D
damiensawyer
Hi,
I have a requirement to ensure that pages do not store anywhere in the
browser cache. Essentialy, when the user hits logout, the information
they've been reading needs to be completely innaccesable.
I have done a bit of Googling and found articles suggesting the
following HTTP-EQUIV meta tags. The page loads and validates via WC3,
however fails to secure the content.
I'm testing in Firefox 2 by opening the below file from a local disk.
I then leave the page, set the browser to 'work offline' and open the
file from 'history'. The page appears in full. I have also tested the
file served via http from a web browser to the same result.
Can someone please tell me what I'm doing wrong?
Thanks in advance,
Damien
------ HTML File ----------
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<META HTTP-EQUIV="CONTENT-TYPE" CONTENT="TEXT/HTML;
CHARSET=WINDOWS-1250">
<META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE; NO-STORE;
PRIVATE; MUST-REVALIDATE">
<META HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE"> <!-- Backward
compatibility with HTTP 1.0-->
<META HTTP-EQUIV="EXPIRES" CONTENT="-1">
<title>Sample Document which should not be stored in browser cache</
title>
</head>
<body>
This is a sample expired Document
</body>
</html>
I have a requirement to ensure that pages do not store anywhere in the
browser cache. Essentialy, when the user hits logout, the information
they've been reading needs to be completely innaccesable.
I have done a bit of Googling and found articles suggesting the
following HTTP-EQUIV meta tags. The page loads and validates via WC3,
however fails to secure the content.
I'm testing in Firefox 2 by opening the below file from a local disk.
I then leave the page, set the browser to 'work offline' and open the
file from 'history'. The page appears in full. I have also tested the
file served via http from a web browser to the same result.
Can someone please tell me what I'm doing wrong?
Thanks in advance,
Damien
------ HTML File ----------
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<META HTTP-EQUIV="CONTENT-TYPE" CONTENT="TEXT/HTML;
CHARSET=WINDOWS-1250">
<META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE; NO-STORE;
PRIVATE; MUST-REVALIDATE">
<META HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE"> <!-- Backward
compatibility with HTTP 1.0-->
<META HTTP-EQUIV="EXPIRES" CONTENT="-1">
<title>Sample Document which should not be stored in browser cache</
title>
</head>
<body>
This is a sample expired Document
</body>
</html>