MVC Logoff browser history

Question

I´ve a .net 4.5 app with MVC 4 + WebAPI, and I'm facing a situation that I don´t know how to explain/solve.

My Logoff code is as follows:

public ActionResult SignOut()
{
    FormsAuthentication.SignOut();
    return Redirect("~");
}

This works, somehow, as expected (didn't verified for hacking scenarios).

However, if I do the following:

public ActionResult SignOut() {
{
    FormsAuthentication.SignOut();
    return Redirect("~/?logout=true");
}

It seems to still work, however, if the user hits the back navigation button on chrome (or backspace), he gets back to the login page!

Why is that happening?
Is there any other way to pass a parameter to the Redirect call?

How about this: http://stackoverflow.com/questions/16337149/how-to-clear-browser-cache-on-browser-back-button-click-in-mvc4/16337566#16337566 ? — von v., Feb 04 '15 at 00:47

score 0 · Accepted Answer · answered Feb 04 '15 at 00:18

0

Can you confirm that the page you are seeing is not the cache version? Press Shift-F5 and see if the page refreshes or if you are redirected to the login page instead. If that is the case, you can play with the cache settings to make sure users cannot go back to the page.

answered Feb 04 '15 at 00:18

Gopi Bandla

89
4

That was it, But I´ve just found the complete answer here :http://stackoverflow.com/questions/14425042/logout-issue-with-browser-back-button. Thanks – Luiz Rolim Feb 04 '15 at 00:21

MVC Logoff browser history

1 Answers1