Preventing Page Review after Logout with Forms Authentication

My latest ASP Alliance article has been published today:

The inclusion of Forms Authentication in the .NET Framework has been a significant benefit to developers securing web-based applications. While pages can be secured server-side, local caching by browsers and proxy servers may allow a user to review information even after they have logged out. In some cases, this may present a risk to the user’s confidential information. This article discusses three HTTP headers that can be used to prevent local caching of web pages, adding some protection to the user’s data.