65.9K
CodeProject is changing. Read more.
Home

Prevent browser caching of web pages in asp.net which works in all browsers (IE/Firefox..)

ASP.NET Community
starIconemptyStarIconemptyStarIconemptyStarIconemptyStarIcon

1.00/5 (1 vote)

Oct 11, 2013

CPOL

1 min read

viewsIcon

29637

In this article I am going to explain how to prevent the browser caching of web pages in asp.net. It is the one of the biggest issues every developer

In this article I am going to explain how to prevent the browser caching of web pages in asp.net. It is the one of the biggest issues every developer will face.  

Why browser caching?
  To speed up the user experience on the web, most browsers implement a technology called caching. Caching allows information such as WebPages, images, and so on, to be saved on a user’s computer. If the user calls for a previously requested webpage, the browser is able to access the information more quickly by recalling it from a cache, rather than making another request to the site itself.

  One side it is a advantage but when you display sensitive information it will be a big drawback .Recently we have found one problem in our current project where a user will log in and after does some operations and then signs out. If user clicks on back button it will still display the information as if the user was still logged in. Hmmm..... We have tried different ways to handle the issue. But we have faced issues with Firefox .

   So I have decided to write logic in master page load event. And I have added some login in logout page. Here is the code.

Place  this code in master page  in load event 

HttpContext.Current.Response.Cache.SetAllowResponseInBrowserHistory(false);  
            HttpContext.Current.Response.Cache.SetCacheability(HttpCacheability.NoCache);  
            HttpContext.Current.Response.Cache.SetNoStore();
            Response.Cache.SetExpires(DateTime.Now.AddSeconds(60));
            Response.Cache.SetValidUntilExpires(true);

 

         In Logout page Load   add this code  
  


Response.AddHeader("Pragma", "no-cache");
            Response.CacheControl = "no-cache";
            Response.Cache.SetAllowResponseInBrowserHistory(false);
            Response.Cache.SetCacheability(HttpCacheability.NoCache);
            Response.Cache.SetNoStore();
            Response.Expires = -1;
            Session.Abandon();
            ClientScript.RegisterClientScriptBlock(this.GetType(),"signout", "DisableHistory()", true );


  
write this code in logout mark up page






function DisableHistory() {
 
           window.history.forward(1);
       }
       function RedirectToHome() {
 
           setTimeout("window.location = 'Index.aspx'",0);
       }
     
   </script>
 

call this  RedirectToHome method in body onload of logout page  




<body onload ="RedirectToHome();">
 
Run the application.Have a fun …