Welcome to WebmasterWorld Guest from

Forum Moderators: phranque

Message Too Old, No Replies

Standards for browser navigation



7:08 pm on Dec 7, 2001 (gmt 0)

Inactive Member
Account Expired


I know it's a bit off topic but I'm having hard time with this issue
I'm looking for standards (documentation/articles/instructions) on how the application should be handling the Navigation actions on the browser while user is working on a transaction. In other words (for example) behavior after using Back and Forward buttons (or equivalent ALT left/right arrow) in the middle of banking application.
Any help or suggestion will be appreciated
1:16 am on Dec 10, 2001 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Sept 21, 1999
votes: 0

Welcome corab, we're pleased to have you join us! As you probably know, the World Wide Web Consortium at [w3.org...] sets the standards for all things web related. I did a quick search there on "back button" and didn't find anything useful, but I'm confident that this is where you'll find the information you're seeking. Presently, [google.com...] is the search link they offer, their own search seems to be a work in progress. Dig around and see what you can find!
1:16 am on Dec 10, 2001 (gmt 0)

Senior Member

WebmasterWorld Senior Member mivox is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Dec 6, 2000
votes: 0

For most high-security (banking, taxes, etc.) applications I've run into online, I've seen three methods of handling it:

You always have to log in to an account (or create one) to access the application, then...

1. If you try to use the back button, or any browser navigation controls, you are informed that such-and-something has expired and you have to start all over again... (eliminates unauthorized accesses caused by folks who forget to log out at the end of a session). All "next" and "back" naivgation functions are presented in the browser window, and appear to be handled by the program itself.

2. Browser navigation works fine for any page up to, but not including, the login/registration page. You have to log out to end your session (or close the browser window).

However, as far as "standards" go, I don't know that there are any... IMO, method #1 above may be aggravating from time-to-time, but it seems more secure.


3:56 pm on Dec 11, 2001 (gmt 0)

Inactive Member
Account Expired


Thanks for you input guys. I've been searching w3c, ibm, microsoft and entire web before but wasn't successful to find an answer. It looks like this is well kept secret :)
Very good points - Mivox. I'll use them for sure in my recommendations.
Thank you both

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members