Any page that potentially contain sensitive information should not be cached on the user's browser and proxy servers. In ASP.NET MVC, you can use the OutputCache
attribute to prevent caching for a controller action. For example:
[OutputCache(Location = OutputCacheLocation.None, NoStore = true)] public ActionResult Index() { return View(); }
This will result in the following headers:
Cache-Control: no-cache, no-store Pragma: no-cache Expires: -1
For ASP.NET Core MVC, use the ResponseCache
attribute instead.
[ResponseCache(Location = ResponseCacheLocation.None, NoStore = true)]
Produces the following headers:
Cache-Control: no-store,no-cache Pragma: no-cache
The OutputCache
attribute and the ResponseCache
attribute can be applied both to actions (methods) as well as controllers (classes).
Nice! Thanks for easing my day!
Extremely helpful. Thanks
Simple and Useful. Thanks