ASP Classic Journeys: no-store

by Mauricio Rojas, on Mar 24, 2020 11:07:05 AM

While doing a migration from ASP Classic to ASP.NET we encountered some usages of the "no-store" CacheControl.

In ASP Classic the accepted values for CacheControl are:


Value	Description
Private	A cache mechanism may cache this page in a private cache and resend it only to a single client. This is the default value. Most proxy servers will not cache pages with this setting.
Public	Shared caches, such as proxy servers, will cache pages with this setting. The cached page can be sent to any user.
No-cache	Do not cache this page, even if for use by the same client.
No-store	The response and the request that created it must not be stored on any cache, whether shared or private. The storage inferred here is nonvolatile storage, such as tape backups. This is not an infallible security measure.

The .NET implementation only allows some values. Let's see the code for the .NET implementation:

CacheControl

So that means that there is no direct equivalent of "no-store"

The closest equivalent can be achieved with code like:

Response.Cache.SetCacheability(HttpCacheability.NoCache);
Response.Cache.AppendCacheExtension("no-store, must-revalidate");
Response.AppendHeader("Pragma", "no-cache");
Response.AppendHeader("Expires", "0");

The first line sets Cache-control to no-cache, and the second line adds the other attributes no-store, must-revalidate.

.NET & Web Migrations

Native Web & Cloud Migrations

Solutions

Technology Services

Transformation Services

Not Sure Where to Start?