suggest to implement following approach. I have seen for doing this is to pass a token on every URL within the application, and within every form. The token is regenerated on every page, and once the user loads a new page any tokens from previous pages are invalidated.

The online banking application my bank provides is like this. If you use the back button at all, it terminates the session entirely and redirects you to login page.

Hope this helps.

Comments

Post a Comment

Popular posts from this blog

Migrating database from ASP.NET Identity to ASP.NET Core Identity

Image
As you know ASP.NET Core Identity (table structure) is different from what we had earlier in ASP.NET Identity. Actually the identity system which we have today with .NET Core is very mature and continuously evolved be it ASP.NET Membership, ASP.NET Identity 1, ASP.NET Identity 2 and now ASP.NET Core Identity. Recently I had to migrate few application to ASP.NET Core and similar its identity database. Because the table schema is changed, i had to re-think and create migration script which I would like to share with you today. It is very simple and easy, just three step and I had everything ready: STEP 1 : Change name of existing tables STEP 2 : Create ASP.NET Core Identity tables STEP 3 : Migrate data from old tables (ASP.NET Identity) to new tables (ASP.NET Core Identity) Script:  https://gist.github.com/itorian/c699e8534b392a6c726ec66c48100072 You should also watch my video, where I demoed migration.
Read More »

Customize User's Profile in ASP.NET Identity System

Image
Note: You should read this post instead, I found below walkthrough will not work on ASP.NET Identity 2. I will re-work on this post soon. In this post you will learn how to customize User’s Profile and add some more fields like FirstName, LastName, EmailID etc with ASP.NET Identity System. In my last post I listed some of the great new features introduced with Identity system .
Read More »