How do I solve security issues without disabling browser back button

Big Hello ladies and Gents, I’m here again :grinning:

I learnt browser back button is enabled for security reasons – I’m using .NET MVC C# for development –

I did for this: actually we have serial and pins which are paid and I have stopped all the ways and without authentication a user can not reach that point.
In this scenario I have stop browser to maintain history like if we have given facility to user to use a pin 3 times and if he use last time the pin now limit is complete and if he
presses back button (now back button is not a server call) and browser will show user its page again from which he can again print the form so I have stop browser to maintain history but I’m more than a little ticked for users… so how do I overcome this security issues without disabling browser back button? Many thanks!

Regards

If you understand your problem correctly, you might replace the current history entry:

history.replaceState({}, 'expired', './expired.html')

You can read more details on history manipulation over at the MDN.

PS: If you just want to show the same page again but force a reload, you could add a query string parameter with a (more or less) unique hash, like e.g.

history.replaceState(
  {}, 
  'Expired', 
  window.location.href + '?hash=' + Date.now()
)

@m3g4p0p

Above is the code for redirecting it to another page expire.html besides bearing in mind the security reasons I stated.

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.