[TYPO3] frontend users - user logged out, pages still in browser cache?
Tomasz Chmielewski
mangoo at wpkg.org
Mon Aug 6 17:04:08 CEST 2007
Dmitry Dulepov [typo3] schrieb:
>> However, after pressing "back" button in the browser, anyone can see the
>> content of this Very-Important-Page, which is of course undesired.
>>
>> Is there a workaround for that?
>
> I think you can send proper cache headers if user is logged in. Check
> TSRef/config for cache headers and TSRef/conditions to find how to
> detect if user is logged in.
Hmm, I'm not sure.
I tried disabling _all_ caching, by putting page.config.no_cache=1 to
the main template/setup, and it didn't help. Perhaps the proxy wouldn't
cache it, and the browser would delete it from cache after the browser
closed - but it doesn't help for a mere "back" button. Unless I do it wrong.
So I guess it must be something else?
To compare, I tried to log in to my internet banking, then - logged out,
and pressed "back" button. The browser complained that the form was
using POST method, and if I really want to resend form data. After
saying yes, I didn't see the my internet banking (obviously).
I noticed my bank's HTML code contained the following where the login
form was located:
<meta http-equiv="Pragma" content="no-cache"/>
<meta http-equiv="Cache-Control" content="no-cache"/>
Perhaps that's what I should try to put on a TYPO3-generated page?
Or do I get it all wrong?
--
Tomasz Chmielewski
http://wpkg.org
More information about the TYPO3-english
mailing list