Clear web page history and block the back button!_javascript tips

This article introduces various solutions for disabling the browser back button that can be found on the Internet, and analyzes their respective advantages, disadvantages and applicable occasions.
1. Overview
Many people have asked, "How can I 'disable' the browser's back button?", or "How can I prevent users from clicking the back button to return to previously visited pages?" "This question is also one of the most frequently asked questions on the ASP forum. Unfortunately, the answer is very simple: we can't disable the browser's back
button.
At first I was incredulous that someone would want to disable the browser’s back button. Later, I was relieved to see that so many people wanted to disable the back button
(the only ones they wanted to disable were the back button, not the browser's forward button). Because by default, after submitting the form, the user can return to the form page through the
back button (instead of using the "Edit" button!), and then edit and submit the form again to insert new records into the database. This is something we
don’t want to see.
So I decided to find a way to avoid this situation. I visited many websites and consulted various implementation methods introduced by these websites. If you
frequently visit ASP programming websites, you may have seen some of the content introduced in this article. The task of this article is to introduce all possible methods to everyone, and then find
the best method!
2. Disable caching
Among the many solutions I found, one of them suggested disabling page caching. Specifically, use a server-side script as follows:

Copy the code The code is as follows:

< ;%

Response.Buffer = True
Response.ExpiresAbsolute = Now() - 1
Response.Expires = 0
Response.CacheControl = "no-cache"
%>


This method is very effective! It forces the browser to revisit the server to download the page instead of reading the page from cache. When using this method, the programmer's main task is to create a session-level variable that determines whether the user can still view the page that is not suitable for access via the back button. Since the browser

no longer caches this page, the browser will re-download the page when the user clicks the back button, and the program can then check that session variable to see if
the user should be allowed to open the page.
For example, suppose we have the following form:

Copy code The code is as follows:< ;%

Response.Buffer = True

Response.ExpiresAbsolute = Now() - 1
Response.Expires = 0
Response.CacheControl = "no-cache"
If Len(Session( "FirstTimeToPage")) > 0 then
&single; The user has visited the current page and is now returning to visit again.
&single; Clear session variables and redirect the user to the login page.
Session("FirstTimeToPage") = ""
Response.Redirect "/Bar.asp"
Response.End
End If
&single; If the program runs here, it means that the user can view Current page
&single; The following starts creating the form
%>

We use the session variable FirstTimeToPage to check whether the user visits the current page for the first time. If it's not the first time (i.e. Session
("FirstTimeToPage") contains a certain value), then we clear the value of the session variable and redirect the user to a start page. In this way, when the form

is submitted (when SompePage.asp is opened), we must give FirstTimeToPage a value. That is, in SomePage.asp we need to add the following
code:
Session("FirstTimeToPage") = "NO"
In this way, if the user who has opened SomePage.asp clicks the back button, the browser The server will be re-requested to download the page. The server checks that Session
("FirstTimeToPage") contains a value, so it clears Session("FirstTimeToPage") and redirects the user to other pages. Of course,
all of this requires the user to have cookies enabled, otherwise the session variables will be invalid. (For more explanation of this problem, see For session variables
to work, must the Web visitor have cookies enabled?)
In addition, we can also use client-side code to prevent the browser from caching Web pages:

Copy code The code is as follows:

If you use the above method to force the browser to no longer cache web pages, you must pay attention to the following points:
"Pragma: no-cache" only prevents the browser from caching the page when using a secure connection. For pages that are not protected by security, "Pragma: no-cache"
is treated the same as "Expires: -1". At this time, the browser still caches the page, but marks the page as expiring immediately.
In IE 4 or 5, the "Cache-Control" META HTTP-EQUIV tag is ignored and has no effect.
　 In practical applications we can add all these codes. However, since this method does not work in all browsers, it is not recommended. But
If it is an intranet environment and the administrator can control which browser the user uses, I think some people will still use this method.
3. Other methods
The method we are going to discuss next is centered on the back button itself, rather than the browser cache. Here is an article Rewiring the Back Button that is
worth referencing. However, I noticed that if this method is used, although the user will not see the page where he previously entered data when he clicks the back button, he only needs to click
twice. This is not the effect we want, because Many times, stubborn users are able to find ways to bypass preventive measures.
Another way to disable the back button is to use client-side JavaScript to open a window without a toolbar. This makes it difficult for the user to return to the previous page, but
not impossible. A safer, but rather annoying, method is to open a new window when the form is submitted and at the same time close the window where the form is located. But I feel
that this method is not worthy of serious consideration, because we can’t let users open a new window every time they submit a form.
So, can we add JavaScript code to the page that we don’t want users to return to? The JavaScript code added to this page can
be used to produce the effect of clicking the forward button, thus counteracting the action caused by the user clicking the back button. The JavaScript code used to implement this function is as follows
:

Copy the code The code is as follows:

Again, although this method works, it is far from the "best method". Later, I saw someone suggesting using location.replace to move from one
page to another. The principle of this method is to replace the current history record with the URL of the new page, so that there is only one page in the browsing history, and the
back button never becomes available. I think this is probably what many people are looking for, but it's still not the best approach in every situation. An example of using this
method is as follows:

Disable links back to this page
Try this link:
Disable links back to this page!
The disadvantage of this approach is that simply using Response.Redirect will no longer work because every time the user goes from one page to another,
we have to clear location.history with client code . Also note that this method clears the last access history record, not all
access records.
Click the link above and you will open a simple HTML page. Click the back button again, and you can see that what is opened is not this page, but the page
before this page! (Of course, you must enable client-side JavaScript code in the browser.)
After some careful searching, I found that I still couldn’t find a way to completely disable the browser’s back button. All of the methods
described here can prevent users from returning to the previous page to varying degrees and in different ways, but they all have their own limitations. Since there is no way to completely disable the back button
, the best solution is to use a mix of client-side and server-side scripts.