Description
Is there an existing issue for this?
- I have searched the existing issues
Describe the bug
Currently, using the default antiforgery implementation (DefaultAntiforgery) the headers "no-cache, no-store" are supplied.
The no-store header has the unfortunate side effect of slowing browser navigation by incurring additional web requests to the server whenever the user navigates using the forward and backward buttons.
From my (limited) understanding of antiforgery tokens, this should be entirely doable.
This results in a page diagnostics warning. The rest of the reasons for this error disappear without the debugger attached.
Disabling antiforgery site-wide is not simple nor does it appear to be officially supported.
Expected Behavior
Antiforgery should use no-cache instead of no-cache, no-store; or at least make this configurable so that backward-forward caching can be easily enabled.
Steps To Reproduce
-
Create a blank project
-
Disable dom preservation by replacing
<script src="_framework/blazor.web.js"></script>
With
<script src="_framework/blazor.web.js" autostart="false"></script> <script> Blazor.start({ ssr: { disableDomPreservation: true } }); </script>
-
Add the time to the home page so we can see whether it's being cached
-
Launch the application.
-
Navigate from the home page to another page, and then navigate back to the home page using the back button.
-
Observe that the time has been updated, and in the network tab observe that a web request has been made.
You can check out the project here.
https://github.com/Fydar/AntiforgeryNoCacheIssue
Exceptions (if any)
No response
.NET Version
8.0.200