Disable browser’s back button

Disable browser’s back button

How to disable browser’s BACK Button (across browsers)?

Solutions/Answers:

Solution 1:

This question is very similar to this one

You need to force the cache to expire for this to work. Place the following code on your page code behind.

Page.Response.Cache.SetCacheability(HttpCacheability.NoCache)

Solution 2:

Do not disable expected browser behaviour.

Make your pages handle the possibility of users going back a page or two; don’t try to cripple their software.

Solution 3:

I came up with a little hack that disables the back button using JavaScript. I checked it on chrome 10, firefox 3.6 and IE9:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<title>Untitled Page</title>
<script type = "text/javascript" >
function changeHashOnLoad() {
     window.location.href += "#";
     setTimeout("changeHashAgain()", "50"); 
}

function changeHashAgain() {
  window.location.href += "1";
}

var storedHash = window.location.hash;
window.setInterval(function () {
    if (window.location.hash != storedHash) {
         window.location.hash = storedHash;
    }
}, 50);


</script>
</head>
<body onload="changeHashOnLoad(); ">
Try to hit the back button!
</body>
</html>

What is it doing?

From Comments:

This script leverages the fact that browsers consider whatever comes after the “#” sign in the URL as part of the browsing history. What it does is this: When the page loads, “#1” is added to the URL. After 50ms the “1” is removed. When the user clicks “back”, the browser changes the URL back to what it was before the “1” was removed, BUT – it’s the same web page, so the browser doesn’t need to reload the page. – Yossi Shasho

Solution 4:

Others have taken the approach to say “don’t do this” but that doesn’t really answer the poster’s question. Let’s just assume that everyone knows this is a bad idea, but we are curious about how it’s done anyway…

You cannot disable the back button on a user’s browser, but you can make it so that your application breaks (displays an error message, requiring the user to start over) if the user goes back.

One approach I have seen for doing this is to pass a token on every URL within the application, and within every form. The token is regenerated on every page, and once the user loads a new page any tokens from previous pages are invalidated.

When the user loads a page, the page will only show if the correct token (which was given to all links/forms on the previous page) was passed to it.

The online banking application my bank provides is like this. If you use the back button at all, no more links will work and no more page reloads can be made – instead you see a notice telling you that you cannot go back, and you have to start over.

Solution 5:

While i’m looking for the answer myself,
“Best Practice” is…. outdated… Just like browsers are.(Really browsers are ugly fossils)

The best/safest solution would be for browsers to implement a method/request where the user can grant the page the ability to control the interface.

Why? Because for my current project i’m building a 100% JavaScript built and controlled interface.. And back button’s have no place in my project since there is no page change. (Ie bloody fast and no page-flashes because of a refresh.. Just like a real application!)

I know why the ability to “highjack” the interface isn’t there, and i understand it. But atleast we should have the ability to request it from the browser! Now that would truly be “best practice” without the highjack dangers.

But browsers being browsers.. I don’t expect anything exiting to happen in this regard.

Solution 6:

I was searching for the same question and I found following code on a site. Thought to share it here:

function noBack()
{
   window.history.forward()
}
noBack();
window.onload = noBack;
window.onpageshow = function(evt){ if(evt.persisted) noBack(); }
window.onunload = function(){ void(0); }

However as noted by above users, this is never a good practice and should be avoided for all reasons.