Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Agile forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

prevent page caching

 
James Hoare
Greenhorn
Posts: 9
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have a problem with one of my pages caching and I need a way of preventing this. I have tried adding the following to the page, but it doesn't prevent caching in IE or FF?

<%
response.setHeader("Cache-Control","no-cache");
response.setHeader("Pragma","no-cache");
response.setDateHeader ("Expires", -1);
%>

The problem I have is that when a user clicks on the back button in the browser the form details are still present, I would like to prevent this.

Please can you help.
 
Ulf Dittmer
Rancher
Pie
Posts: 42967
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The web app has no control over what the browser does upon clicking the back button. Most of the times, the browser will re-display its cached version of the previous page, no matter what the cache settings are. That's just how the Back button works.

What problem does that present to your application? There may be ways to prevent any possible negative side effects.
 
James Hoare
Greenhorn
Posts: 9
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks for the quick response. The problem is that the details cached are credit card details, therefore ideally I would like the information removed from the form if the back button is used.
 
Lauri Lehtinen
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I struggled with a pretty much identical case a while ago - I found no way of preventing the browser of caching a page and letting the user access it by clicking on the Back button, even after they had logged out. I was looking at the headers set by my Internet bank site and some webmails, until I realised it was the use of https that did the trick. I wasn't using https on my development machine, which caused the confusion. Since you're handling credit card info, I'd assume you'll be using https in production as well?
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic