ASP.net AppendHeader在ASP MVC中不起作用
[英]ASP.net AppendHeader not working in ASP MVC
问题描述
I'm having problems getting AppendHeader to work properly if I am also using an authorize filter. 
如果我还使用授权过滤器,则我无法使AppendHeader正常工作。 I'm using an actionfilter for my AJAX actions that applies Expires, Last-Modified, Cache-Control and Pragma (though while testing I have tried including it in the action method itself with no change in results). 我正在为我的AJAX操作使用一个操作过滤器,该操作应用了Expires,Last-Modified,Cache-Control和Pragma(尽管在测试时,我尝试将其包括在操作方法本身中,但结果没有变化)。
If I don't have an authorize filter the headers work fine. 如果我没有授权过滤器,则标题工作正常。 Once I add the filter the headers I tried to add get stripped. 添加过滤器后,我尝试添加的标头就会被剥离。
The headers I want to add 我要添加的标题
Response.AppendHeader("Expires", "Sun, 19 Nov 1978 05:00:00 GMT");
Response.AppendHeader("Last-Modified", String.Format("{0:r}", DateTime.Now));
Response.AppendHeader("Cache-Control", "no-store, no-cache, must-revalidate");
Response.AppendHeader("Cache-Control", "post-check=0, pre-check=0");
Response.AppendHeader("Pragma", "no-cache");
An example of the headers from a correct page: 来自正确页面的标题示例:
Server ASP.NET Development Server/9.0.0.0 Date Mon, 14 Jun 2010 17:22:24 GMT X-AspNet-Version 2.0.50727 X-AspNetMvc-Version 2.0 Pragma no-cache Expires Sun, 19 Nov 1978 05:00:00 GMT Last-Modified Mon, 14 Jun 2010 18:22:24 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Content-Type text/html; charset=utf-8 Content-Length 352 Connection Close
And from an incorrect page: 并从不正确的页面:
Server ASP.NET Development Server/9.0.0.0 Date Mon, 14 Jun 2010 17:27:34 GMT X-AspNet-Version 2.0.50727 X-AspNetMvc-Version 2.0 Pragma no-cache, no-cache Cache-Control private, s-maxage=0 Content-Type text/html; charset=utf-8 Content-Length 4937 Connection Close
1 个解决方案
解决方案1
0 已采纳 2010-06-14 17:47:44
To manage the output cache you can use OutputCache attribute on your Action 要管理输出缓存,可以在Action上使用OutputCache属性
EDIT 编辑
If you are looking to the AuthorizeAttribute source code, you will see it overrides the output cache policy and the reason is in comments in this code: 如果您正在寻找AuthorizeAttribute源代码,则会看到它覆盖了输出缓存策略,其原因在此代码的注释中:
if (AuthorizeCore(filterContext.HttpContext)) {
// ** IMPORTANT **
// Since we're performing authorization at the action level, the authorization code runs
// after the output caching module. In the worst case this could allow an authorized user
// to cause the page to be cached, then an unauthorized user would later be served the
// cached page. We work around this by telling proxies not to cache the sensitive page,
// then we hook our custom authorization code into the caching mechanism so that we have
// the final say on whether a page should be served from the cache.
HttpCachePolicyBase cachePolicy = filterContext.HttpContext.Response.Cache;
cachePolicy.SetProxyMaxAge(new TimeSpan(0));
cachePolicy.AddValidationCallback(CacheValidateHandler, null /* data */);
...
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.