Mobilize Blog

Application Modernization

Recent Posts

Posts by Topic

see all

ASP Classic Journeys: no-store

Posted by Mauricio Rojas on Mar, 24, 2020 @ 11:03

Find me on:

While doing a migration from ASP Classic to ASP.NET we encountered some usages of the "no-store" CacheControl.

In ASP Classic the accepted values for CacheControl are:






A cache mechanism may cache this page in a private cache and resend it only to a single client. This is the default value. Most proxy servers will not cache pages with this setting.




Shared caches, such as proxy servers, will cache pages with this setting. The cached page can be sent to any user.




Do not cache this page, even if for use by the same client.




The response and the request that created it must not be stored on any cache, whether shared or private. The storage inferred here is nonvolatile storage, such as tape backups. This is not an infallible security measure.


The .NET implementation only allows some values. Let's see the code for the .NET implementation:


So that means that there is no direct equivalent of "no-store"

The closest equivalent can be achieved with code like:

Response.Cache.AppendCacheExtension("no-store, must-revalidate");
Response.AppendHeader("Pragma", "no-cache");
Response.AppendHeader("Expires", "0");
The first line sets Cache-control to no-cache, and the second line adds the other attributes no-store, must-revalidate.

Topics: Visual Basic Upgrade Companion, ASP.NET/MVC, ASP, migration, upgrade