Blogger: Geeks At Work - Post a Comment

Most web applications with authentication disable caching so after you logout, you can't click the back button to try and view pages that you shouldn't be accessing.

In ASP.NET, you can use the following code to disable caching
Response.Cache.SetExpires(DateTime.UtcNow.AddMinutes(-1))
Response.Cache.SetCacheability(HttpCacheability.NoCache)
Response.Cache.SetNoStore()

There are some other snippets you could try out too. Here's one:

Response.ClearHeaders();
Response.AppendHeader("Cache-Control", "no-cache"); //HTTP 1.1
Response.AppendHeader("Cache-Control", "private"); // HTTP 1.1
Response.AppendHeader("Cache-Control", "no-store"); // HTTP 1.1
Response.AppendHeader("Cache-Control", "must-revalidate"); // HTTP 1.1
Response.AppendHeader("Cache-Control", "max-stale=0"); // HTTP 1.1
Response.AppendHeader("Cache-Control", "post-check=0"); // HTTP 1.1
Response.AppendHeader("Cache-Control", "pre-check=0"); // HTTP 1.1
Response.AppendHeader("Pragma", "no-cache"); // HTTP 1.1
Response.AppendHeader("Keep-Alive", "timeout=3, max=993"); // HTTP 1.1
Response.AppendHeader("Expires", "Mon, 26 Jul 1997 05:00:00 GMT"); // HTTP 1.1

Another one to add directly to the HTML code on your page (this one has been known to not work on Firefox):

meta equiv="CACHE-CONTROL" content="NO-CACHE"

You'll probably want to test the code with all of your target web browsers.

Post a Comment On: Geeks At Work

"Disabling ASP.NET Caching"

1 Comment -

Leave your comment

This blog does not allow anonymous comments.

Post a Comment On: Geeks At Work

"Disabling ASP.NET Caching"

1 Comment - document.write("\x3ca onclick\x3d\x22COMMENT_PAGE.togglePostBody(); try{this.blur();}catch(e){}; return false\x22 id\x3d\x22showOrHidePost\x22 href\x3d\x22javascript:void(0);\x22\x3e\x3c/a\x3e\n");

Leave your comment

This blog does not allow anonymous comments.

1 Comment -