WebApp Sec mailing list archives

Re: How to prevent Internet Explorer from locally caching pages

From: Liam Quinn <liam () htmlhelp com>
Date: Thu, 3 Apr 2003 20:35:36 -0500 (EST)

On 4 Apr 2003, Adrian Caneva wrote:

Expiration headers seem to be ignored by Internet Explorer behind a Proxy 
server when using BACK / FORWARD buttons.
On Microsoft's Knowledge Base Article  234067 (HOWTO: Prevent Caching in 
Internet Explorer) I've found that in fact this can happen.
And I could verify that, behind a Proxy, IE (6.0, 5.5, 5.0) gets the page 
from local disk cache although Expire = -1 header should force it ask the 
web server for an updated version.


FWIW, IE's behaviour seems to be in agreement with the HTTP/1.1 
specification:

   By default, an expiration time does not apply to history mechanisms.
   If the entity is still in storage, a history mechanism SHOULD display
   it even if the entity has expired, unless the user has specifically
   configured the agent to refresh expired history documents.

http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13.13

-- 
Liam Quinn

Current thread:

How to prevent Internet Explorer from locally caching pages Adrian Caneva (Apr 03)
- Re: How to prevent Internet Explorer from locally caching pages Liam Quinn (Apr 03)
  - Re: How to prevent Internet Explorer from locally caching pages Rory (Apr 03)
- <Possible follow-ups>
- RE: How to prevent Internet Explorer from locally caching pages David Cameron (Apr 03)
- Re: How to prevent Internet Explorer from locally caching pages Adrian Caneva (Apr 04)