how we can delete cache forcefully when user logs-in using javascript.

Question

Can anybody tell me how we can delete browser cache using javascript. I want this because I am giving user, file for download with url ('http://www.example.com/docs/doc1.xlsx'). and this files are accessible for that specific user only.

I am checking with htaccess redirect to other action which redirect to that specific file url if user does not have access then Access Denied page come.

But problem is when valid user download that file and logs out from application and copied above url and hit enter on browser file gets for download without accessing to server, which happens due to caching in browser.

So I want to delete cache when user logs out of system.

Alternative solutions are most welcome.

Answer 1

This is not possible. Php only works serverside and using javascript is not working because of security issues. ActiveX is not an option eigther i guess.

What you can do is to attach a no-cache header for a page that must reload each time.

Answer 2

In short, you can't (or, at least, I have never seen a way of doing it).

You'll need to do it on the server side by sending the correct cache-busting headers. Something like:

Cache-Control: no-cache, must-revalidate, max-age=0

You can do this using (to steal an example from the PHP documentation):

header("Cache-Control: no-cache, must-revalidate, max-age=0");
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");

Answer 3

Rather than giving direct access to the file (as you mentioned "http://www.example.com/docs/doc1.xlsx"), I think you should read the the file in php and give it for download after checking for the valid user..

Example taken from php.net

<?php
// downloading a file
$filename = $_GET['path'];

/**
* YOU CAN CHECK YOUR VALIDATIONS HERE.. 
*
*
*
*/


// fix for IE catching or PHP bug issue
header("Pragma: public");
header("Expires: 0"); // set expiration time
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
// browser must download file from server instead of cache

// force download dialog
header("Content-Type: application/force-download");
header("Content-Type: application/octet-stream");
header("Content-Type: application/download");

// use the Content-Disposition header to supply a recommended filename and
// force the browser to display the save dialog.
header("Content-Disposition: attachment; filename=".basename($filename).";");

/*
The Content-transfer-encoding header should be binary, since the file will be read
directly from the disk and the raw bytes passed to the downloading computer.
The Content-length header is useful to set for downloads. The browser will be able to
show a progress meter as a file downloads. The content-lenght can be determines by
filesize function returns the size of a file.
*/
header("Content-Transfer-Encoding: binary");
header("Content-Length: ".filesize($filename));

@readfile($filename);
exit(0);
?>

Hope this helps.. Thanks...

Answer 4

I have resolved issue without major modifications. Firstly I tried by setting header as you people suggested. Before redirecting for file to download I tried to set header for cache-control, but it doesn't work at all.

So I stretch my mind more and find simple solution by setting headers in .htaccess file which is located in folder where all downloadable files are located. That means cache-control header is set to download files response.

But still one thing in mind why above solutions not working.

And one more thing Pragma: "no-cache" not working for IE. that is it gives error while downloading requested file as "requested site is unavailable or cannot be found". So I have set it to Pragma: public. But I doubt whether it is secure.