it was cache problem thanks for reply to all
On 10/23/09, Jamie Fraser <[email protected]> wrote: > > OP = Original Poster :) (in other words, the guy who posted the first > message in this thread) > > On Fri, Oct 23, 2009 at 2:29 AM, Paulo Roberto Pellucci < > [email protected]> wrote: > >> Sorry but what does OP means? >> >> >> On Thu, Oct 22, 2009 at 6:03 AM, Jamie Fraser <[email protected]>wrote: >> >>> From the sounds of it, the OP is doing this. >>> >>> It doesn't matter what access control you implement if the browser caches >>> the page. The OP simply needs to implement something like Cerebrus >>> suggested. >>> >>> >>> >>> On Thu, Oct 22, 2009 at 2:51 AM, Paulo Roberto Pellucci < >>> [email protected]> wrote: >>> >>>> Another thing you could do and, actually I see as a normal behavior for >>>> every page is to verify if the user is logged in (might have something in >>>> session). That would prevent ANY user that isn't logged in to access your >>>> pages. >>>> >>>> But yet, as Cerebrus said, it does seems like a Cache problem. >>>> >>>> >>>> On Wed, Oct 21, 2009 at 2:59 PM, Cerebrus <[email protected]> wrote: >>>> >>>>> >>>>> You could simply prevent browser caching of the pages by specifying >>>>> Cacheability and expiry parameters in your code. >>>>> >>>>> On Oct 21, 7:59 pm, himanshu <[email protected]> wrote: >>>>> > i m using formauthontication.signout method >>>>> > >>>>> > i found that after signing out from the application i transfered the >>>>> > control to login page e.g. login.aspx. At this point if i click the >>>>> > Back button of Browser it shows the content of previous page user was >>>>> > viewing.As there was important data displayed on page it is security >>>>> > threat.It is a threat for web applications displaying important >>>>> > information like credit card numbers or bank account data. >>>>> > >>>>> > any solutions >>>>> > >>>>> > thank u >>>>> >>>> >>>> >>>> >>>> >>>> -- >>>> Atenciosamente, >>>> Paulo Roberto S. Pellucci >>>> >>> >>> >>> >> >> >> >> -- >> Atenciosamente, >> Paulo Roberto S. Pellucci >> >> > >
