How to stop an ASP.NET webforms page caching different versions

Question

I have a default page that can display 3 different contents depending on whether:

The user is not logged in
The user is logged in but hasn't set something up yet
The user is logged in and has set something up

What's happening is that (1) and (2) will sometimes be displayed when it should be the other one. After I ctrl-r, the correct version displays.
This is nothing to do with the browser back button, it happens after clicking a menu option to go to the default page or performing some action that takes the user to the default page.

I also have a route set up for the page such that it's possible to append it with a username. eg: http://www.example.com/user1234

I mention this in case it may have something to do with it.

This is what I've tried to stop the caching:

<%@ OutputCache Location="None" VaryByParam="None" %>

That didn't work so I tried (in Page_Load):

Response.Cache.SetCacheability(System.Web.HttpCacheability.NoCache)
Response.Cache.SetNoStore()

Any ideas what I'm doing wrong?

ETA

As per a couple of comments, I tried it in Chrome incognito mode and there is no problem. I tried with the console open as well to see the headers but unfortunately the problem goes away then. Here's the headers anyway:

Request

GET / HTTP/1.1 Host: localhost:2873 Connection: keep-alive
Cache-Control: max-age=0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8 User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.92 Safari/537.36 Referer: .../signin Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8
Cookie: ...

Response

HTTP/1.1 200 OK Cache-Control: no-cache, no-store Pragma: no-cache Content-Type: text/html; charset=utf-8 Content-Encoding: gzip
Expires: -1 Vary: Accept-Encoding Server: Microsoft-IIS/8.0
X-AspNet-Version: 4.0.30319 X-SourceFiles: =?UTF-8?B?...
X-Powered-By: ASP.NET Date: Thu, 27 Mar 2014 20:17:39 GMT
Content-Length: 3045

ETA2

I've been testing in Chrome and I've just found out there's no problem in FireFox.

If I login/out/in/out... there is no problem
If I login/out then log in with the wrong password a couple of times (causing postbacks in the login page), and then log in again correctly, it always displays the incorrect logout page in Chrome.

Does this work correctly in Chrome Incognito? (This might help rule out any coding issues). If you use Fiddler do you see it make a request in the case where it's displaying the wrong one? (I assume that you do not see a request - and that it is indeed loading the cached copy) — ndhar
If you don't have Fiddler, you can use Chrome Dev tools. Does the response headers have max-age=0 and/or no-cache values? — James Lawruk
Ok, it works fine in incognito mode. Unfortunately, quantum effects come into play while the console is open and it doesn't happen. I'll add the request and response headers, for the default page when it does work, any way. — Jules

Humpy Humpy · Accepted Answer · 2014-04-03T16:14:13

I was having the same problem. What I did was place this

Response.CacheControl = "No-cache";

within the page load before any of the other code runs. The issue that this solved for me was similar tor yours. When a user logs in, a drop down box is loaded with different stores that the user belongs too. If I changed their stores, they could navigate back to the page and see their old set of stores. I placed the above in the page load and this solved my issues within IE, Chrome and Firefox. Hopefully something as easy as this will fix your problem.

How to stop an ASP.NET webforms page caching different versions

3 Answers