tags:

views:

496

answers:

2
+2  Q: 

With Rails, How can I expire the Browser's cache?

I have an issue with my Rails application and the browser's cache: When a user logs out of the authenticated section of the site, they are still able to use the back button on the browser to see the authenticated page. I do not want to allow this.

How can I expire the cache and force it to reload.

Thank you

+2  A: 

The following headers should do that. Whatever page you're trying protect, add them there.

Expires: Sat, 26 Jul 1997 05:00:00 GMT
Last-Modified: "now"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

Obviously, the now needs to be dynamic.

Till  2009-04-14 23:31:11
+1  A: 

Just to be safe, you might also want to specify

<META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE">
<META HTTP-EQUIV="EXPIRES" CONTENT="0">
<META HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE">

in your pages.

Chas. Owens  2009-04-14 23:35:30

related questions

Make Browser Window Blink in Task Bar
Large File Download
Browser's Default CSS
Disable browser 'Save Password' functionality
What's the simplest way to decremement a date in Javascript by 1 day?
Browser scrollbar
Limitations of screen readers.
Version detection with Silverlight
Best way to fix CSS/JS drop-down problem in IE7 when page includes Google Map
Recommendations for browser add-on tools to help with development
Hyperlinks displaced on IE7
Building Standalone Applications in JavaScript
HTML differences between browsers
Browser Sync accross many machines
Getting selected text in a browser, cross-platform.
How to get PNG transparency working in browsers that don't natively support it?
Best WYSIWYG CSS editor?
Javascript events
Preferred way to use favicons?
IE6: To support or not to support.
Getting the text from a drop-down box
Other browsers
Drag and Drop to a hosted Browser control
How can I tell if a web client is blocking ads?
How can I determine a web user's time zone?