Prevent browser caching of web pages in asp.net which works in all browsers (IE/Firefox..)
In this article I am going to explain how to prevent the browser caching of web pages in asp.net. It is the one of the biggest issues every developer will face.
Why browser caching?
To speed up the user experience on the web, most browsers implement a technology called caching. Caching allows information such as WebPages, images, and so on, to be saved on a user’s computer. If the user calls for a previously requested webpage, the browser is able to access the information more quickly by recalling it from a cache, rather than making another request to the site itself.
One side it is a advantage but when you display sensitive information it will be a big drawback .Recently we have found one problem in our current project where a user will log in and after does some operations and then signs out. If user clicks on back button it will still display the information as if the user was still logged in. Hmmm..... We have tried different ways to handle the issue. But we have faced issues with Firefox .
So I have decided to write logic in master page load event. And I have added some login in logout page. Here is the code.
Place this code in master page in load event
HttpContext.Current.Response.Cache.SetAllowResponseInBrowserHistory(false);
HttpContext.Current.Response.Cache.SetCacheability(HttpCacheability.NoCache);
HttpContext.Current.Response.Cache.SetNoStore();
Response.Cache.SetExpires(DateTime.Now.AddSeconds(60));
Response.Cache.SetValidUntilExpires(true);
In Logout page Load add this code
Response.AddHeader("Pragma", "no-cache"); Response.CacheControl = "no-cache";
Response.Cache.SetAllowResponseInBrowserHistory(false);
Response.Cache.SetCacheability(HttpCacheability.NoCache);
Response.Cache.SetNoStore();
Response.Expires = -1;
Session.Abandon();
ClientScript.RegisterClientScriptBlock(this.GetType(),"signout", "DisableHistory()", true );
write this code in logout mark up page
function DisableHistory() {
window.history.forward(1);
}
function RedirectToHome() {
setTimeout("window.location = 'Index.aspx'",0); }
</script>
call this RedirectToHome method in body onload of logout page
<body onload ="RedirectToHome();">
Run the application.Have a fun …
Revision number 3, Thursday, October 28, 2010 9:50:01 PM by grizz
You must Login to comment.
|
Wed, Oct 27, 2010 3:47 AM
by rahul.b
|
Is there any reson why Microsoft hasent implemented this feature in asp.net? Would'nt it be better to have a config file setting to tell the asp.net to generate pages that are not cached at the client end....
|
|
Mon, Nov 15, 2010 7:11 AM
by srinivask
|
TO providing the cross browser support this is the better way .
|
|
Thu, Jan 27, 2011 10:46 AM
by mbielski
|
I'm dubious about the need for the JavaScript on the logout page. You would have to take into account visitors with JavaScript turned off, which would render that part useless. To truly force the ASP.Net session to be cleared, I use the following in my logout Page_OnLoad event: Session.Clear(); Session.Contents.RemoveAll(); Session.Contents.Abandon(); Session.Abandon(); It may seem a little redundant, but I found that if I didn't do this my webkit-based visitors were still caching information for some reason. This solved that for me.
|
Revision #3
Fri, Jul 2, 2010 6:45 PM
by
|
Caching in ASP.net
Caching Author: Prakash Singh Mehra Introduction: It is a way to store the frequently used data into the server memory which can be retrieved very quickly. And so provides both scalability and performance. For example if user is required to fetch the same
|
Revision #2
Sat, Nov 24, 2012 12:15 PM
by
|
Developer Guidelines
Things to be taken care by developers while writing code or designing different layers Presentation Layer: Choose your UI elements carefully Optimize Viewstate State management should be effective and optimized well Well Managed Caching Reduce round trips
|