I have an ASP.NET Core 8 MVC web application. I have a scenario where when I click on the browser's back button, it goes to the previous screen. Here, the issue comes when I log out.
Suppose I am in a user profile view page and click on the logout button, then it will move to the login screen. But when the user clicks on the back arrow, it goes back to the previous screen. Here, it is the user profile view page. How can I solve this?
I have an ASP.NET Core 8 MVC web application. I have a scenario where when I click on the browser's back button, it goes to the previous screen. Here, the issue comes when I log out.
Suppose I am in a user profile view page and click on the logout button, then it will move to the login screen. But when the user clicks on the back arrow, it goes back to the previous screen. Here, it is the user profile view page. How can I solve this?
1. Disable Browser Caching for Protected Pages
Prevent the browser from caching sensitive pages such as the user profile page. Use the appropriate HTTP headers to instruct the browser not to cache the page.
Add the following headers to your protected pages in your ASP.NET Core 8 MVC application:
Response.Headers["Cache-Control"] = "no-store, no-cache, must-revalidate, max-age=0";
Response.Headers["Pragma"] = "no-cache";
Response.Headers["Expires"] = "-1";
Alternatively, create a reusable filter or middleware to apply these headers globally to protected pages:
public class NoCacheFilter : ActionFilterAttribute
{
public override void OnResultExecuting(ResultExecutingContext context)
{
context.HttpContext.Response.Headers["Cache-Control"] = "no-store, no-cache, must-revalidate, max-age=0";
context.HttpContext.Response.Headers["Pragma"] = "no-cache";
context.HttpContext.Response.Headers["Expires"] = "-1";
base.OnResultExecuting(context);
}
}