Any page that potentially contain sensitive information should not be cached on the user’s browser and proxy servers. In ASP.NET MVC, you can use the OutputCache attribute to prevent caching for a controller action. For example:
[OutputCache(Location = OutputCacheLocation.None, NoStore = true)]
public ActionResult Index()
{
return View();
}
This will result in the following headers:
Cache-Control: no-cache, no-store Pragma: no-cache Expires: -1
For ASP.NET Core MVC, use the ResponseCache attribute instead.
[ResponseCache(Location = ResponseCacheLocation.None, NoStore = true)]
Produces the following headers:
Cache-Control: no-store,no-cache Pragma: no-cache
The OutputCache attribute and the ResponseCache attribute can be applied both to actions (methods) as well as controllers (classes).
Simple and Useful. Thanks