Browsers should validate freshness of cached stale articles ahead of working with it, but It's not necessarily mandatory unless the extra directive ought to-revalidate is specified.
For what It truly is worth, I just had to handle this in my ASP.NET MVC three software. Here is definitely the code block I used in the Global.asax file to handle this for all requests.
You have currently written your headers. I don't Imagine it is possible to add more after you've done that, so just place your headers in your first object.
Note: after you set NoStore Duration parameter just isn't considered. It can be done to established an initial duration for first registration and override this with custom characteristics.
Business technical challenges lead to unsuccessful payment currently being considered profitable. Do I have any duty to inform?
I believe all browsers will right this on the current time when they include the page to your cache, but it is going to show the page as more recent once the comparison is made. I think there can be some cases where a comparison isn't made. I'm not sure in the details and they change with Each and every new browser release.
Despite the discussion in feedback here, this is sufficient to disable browser caching - this will cause ASP.Web to emit response headers that convey to the browser the doc expires immediately:
In employing the newest version of .Internet's response caching middleware, we need for making a coverage that permits callers to bypass cached responses if they ship a certain header critical.
It turned out the name of your see I used to be having the issue with was named 'Recent'. Apparently this confused the Internet Explorer browser.
To verify the a single as well as the other, you may see/debug them inside the HTTP traffic monitor of the web browser's developer toolset. You will get there by urgent F12 in Chrome/Firefox23+/IE9+, and afterwards opening the "Network" or "Web" tab panel, after which clicking the HTTP request of interest to uncover all detail about the HTTP request and reaction. The below screenshot is from Chrome:
Sending the same header twice or in dozen parts. Some PHP snippets out there actually replace previous headers, resulting in only the last a single getting sent.
In advance of downvoting this response take a look at the project and recall that If you're looking for an answer, possibly you don't really check here know Express or HTTP. During this case it is healthier to work with an by now made deal, Particularly a trusted 1 like that.
Pylinux's respond to worked for me, but upon additional inspection, I found the helmet module for express that handles some other safety features for you.
I haven't tried it but, though the OP's location (setting the headers inside the ASP page itself) might be greater.