OP = Original Poster :) (in other words, the guy who posted the first message in this thread)
On Fri, Oct 23, 2009 at 2:29 AM, Paulo Roberto Pellucci < [email protected]> wrote: > Sorry but what does OP means? > > > On Thu, Oct 22, 2009 at 6:03 AM, Jamie Fraser <[email protected]>wrote: > >> From the sounds of it, the OP is doing this. >> >> It doesn't matter what access control you implement if the browser caches >> the page. The OP simply needs to implement something like Cerebrus >> suggested. >> >> >> >> On Thu, Oct 22, 2009 at 2:51 AM, Paulo Roberto Pellucci < >> [email protected]> wrote: >> >>> Another thing you could do and, actually I see as a normal behavior for >>> every page is to verify if the user is logged in (might have something in >>> session). That would prevent ANY user that isn't logged in to access your >>> pages. >>> >>> But yet, as Cerebrus said, it does seems like a Cache problem. >>> >>> >>> On Wed, Oct 21, 2009 at 2:59 PM, Cerebrus <[email protected]> wrote: >>> >>>> >>>> You could simply prevent browser caching of the pages by specifying >>>> Cacheability and expiry parameters in your code. >>>> >>>> On Oct 21, 7:59 pm, himanshu <[email protected]> wrote: >>>> > i m using formauthontication.signout method >>>> > >>>> > i found that after signing out from the application i transfered the >>>> > control to login page e.g. login.aspx. At this point if i click the >>>> > Back button of Browser it shows the content of previous page user was >>>> > viewing.As there was important data displayed on page it is security >>>> > threat.It is a threat for web applications displaying important >>>> > information like credit card numbers or bank account data. >>>> > >>>> > any solutions >>>> > >>>> > thank u >>>> >>> >>> >>> >>> -- >>> Atenciosamente, >>> Paulo Roberto S. Pellucci >>> >> >> > > > -- > Atenciosamente, > Paulo Roberto S. Pellucci >
