How to Prevent a Page From Being Visited Again by Back Button Javascript
Offset published on TECHNET on Nov 26, 2012
This web log postal service is a contribution from Charls Tom Jacob, an engineer with the SharePoint Developer Support team.
Scenario:
In SharePoint, the sign out is consummate just when you lot actually close the browser window. Equally shown below, SharePoint asks you lot to shut the browser after sign out: "You must close your browser to complete the sign out process". If the browser is Internet Explorer, information technology goes an extra mile showing the confirmation box to shut the electric current window and closes it if you say yes. This is done by calling the window.shut() JavaScript function on the folio load.
But that's not the case with other browsers (Firefox, Chrome etc.,), which does not allow endmost the window using script. Once more, IE leaves information technology to the user to determine whether to close the window or non.
Problem:
You might be using your SharePoint site to shop any sensitive information like club/purchase details or even credit carte numbers, or anything that's confidential. Y'all have wide diversity of users who are technical and non-technical, who access the site from the intranet/extranet or from public internet cafes. Suppose the user is viewing or editing some items and decides to sign out of the site, without bothering to close the browser window, anyone can get to the previous page simply by pressing the browser back push, leaving the sensitive information open to others.
This happens every bit the page is served from the browser cache and non loaded from the server. If you reload the page, SharePoint senses that you take logged out of the site and takes you lot to the login page. Of course caching is a adept affair equally it helps to serve the pages faster, but this is a downside as it's controlled by the browser and not the server.
Solution:
Now coming back to the title of the blog, nigh like shooting fish in a barrel solution would be to preclude users from pressing the dorsum push – ultimately to disable it! But that'due south not going to be very like shooting fish in a barrel, yous may notice 'n' number of techniques claiming to practice that but none of them would serve the purpose across dissimilar browsers.
And then in the SharePoint context (rather ASP.NET), solution is to develop a custom master page and a few lines of lawmaking, instructing the browser non to cache the page. When the page is not cached, browser will force itself to transport a request to the server each time the page is requested. You many not want to do this for all the pages/sites as it again impacts performance.
Hither I won't be going into the details of how to set the master page dynamically, but use a custom master page on a site, that does no enshroud, hence "secures" your data after a sign out.
Steps:
i. Created a master page using Visual Studio. Call information technology NoCache.master.
2. To preserve the look and feel, re-create the contents from your site primary folio (Download the main page from the master folio gallery).
3. Modify the Primary tag as below:
<%@ Principal language="C#" Inherits="MasterPageWithCodeBehind.MasterPageModule.NoCache, MasterPageWithCodeBehind, Version=1.0.0.0, Culture=neutral, PublicKeyToken=ea0870212dba35bb" %>
4. Implement the code-behind as below:
namespace MasterPageWithCodeBehind.MasterPageModule
{
public class NoCache : MasterPage
{
protected System.Web.UI.HtmlControls.HtmlGenericControl divRibbonContainer;
protected void Page_Load(object sender, EventArgs e)
{
// IE
Response.Cache.SetCacheability(Arrangement.Web.HttpCacheability.NoCache);
// Others
Response.Enshroud.SetNoStore();
Response.Write("This is a custom chief page that prevents caching!!");
}
}
}
This lawmaking instructs the browser not to cache the folio.
v. Deploy this master page and set information technology every bit your site's default master page.
6. Sign out from the SharePoint site, press back button. You lot will be taken to the SharePoint login page, instead of the last page yous visited!
Again, this is not "the best" fashion to accomplish this, of course as we will be missing out on the goodness that caching has to offer. But this is i of the means!
Hope y'all establish this helpful 
Source: https://techcommunity.microsoft.com/t5/microsoft-sharepoint-blog/how-to-prevent-users-from-pressing-back-button-after-signing-out/ba-p/509707
0 Response to "How to Prevent a Page From Being Visited Again by Back Button Javascript"
Post a Comment