0

I am facing an issue that after logging out from website, I am able to see all the pages using browser back button, my understanding is if I clear all the cache on logout then I can prevent it, but my fear is that if I remove all the cache then will my site performance becomes bad?

Also it is possible to just make nocache for a particular page?

Ankush
  • 300
  • 2
  • 5
  • 14

1 Answers1

0

Yes, you can use the OutputCache attribute on the controller action that returns the view. For example, to prevent caching on a view use this:

[OutputCache(NoStore = true, Duration=1)]

Performance will be affected because you are then telling the browser not to cache so it will make another request to your website. But this need not be a significant impact as you will just be redirecting them to a "session expired" page I expect.

MarkG
  • 1,859
  • 1
  • 19
  • 21
  • I have gone through that question, my main question is that is there any possible way in which we keep the things in cache but we wont let user to use back button after he has logged out? – Ankush Dec 26 '12 at 07:51
  • When you say "keep the things in cache" I assume you're referring to images etc on the page. This is OK as caching for those items can be specified in you config. To prevent the *page* itself from caching (so that the browser history can't be navigated) then you need to do something similar to my answer to instruct the user's browser not to cache that URL. I have used this technique many times and it works fine. – MarkG Dec 26 '12 at 08:30
  • Yes you are right, I mean to keep images, So if we just write `[OutputCache(Duration=1)]`, it means it will not cache the url but will cache the images. Is it? – Ankush Dec 26 '12 at 09:52
  • Mark, this worked great but it is not working in Opera, do you have any idea how to make it work in Opera? – Ankush Dec 26 '12 at 13:12
  • I'm not aware of any Opera specific caching directives. Maybe an older version of the page is already cached? Try Ctrl+R to reload the page or clear the browser cache and try again. Other than that I can only suggest looking at the response headers coming from the website to see what expiration is set. – MarkG Dec 26 '12 at 14:25