堆栈内存溢出
  简体   繁体   English

防止.NET Core 2.2中的浏览器缓存表单值

[英]Prevent browser caching form values in .NET Core 2.2

 原文  2019-05-13 01:14:06       asp.net-core/ browser-cache/ responsecache

问题描述

ASP.net Core 2.2 MVC Web Application ASP.net Core 2.2 MVC Web应用程序

I have a number of forms where I do NOT want the browser to cache/show any previous entered data when the user return to the page. 我有许多表单,我不希望浏览器在用户返回页面时缓存/​​显示以前输入的任何数据。 I want the elements/form to NOT cache any information. 我希望元素/表单不缓存任何信息。 I do not simply want the browser not to show previously entered information, I want it not to be cached for security reasons. 我不是简单地希望浏览器不显示以前输入的信息,我希望它不会出于安全原因而被缓存。

I tried decorating the controller method with: 我尝试用以下方法装饰控制器方法: 

[ResponseCache(NoStore = true, Location = ResponseCacheLocation.None)]

to no avail, when I again navigate to the page/form and start typing, previously entered values keep showing up as autocomplete options. 无济于事,当我再次导航到页面/表单并开始输入时,之前输入的值会一直显示为自动完成选项。

I've tried playing with every nuance of this as well: Response Caching Middleware in ASP.NET Core 我也试过玩这个的每个细微差别: ASP.NET Core中的响应缓存中间件

How is this done for all browsers nowadays? 现在如何为所有浏览器完成这项工作?

2 个解决方案

解决方案1
 0 已采纳  2019-05-13 02:40:11

Sounds like it is caused by the autocompletion feature of browser: 听起来像是由浏览器的自动完成功能引起的:

By default, browsers remember information that the user submits through fields on websites. 默认情况下,浏览器会记住用户通过网站上的字段提交的信息。 This enables the browser to offer autocompletion (that is, suggest possible completions for fields that the user has started typing in) or autofill (that is, pre-populate certain fields upon load). 这使浏览器能够提供自动完成(即,建议用户已开始输入的字段的可能完成)或自动填充(即,在加载时预先填充某些字段)。

To disable this feature for a form: 要为表单禁用此功能: 

<form autocomplete="off">
    ... 
</form>

Or disable a field : 或禁用字段: 

<input ... autocomplete="off">

Here's a detailed explanation on off 这是off的详细解释

The "off" keyword indicates either that the control's input data is particularly sensitive (for example the activation code for a nuclear weapon); “off”关键字表示控件的输入数据特别敏感(例如核武器的激活码); or that it is a value that will never be reused (for example a one-time-key for a bank login) and the user will therefore have to explicitly enter the data each time, instead of being able to rely on the user agent to prefill the value for him; 或者它是一个永远不会被重用的值(例如银行登录的一次性密钥),因此用户每次都必须明确输入数据,而不是依赖用户代理来预先填补他的价值; or that the document provides its own autocomplete mechanism and does not want the user agent to provide autocompletion values. 或者文档提供了自己的自动完成机制,并且不希望用户代理提供自动完成值。

For more details, see how to disable autocompletion on MDN and w3c.org 有关更多详细信息,请参阅如何在MDNw3c.org 上禁用自动完成 功能

Hope it helps. 希望能帮助到你。

解决方案2
 0  2019-05-13 07:56:29

You can use autocomplete="off" for html elements but chrome prevent this for some names like "name", "address" etc. 您可以对html元素使用autocomplete =“off”,但chrome会阻止某些名称,例如“name”,“address”等。

This topic was discussed earlier. 之前讨论过这个话题。 Chrome ignores autocomplete="off" Chrome会忽略autocomplete =“off”

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 在中间件管道中缓存 JWT - Identity Server 4 .NET Core 2.2 - Caching a JWT in the Middleware Pipeline - Identity Server 4 .NET Core 2.2 .NET Core 2.2 计划作业防止同一作业的并发 - .NET Core 2.2 Scheduled Jobs Prevent Concurrency on same job ASP.NET Core 2.2响应缓存在浏览器上不起作用 - asp.net core 2.2 response cache not work on browser 防止在 VS 19 的 ASP.NET Core 中缓存视图 - Prevent Caching Views in ASP.NET Core in VS 19 在 ASP.NET Core 2.2 中,如何创建自定义注册表单 - In ASP.NET Core 2.2, How to create a custom Registration Form 表单不返回值 ASP.NET Core 2.2 - Form don't return value ASP.NET Core 2.2 在razor,asp.net Core 2.2页面之间传递值 - Passage of values ​between pages razor, asp.net Core 2.2 在.Net Core 2.2中发送HTML - Send Html in .Net Core 2.2 .net 内核 2.2 Session 注销 - .net core 2.2 Session logout .NET Core 2.2程序集FileLoadException - .NET Core 2.2 Assembly FileLoadException
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM