As new in asp.net. In my asp.net application in membership in log off on click event using function ClearSession(), but problem arises after log off if i click back button on browser it is forwarding to the cached page. How to clear cache in browser so a user could not view its profile if he is not login
protected void ClearSession()
{
FormsAuthentication.SignOut();
Session.Clear();
Response.Cache.SetCacheability(HttpCacheability.NoCache);
Response.ExpiresAbsolute = DateTime.UtcNow.AddDays(-1d);
Response.Expires = -1500;
Response.CacheControl = "no-Cache";
}
Answers:
Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.
Method 1
I think you are almost there. You need more HTML headers to support all browsers. According to this article on SO these are the ones that work on all browsers:
Cache-Control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: 0
The full code for this is:
HttpContext.Current.Response.AddHeader("Cache-Control", "no-cache, no-store, must-revalidate");
HttpContext.Current.Response.AddHeader("Pragma", "no-cache");
HttpContext.Current.Response.AddHeader("Expires", "0");
Method 2
response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate");
response.setHeader("Pragma", "no-cache");
response.setDateHeader("Expires", 0);
These header will only work on pages on which they are included not for all the web application, so either you should add filter which include this header to all pages or you can disable back button.
All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0