[Yanel-dev] [Bug 6465] after log-in log-out does not show any
change
Julian Reschke
julian.reschke at gmx.de
Thu Jul 10 17:00:54 CEST 2008
simon litwan wrote:
> Julian Reschke schrieb:
>> simon litwan wrote:
>>> do you mean set "Cache-Control" headers to force the client not to
>>> cache any of access-controlled content?
>>
>> Yes, I think that's really needed. Otherwise both caches in browsers
>> and in proxies are allowed to keep the contents, and to serve it later
>> on...
> Now i see. as it is now it's also not really nice regarding security.
>
> WDOT?
> simon
The "right" thing to do probably is
Cache-Control: no-cache
However, something like
Cache-Control: max-age=60
may be acceptable as well (making the resource cacheable for 60 seconds)
BR, julian
More information about the Yanel-development
mailing list