private void PreventPageFromBeingCached(AuthorizationContext filterContext)
{
var cachePolicy = filterContext.HttpContext.Response.Cache;
cachePolicy.SetProxyMaxAge(new TimeSpan(0));
}
The reason I ask is that I originally had the following code in a custom AuthorizeAttribute:
private void PreventPageFromBeingCached(AuthorizationContext filterContext)
{
var cachePolicy = filterContext.HttpContext.Response.Cache;
cachePolicy.SetProxyMaxAge(new TimeSpan(0));
cachePolicy.AddValidationCallback(CacheValidateHandler, null);
}
protected void CacheValidateHandler(
HttpContext context, object data, ref HttpValidationStatus validationStatus)
{
//todo validationStatus = OnCacheAuthorization(new HttpContextWrapper(context));
}
I basically pasted this code from an answer on StackOverflow a while ago, and I have since moved this logic to an IAuthorizationFilter.
The problem is, by switching to an interface, I’ve lost AuthorizeAttribute‘s implementation of OnCacheAuthorization. According to the docs, OnCacheAuthorization is “called when the caching module requests authorization.” This doesn’t really tell me what I would need to do to implement this method, or if I even need the callback in the first place.
Questions
- Will
PreventPageFromBeingCachedactually prevent the page from being cached with just the two lines of code or do I need to also includecachePolicy.AddValidationCallback(CacheValidateHandler, null);and theCacheValidateHandler()method (plus an implementation ofOnCacheAuthorization())? - If I do need the extra code, what exactly does it do?
- If I have it all wrong, how do I prevent a page from being cached?
Personally, I like the controller approach as I’ve specified here
You don’t have the issues you are concerned about the best I’ve been able to tell through using this in my apps as you are using client caching.