C# | Tech@Play

If you have ASP.NET MVC application with login / logout functionality (for example using Forms Authentication), you may have noticed that after logout, if you hit back button in your browser, last page you were on will open. In secure application this could present a problem, as it could expose information that only authorized users should view.

Culprit in this scenario is our browser, as it will quite happily show cached version of the page after you’ve logged out.

There isn’t much you can do, except tell your browser to not cache your application’s pages. You can do this for individual pages in your applications, or if you want all pages not to be cached, you can add an event in Global.asax file.

Add Application_BeginRequest() method to your application’s Global.asax file, and add code below which will disable browser caching for each request.

        protected void Application_BeginRequest()
        {
            Response.Cache.SetCacheability(HttpCacheability.NoCache);
            Response.Cache.SetExpires(DateTime.UtcNow.AddHours(-1));
            Response.Cache.SetNoStore();
        }

FindItemsResults findResults = service.FindItems(WellKnownFolderName.Inbox, new ItemView(mailboxPageSize)); foreach (Item item in findResults.Items) { EmailMessage message = EmailMessage.Bind(service, item.Id, new PropertySet(ItemSchema.Attachments)); message.Load(); string fromAddress = message.From.Address; //Do other stuff }

Tech@Play

Digital Playground

Tag Archives: C#

ASP.NET MVC – Prevent Browser Back Button Openning Page After Logout

Exchange Web Service – “You must load or assign this property before you can read its value” error message when trying to read message property

Share this:

Share this: