I have defined the following cache setting inside my asp.net mvc web application, to cache the action method data on the client:-
[Authorize] [OutputCache(CacheProfile = "VShort", Location = OutputCacheLocation.Client, VaryByHeader = "X-Requested-With")] public ActionResult Index(string searchTerm = "", int page = 1)public ActionResult Index(string searchTerm = "", int page = 1)
But I have the following question regarding the security concerns of caching data on the client:
If an authorized user access the system from a public PC, and the asp.net mvc web application uses windows authentication to authenticate users. So will external users who access the same public PC can see the cached data . or cached data can only be accessed and views by authenticated and authorized users ?
If caching data on the client will expose the data to external users, is there a way to make the client cached data more secure?