I'm going to have to agree with Greg and Wong Kokkong. There are definitely scenarios where a way to programmatically (through JavaScript and/or VBScript) disable the back button on the client. Although somebody would find a way to abuse this feature of the client-side languages, I offer another scenario where this is almost a must.

I'm building a session based application. When the session times out a user should not be able to go back to the previous page(s) to see the security restricted information therein. If a malicious person gains access to a user's computer and hits the back button a couple times, all of that information is there in plain view.

It would be really, really nice to simply do a "history.clear();" or something like that to accomplish this.

And, again, I do understand the arguement that somebody is going to abuse this functionality if it were ever available, but I offer up this one snippet of code:

<body onLoad="popupAdvertisementWindow();">

It's already been done once, why not again?! I'm dead serious. What's the worst that could happen? Maybe I'm missing something.

Now that I'm done with my rant, does anybody have any ideas to solve my problem?

The only thing I've come up with is using the replace() method for all links within the site. First of all, not very fun (especially since I've already written all the links), and secondly, this is really not fun if you're trying to POST information to a page (you'd have to gather all the form elements into string to be passed to the replace method, and then there's url length limitations, etc).

Thanks!