WebApp Sec mailing list archives
RE: Cache-Control
From: "Thor Larholm" <thor () pivx com>
Date: Mon, 15 Sep 2003 11:19:53 -0700
Caching Tutorial for Web Authors and Webmasters http://www.mnot.net/cache_docs/ As for cookies on your localhost HTTP server, change your HOSTS file to make 127.0.0.1 point at a made up name, like 127.0.0.1 localhost.com Regards Thor Larholm PivX Solutions, LLC - Senior Security Researcher http://www.pivx.com/larholm/unpatched - Unpatched IE vulnerabilities -----Original Message----- From: Pessoft [mailto:pessoft () seznam cz] Sent: Sunday, September 14, 2003 4:38 PM To: webappsec () securityfocus com Subject: Cache-Control I need to disable caching my page for maximal security, but i don't know how. I've tried using http headers Pragme, Expires, Cache-Control without success. Under Opera page works fine, but IE still caches links and after switching from one section to another after logoff when i try to return to section one IE reads cached page and shows, that i'm logged in, but actually i'm not. Also when i run script which outputs $_SERVER['HTTP_CACHE_CONTROL'] Opera writes "no-cache", but IE writes ~ undefined variable ~. I've tried IE 5.5 under Win98se and also IE under WinXP. Pessoft PS: Anybody knows how to enable cookies in IE for localhost HTTP server.
Current thread:
- Cache-Control Pessoft (Sep 15)
- Re: Cache-Control Sverre H. Huseby (Sep 15)
- <Possible follow-ups>
- RE: Cache-Control Thor Larholm (Sep 15)