C
Chuck Doucette
I have a web application with at least three pages:
/index.aspx (home page)
/login.aspx (login page)
/my/portfolio.aspx (private page - needs authentication)
If I attempt to go directly to the private page, I am properly
redirected to the login page. If the login is successful, I am then
redirected to the private page. Once I'm on the private page, I click
on an image button to logout, which logs me out by effectively
deleting the non-persistent authentication cookie, and then redirects
me back to the home page.
Then, when I am using IE, if I attempt to go directly to the private
page again, I can see it, or at least a cached version of it. I am not
redirected to the login page as I should be. If I push reload on the
browser, I see the login page instead, although the URL in the address
window implies that I'm still looking at the private page. However, if
I clear the temporary files in IE right before I attempt to go
directly back to the private page, then I am properly redirected to
the login page (with the correct URL displayed in the address bar).
If I use Netscape, everything appears to work fine on the first try
(unlike IE). I don't have to clear the cache.
Is this a bug in ASP.NET (server-side), IE (client-side), or a
user-error?
Do I need to explicitly disable caching on all of my private pages?
If so, should I do it like this (from the Page_Load method of my
private page)?
Response.AppendHeader("pragma","no-cache");
Response.AppendHeader("cache-control", "no-cache");
Thanks for any help or insight!
Chuck
/index.aspx (home page)
/login.aspx (login page)
/my/portfolio.aspx (private page - needs authentication)
If I attempt to go directly to the private page, I am properly
redirected to the login page. If the login is successful, I am then
redirected to the private page. Once I'm on the private page, I click
on an image button to logout, which logs me out by effectively
deleting the non-persistent authentication cookie, and then redirects
me back to the home page.
Then, when I am using IE, if I attempt to go directly to the private
page again, I can see it, or at least a cached version of it. I am not
redirected to the login page as I should be. If I push reload on the
browser, I see the login page instead, although the URL in the address
window implies that I'm still looking at the private page. However, if
I clear the temporary files in IE right before I attempt to go
directly back to the private page, then I am properly redirected to
the login page (with the correct URL displayed in the address bar).
If I use Netscape, everything appears to work fine on the first try
(unlike IE). I don't have to clear the cache.
Is this a bug in ASP.NET (server-side), IE (client-side), or a
user-error?
Do I need to explicitly disable caching on all of my private pages?
If so, should I do it like this (from the Page_Load method of my
private page)?
Response.AppendHeader("pragma","no-cache");
Response.AppendHeader("cache-control", "no-cache");
Thanks for any help or insight!
Chuck