How can I completely supress the output of the Cache-Control Header that is returned by my custom HttpHandler in ASP.NET?

I know, I can change the header field by modifying response.Cache and response.Cache.SetCacheability, but that will only change the header field, not remove it. That is not what I want. I completely want to make no assumptions about the Cache-Control field and leave it up to the browsers policy.

EDIT: The same holds true for HttpResponse.Charset. If no charset is set, ASP.NET will always set it to "utf-8", although returning a header "Content-Type: text/html" without the charset parameter is perfectly valid html. Any idea how to supress the charset, too?

You can remove header values using

HttpContext.Current.Response.Headers.Remove("HEADER-VALUE-HERE"); 

If you are using a IIS7 integrated pipeline, however some header values are protected and cannot be removed (i.e they are injected after the response is dealt with on the most common page lifecycles).

What you can do if the above fails (ie its protected) is you can make a module to manually hook into the PreSendRequestHeaders and use the code above to remove the header at this point.

The majority of problems removing the header is not the inabillity to remove it, its to remove it at the correct time.

I believe using a custom http handler you should be able to remove it at the instantiation of the handler though.

I'm only guessing here, but I would think that this is configured within IIS -- on the website (or virtual directory)'s Properties dialog, there is a section called "Enable content expiration". Does unticking this box suppress the header?

If you don't have access to your IIS Manager, then I'm afraid I am not sure how you could suppress that header. Looking at the docs, response.Headers is a read-only property, so setting it to an empty string isn't going to work...