Add Cache-Control: no-store for authenticated pages; fix payment onclick encoding
Prevents browsers from caching authenticated pages, which resolves stale/corrupt cache bugs (e.g. Firefox refusing to navigate to a specific invoice). Also fixes the Edit Payment button onclick to use Json.Serialize for Reference/Notes so apostrophes and other special characters don't break the JavaScript string literal. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -653,6 +653,11 @@ app.Use(async (context, next) =>
|
||||
context.Response.Headers.Append("Permissions-Policy",
|
||||
"geolocation=(), microphone=(), camera=()");
|
||||
|
||||
// Prevent browsers from caching authenticated pages — avoids stale data and
|
||||
// browser-specific cache corruption bugs (e.g. Firefox caching a partial load).
|
||||
if (context.User.Identity?.IsAuthenticated == true)
|
||||
context.Response.Headers.Append("Cache-Control", "no-store");
|
||||
|
||||
await next();
|
||||
});
|
||||
|
||||
|
||||
@@ -409,7 +409,7 @@
|
||||
@if (!isVoided)
|
||||
{
|
||||
<button type="button" class="btn btn-sm btn-outline-secondary me-1" title="Edit payment"
|
||||
onclick="openEditPaymentModal(@p.Id, @Model.Id, '@p.PaymentDate.ToString("yyyy-MM-dd")', @((int)p.PaymentMethod), '@(p.Reference ?? "")', '@(p.Notes ?? "")', @(p.DepositAccountId?.ToString() ?? "null"))">
|
||||
onclick="openEditPaymentModal(@p.Id, @Model.Id, '@p.PaymentDate.ToString("yyyy-MM-dd")', @((int)p.PaymentMethod), @Json.Serialize(p.Reference ?? ""), @Json.Serialize(p.Notes ?? ""), @(p.DepositAccountId?.ToString() ?? "null"))">
|
||||
<i class="bi bi-pencil"></i>
|
||||
</button>
|
||||
<form asp-action="DeletePayment" asp-route-invoiceId="@Model.Id" asp-route-paymentId="@p.Id"
|
||||
|
||||
Reference in New Issue
Block a user