diff --git a/docs/changelog/7.x.x.txt b/docs/changelog/7.x.x.txt
index 25c672ddd..e35a03fb5 100644
--- a/docs/changelog/7.x.x.txt
+++ b/docs/changelog/7.x.x.txt
@@ -1,6 +1,7 @@
 7.8.12
  - fixed #11390: Meta description duplicated in asset Folder
  - fixed #11391: Duplicated Thingy maintains ids for storage fields
+ - fixed #11381: Captcha of DataForm cached
 
 7.8.11
  - fixed #11362: Unable to checkout with ITransact plugin
diff --git a/lib/WebGUI/Asset/Wobject/DataForm.pm b/lib/WebGUI/Asset/Wobject/DataForm.pm
index cdc4e8889..ccb7c4846 100644
--- a/lib/WebGUI/Asset/Wobject/DataForm.pm
+++ b/lib/WebGUI/Asset/Wobject/DataForm.pm
@@ -227,8 +227,7 @@ an entry is being viewed, or the DataForm has a captcha, bypass caching altogeth
 
 sub getContentLastModified {
     my $self = shift;
-    my $hasCaptcha = isIn('Captcha', map { $_->{type} } map { $self->getFieldConfig($_) } @{ $self->getFieldOrder });
-    if ($self->currentView eq 'list' || $self->session->form->process('entryId') || $hasCaptcha) {
+    if ($self->currentView eq 'list' || $self->session->form->process('entryId') || $self->hasCaptcha) {
         return time;
     }
     return $self->SUPER::getContentLastModified;
@@ -236,6 +235,19 @@ sub getContentLastModified {
 
 #-------------------------------------------------------------------
 
+=head2 hasCaptcha
+
+Returns true if the DataForm uses a captcha as one of the fields.
+
+=cut
+
+sub hasCaptcha {
+    my $self = shift;
+    return isIn('Captcha', map { $_->{type} } map { $self->getFieldConfig($_) } @{ $self->getFieldOrder });
+}
+
+#-------------------------------------------------------------------
+
 =head2 renameField ($oldName, $newName)
 
 Renames a field by name
@@ -1267,6 +1279,9 @@ sub viewForm {
         $entry = $self->entryClass->new($self, ($entryId && $self->canEdit) ? $entryId : ());
     }
     $var = $passedVars || $self->getRecordTemplateVars($var, $entry);
+    if ($self->hasCaptcha) {
+        $self->session->http->setCacheControl('none');
+    }
     return $self->processTemplate($var, undef, $self->{_viewFormTemplate});
 }
 
diff --git a/lib/WebGUI/Session/Http.pm b/lib/WebGUI/Session/Http.pm
index 68349d2e3..220d1daf7 100644
--- a/lib/WebGUI/Session/Http.pm
+++ b/lib/WebGUI/Session/Http.pm
@@ -308,8 +308,14 @@ sub sendHeader {
 		} 
 		# in all other cases, set cache, but tell it to ask us every time so we don't mess with recently logged in users
 		else {
-			$request->headers_out->set('Last-Modified' => $date);
-  			$request->headers_out->set('Cache-Control' => "must-revalidate, max-age=" . $cacheControl);
+            if ( $cacheControl eq "none" ) {
+                $request->headers_out->set("Cache-Control" => "private, max-age=1");
+                $request->no_cache(1);
+            }
+            else {
+                $request->headers_out->set('Last-Modified' => $date);
+                $request->headers_out->set('Cache-Control' => "must-revalidate, max-age=" . $cacheControl);
+            }
 			# do an extra incantation if the HTTP protocol is really old
 			if ($request->protocol =~ /(\d\.\d)/ && $1 < 1.1) {
 				my $date = $datetime->epochToHttp(time() + $cacheControl);