Disable Back button

How to disable back button and forward button in browser window?

You cannot in a reliable fashion and shouldn't. Why would you want to do that? if you want control over a browser window, use window.open.

Are you trying to make the user use only the buttons and links in your page? and not use the forward and backward?

I also want to know how. I wonder if setting the page to be stale instantly will do. Like set page to be stale to 0, but how I also want to know.

When user navigates to some pages and when he clicks on back button, data is going to be sumitted again and it requires data to be submitted. It displays a page asking to refresh. But our users dont want to see that page. Either i want to take out those buttons or disable them(which looks not possible) or I want to tell them atleast not to use back button when they click on that. Even for that, I'm not able to catch back button event in the browser.
Any ideas?

You could go through the trouble of creating an application startup page that opens a new browser window that does not show the back/forward button...

But the user could still use the keyboard-equivalents to navigate (like alt<- and alt-> . You could then try valiantly to intercept these keystrokes and eat them in event handlers on every screen element...

But the user could still use right-clicks to go back and forward in their history, so you'd have to try to disable those events as well...

And even then, you haven't really protected your app, because the user can simply disable javascript and defeat you.

This kind of thing needs to be done server-side, not in the client. NEVER, ever, trust the client to keep your web app safe. You need to be looking into token synchronization, so that when a page is received a second time on the client, the server detects this, refuses to process the request, and asks the user to resubmit the request after resyncing itself with the flow of the client's state.

Set headres to allow caching of your pages - this way when user hits "Back", old page is displayed, without trying to resubmit the form.

Also, you may consider generating a uniq id every time page reloads, so if form is submitted, but that id was already used - means back button was used or a link was double clicked.

Another option may be using "Get" request instead of "Post".

Thanks for your replies. I understand the problems of Client.
Try to implement this in server side..
The problem is this is already existing application which I support..
Thought of not taking much pain by changing lot of server side code and wanted to implement client side technique. Looks like, client side code is not feasible.
Thanks again for your valuable comments.