Allowing going back after logout

Hi I have this issue as I seen many before has had with the website allowing the user to step back once logged out. I have seen this code below recommend to solve the problem, and it works. But my questions are, is this the best way of doing it? I dont want to cache any of the secure pages? Will the web app run slower with out cashing secure pages? Is there an alternative?

Response.Buffer = True  
Response.Expi开发者_开发问答resAbsolute = Now().Subtract(New TimeSpan(1, 0, 0, 0)) 
Response.Expires = 0 
Response.CacheControl = "no-cache"

Manage the entire session server side, validating each page change with session tokens, then once the user logs out, invalidate the session token. Without a valid token, enforce the login page.

Also, invalidate the token on timeout, on concurrent logins and if possible on navigation away from page.

Depending on your application this may be overkill, but it works well for things like online banking and trading.

You can disable the ability to go back by having such code in your page:

<script type="text/javascript">
 window.history.go(1) ;
</script>

With this in place, user will be sent back (well, forward) to the page he came from when pressing Back.

You can try integrating this with AJAX code that check if the user is logged in (send request to IsLoggedIn.aspx page that return true/false) and when logged in don't execute the code, but this is untested yet.