I have an issue with my Rails application and the browser's cache: When a user logs out of the authenticated section of the site, they are still able to use the back button on the browser to see the authenticated page. I do not want to allow this.
How can I expire the cache and force it to reload.
Thank you
From stackoverflow
-
The following headers should do that. Whatever page you're trying protect, add them there.
Expires: Sat, 26 Jul 1997 05:00:00 GMT Last-Modified: "now" Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cacheObviously, the now needs to be dynamic.
-
Just to be safe, you might also want to specify
<META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE"> <META HTTP-EQUIV="EXPIRES" CONTENT="0"> <META HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE">in your pages.
0 comments:
Post a Comment