Disabling Browser Back Button after Logout

Posted: November 25, 2010 in Computers and Internet
3

Recently in an application we developed there was a requirement to stop the browser back button after user logs out of the application.

The reason behind this was to stop the security risk of another user without proper permissions peeking into the earlier users screens. If you notice in many applications if the browser back is not properly handled then after the user is logged out you can re visit the site by just pressing the browser back button. This happens because the browser shows the cached page when the back is pressed. Even if you have server side code to check for the user they will not fire since the page will load from cache.

With the limited time I found a genius idea to handle this in the internet. What this javascript does is it will always try to put the user back to the last page in the history. For example, I am having a login page and a default page which I am taking a user after he logs in. You need to place the following javascript in the default page to make the above happen.

  1. <script type="text/javascript" language="JavaScript">
  2.     window.history.forward(1);
  3. </script>

Then once a user logs out from the system and if presses the back button of the browser, when the default page loads it will put the user again to login (history forward) page which is the login page. Ultimately user needs to login again to go back to the site.

Advertisements
Comments
  1. Ganesh says:
    October 4, 2012 at 3:49 PM

    I have used the same code but when I click browser back button I am going to back pages, which should not be done.

    Reply
    • Arjuna says:
      October 14, 2012 at 3:16 AM

      I think you placed the code in the wrong page. For example think you have the page flow as below.
      Login -> Default
      If the user was in the Default page and logouts from the system he will end up in Login screen. If someone clicks browser back button then Default page will be shown, to stop this you need to put the above code in Default page. Then if the back button is pressed user will be aken forward meaning the user will end up in the Login screen.
      With this I think you got a better understanding of using this, let me know if you need further help.

      Reply
  2. Pele Sengupta says:
    March 29, 2013 at 3:20 AM

    This code woks well for me. Thanks a lot.

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Cancel

Connecting to %s