locked
Disable Back button for All browser and disable rightclick back option RRS feed

  • Question

  • User984714447 posted

    i want to create webapplication with  disable back button for all browser and right click back option

    i am using asp.net 4.0

    if possible then give solution without javascript. beacuse my website require javascript disable.

    is there any feature in .net to handle such requirement.

    Please help me

    Friday, June 24, 2011 2:31 AM

Answers

  • User-269404413 posted

    Chiragpatel,

    The "Back" browser button (or for that matter any other browser button) cannot be actually disabled by a web application as the security context will not allow this (think of what nasty things could happen if web applications can remove buttons from client browsers!)

    What we can do is to somehow make sure that browser does not cache the web pages (which will cause the"Back" "Forward" buttons to grey out), and this can be easily done by expiring the Response. The code for this has slightly changed in ASP.NET 2.0 (there is a new HttpCachePolicy class) :

       /*
        * Code disables caching by browser. Hence hitting the back browser button
        * causes the Page_Init event to fire again.
        */
    Response.Cache.SetCacheability(HttpCacheability.NoCache);
    Response.Cache.SetExpires(DateTime.Now); //or a date much earlier than current time


    In ASP.NET 1.x the code was:

       Response.CacheControl = "no-cache";
       Response.AddHeader("Pragma","no-cache");
       Response.Expires = -1;

     

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Friday, June 24, 2011 4:44 AM
  • User-952121411 posted

     disable back button for all browser

    I remember back in the day when I attempted this; it must be one of the most discussed topics in web development. However as the last poster indicated, this is a security risk and you technically cannot disable the back button. Yes you can modify the way a window is presented (i.e. kiosk mode), but you are actually not preforming any permanent manipulation to the client's browser.

    All of the solutions in my opinion tend to be somewhat unreliable. I have tried the code to not cache the page's in history, but it is met with mixed success. There is also some path-work JavaScript to keep the client on the current page but only when pressing the back button:

    function BackButton()
    {
    	history.go(+1);
    	return false;
    }

    The problem with the code above is that if the user presses the down arrow next to the navigation buttons to manually navigate back by selection, and pages are still successfully cached, then the above will not work.

    The code to attempt not caching pages can be implemented like below:

            'Do not cache the web page        
            Response.CacheControl = "no-cache"
            Response.AppendHeader("Pragma", "no-cache")
            Response.Expires = -1

    The browsers have began to get better with this whole navigating back after a page has posted. IE will warn the user trying to protect them from navigating back if say in a shopping cart, etc. after a page has posted, asking if they want to resubmit the page. However, at the end of the day it is just a warning.

    In the end, none of these will ultimately prevent the client from navigating back. Your best bet is to handle this in code, and make sure if you have a wizard style site, that navigating incorrectly, will be handled properly on the server-side (i.e. don't allow charging a credit card twice! Wink)

    Hope this helps!

     

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Friday, June 24, 2011 4:24 PM

All replies

  • User-269404413 posted

    Chiragpatel,

    The "Back" browser button (or for that matter any other browser button) cannot be actually disabled by a web application as the security context will not allow this (think of what nasty things could happen if web applications can remove buttons from client browsers!)

    What we can do is to somehow make sure that browser does not cache the web pages (which will cause the"Back" "Forward" buttons to grey out), and this can be easily done by expiring the Response. The code for this has slightly changed in ASP.NET 2.0 (there is a new HttpCachePolicy class) :

       /*
        * Code disables caching by browser. Hence hitting the back browser button
        * causes the Page_Init event to fire again.
        */
    Response.Cache.SetCacheability(HttpCacheability.NoCache);
    Response.Cache.SetExpires(DateTime.Now); //or a date much earlier than current time


    In ASP.NET 1.x the code was:

       Response.CacheControl = "no-cache";
       Response.AddHeader("Pragma","no-cache");
       Response.Expires = -1;

     

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Friday, June 24, 2011 4:44 AM
  • User-952121411 posted

     disable back button for all browser

    I remember back in the day when I attempted this; it must be one of the most discussed topics in web development. However as the last poster indicated, this is a security risk and you technically cannot disable the back button. Yes you can modify the way a window is presented (i.e. kiosk mode), but you are actually not preforming any permanent manipulation to the client's browser.

    All of the solutions in my opinion tend to be somewhat unreliable. I have tried the code to not cache the page's in history, but it is met with mixed success. There is also some path-work JavaScript to keep the client on the current page but only when pressing the back button:

    function BackButton()
    {
    	history.go(+1);
    	return false;
    }

    The problem with the code above is that if the user presses the down arrow next to the navigation buttons to manually navigate back by selection, and pages are still successfully cached, then the above will not work.

    The code to attempt not caching pages can be implemented like below:

            'Do not cache the web page        
            Response.CacheControl = "no-cache"
            Response.AppendHeader("Pragma", "no-cache")
            Response.Expires = -1

    The browsers have began to get better with this whole navigating back after a page has posted. IE will warn the user trying to protect them from navigating back if say in a shopping cart, etc. after a page has posted, asking if they want to resubmit the page. However, at the end of the day it is just a warning.

    In the end, none of these will ultimately prevent the client from navigating back. Your best bet is to handle this in code, and make sure if you have a wizard style site, that navigating incorrectly, will be handled properly on the server-side (i.e. don't allow charging a credit card twice! Wink)

    Hope this helps!

     

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Friday, June 24, 2011 4:24 PM