Can server caching of image be disabled?

3 posts, 0 answers
  1. David
    David avatar
    2 posts
    Member since:
    Feb 2011

    Posted 01 Apr 2013 Link to this post

    Hello,

    The WebResource.axd is caching the image data on the server for a couple minutes.  Can this be changed?  We have a security concern where an unauthorized user could possibly view the generated image if they obtained the url.  We only want the image to be generated once for the initial rendering, and not cached on the server (or very briefly) if possible.

    Thanks 
  2. Princy
    Princy avatar
    17421 posts
    Member since:
    Mar 2007

    Posted 02 Apr 2013 Link to this post

    Hi David,

    The control uses an internal http handler which streams the image from the binary source to the page in which it has to be visualized.The storage of the binary stream when transferred between the control itself and the handler is the HttpContext.Current.Cache object and the image is cached in the browser. Its default expiration time is 2 hours (unless the control in which the RadBinaryImage is nested is rebound or recreated). This means that subsequent loads of the binary image are taken from the browser cache when using the same url for access.
    In case the browser cache is disabled, the image will be persisted for 2 minutes on the server before it is streamed to the page from the data source. This is the default nature and as far as i know, its not possible to disable caching for a particular control. One suggestion is like you can use a UserControl containing the RadBinaryImage and disable caching for that User Control.

    Thanks,
    Princy.
  3. UI for ASP.NET Ajax is Ready for VS 2017
  4. msigman
    msigman avatar
    141 posts
    Member since:
    Apr 2008

    Posted 06 May 2013 Link to this post

    If you set up Authentication in web.config you can control access to that resource to ensure only authenticated users can access it, even if they obtain the URL. It seems like this may be a more robust approach than trying to "hide" the URL.  If not, then I suggest the approach Princy mentioned.
Back to Top