Does this method do what it says it will do (prevent the page from being cached)?

Question

private void PreventPageFromBeingCached(AuthorizationContext filterContext)
{
    var cachePolicy = filterContext.HttpContext.Response.Cache;
    cachePolicy.SetProxyMaxAge(new TimeSpan(0));
}

The reason I ask is that I originally had the following code in a custom AuthorizeAttribute:

private void PreventPageFromBeingCached(AuthorizationContext filterContext)
{
    var cachePolicy = filterContext.HttpContext.Response.Cache;
    cachePolicy.SetProxyMaxAge(new TimeSpan(0));
    cachePolicy.AddValidationCallback(CacheValidateHandler, null);
}

protected void CacheValidateHandler(
    HttpContext context, object data, ref HttpValidationStatus validationStatus)
{
    //todo validationStatus = OnCacheAuthorization(new HttpContextWrapper(context));
}

I basically pasted this code from an answer on StackOverflow a while ago, and I have since moved this logic to an IAuthorizationFilter.

The problem is, by switching to an interface, I've lost AuthorizeAttribute's implementation of OnCacheAuthorization. According to the docs, OnCacheAuthorization is "called when the caching module requests authorization." This doesn't really tell me what I would need to do to implement this method, or if I even need the callback in the first place.

Questions

1. Will PreventPageFromBeingCached actually prevent the page from being cached with just the two lines of code or do I need to also include cachePolicy.AddValidationCallback(CacheValidateHandler, null); and the CacheValidateHandler() method (plus an implementation of OnCacheAuthorization())?
2. If I do need the extra code, what exactly does it do?
3. If I have it all wrong, how do I prevent a page from being cached?

Answer 1

Personally, I like the controller approach as I've specified here

You don't have the issues you are concerned about the best I've been able to tell through using this in my apps as you are using client caching.