.NET Core 2.2 中防止浏览器缓存表单值
Prevent browser caching form values in .NET Core 2.2
ASP.net 核心 2.2 MVC Web 应用程序
我有很多表单,我不希望浏览器在用户 return 到页面时 cache/show 任何以前输入的数据。我希望 elements/form 不缓存任何信息。我不只是希望浏览器不要 显示 以前输入的信息,出于安全原因我希望它不要被缓存。
我尝试用以下方法装饰控制器方法:
[ResponseCache(NoStore = true, Location = ResponseCacheLocation.None)]
无济于事,当我再次导航到 page/form 并开始输入时,之前输入的值继续显示为自动完成选项。
我也试过玩这个的每一个细微差别:
Response Caching Middleware in ASP.NET Core
如今所有浏览器如何做到这一点?
听起来像是浏览器的 autocompletion 功能引起的:
By default, browsers remember information that the user submits through fields on websites. This enables the browser to offer autocompletion (that is, suggest possible completions for fields that the user has started typing in) or autofill (that is, pre-populate certain fields upon load).
要为表单禁用此功能:
<form autocomplete="off">
...
</form>
或禁用一个字段:
<input ... autocomplete="off">
下面是off
的详细解释
The "off" keyword indicates either that the control’s input data is particularly sensitive (for example the activation code for a nuclear weapon); or that it is a value that will never be reused (for example a one-time-key for a bank login) and the user will therefore have to explicitly enter the data each time, instead of being able to rely on the user agent to prefill the value for him; or that the document provides its own autocomplete mechanism and does not want the user agent to provide autocompletion values.
有关详细信息,请参阅 how to disable autocompletion on MDN and w3c.org
希望对您有所帮助。
您可以对 html 元素使用 autocomplete="off",但 chrome 阻止对某些名称(例如 "name"、"address" 等)使用此功能
之前讨论过这个话题。 Chrome ignores autocomplete="off"
ASP.net 核心 2.2 MVC Web 应用程序
我有很多表单,我不希望浏览器在用户 return 到页面时 cache/show 任何以前输入的数据。我希望 elements/form 不缓存任何信息。我不只是希望浏览器不要 显示 以前输入的信息,出于安全原因我希望它不要被缓存。
我尝试用以下方法装饰控制器方法:
[ResponseCache(NoStore = true, Location = ResponseCacheLocation.None)]
无济于事,当我再次导航到 page/form 并开始输入时,之前输入的值继续显示为自动完成选项。
我也试过玩这个的每一个细微差别: Response Caching Middleware in ASP.NET Core
如今所有浏览器如何做到这一点?
听起来像是浏览器的 autocompletion 功能引起的:
By default, browsers remember information that the user submits through fields on websites. This enables the browser to offer autocompletion (that is, suggest possible completions for fields that the user has started typing in) or autofill (that is, pre-populate certain fields upon load).
要为表单禁用此功能:
<form autocomplete="off">
...
</form>
或禁用一个字段:
<input ... autocomplete="off">
下面是off
The "off" keyword indicates either that the control’s input data is particularly sensitive (for example the activation code for a nuclear weapon); or that it is a value that will never be reused (for example a one-time-key for a bank login) and the user will therefore have to explicitly enter the data each time, instead of being able to rely on the user agent to prefill the value for him; or that the document provides its own autocomplete mechanism and does not want the user agent to provide autocompletion values.
有关详细信息,请参阅 how to disable autocompletion on MDN and w3c.org
希望对您有所帮助。
您可以对 html 元素使用 autocomplete="off",但 chrome 阻止对某些名称(例如 "name"、"address" 等)使用此功能
之前讨论过这个话题。 Chrome ignores autocomplete="off"