Unable to prevent cache storage




13 years ago
10 years ago


(Reporter: kanig, Unassigned)


Firefox Tracking Flags

(Not tracked)




13 years ago
User-Agent:       Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en-us) AppleWebKit/312.5.1 (KHTML, like Gecko) Safari/312.3.1
Build Identifier: FF 1.0.7 and Camino 0.8.4

My online medical application includes dynamic content with confidential patient information. It is absolutely essential that cache storage be prevented so that when a page times out, somebody cannot come along and back up to confidential content. I have been able to prevent cache storage for every browser except FF and Camino. Despite your previous statement (in response to an earlier report of a similar problem) that "cache-control: no-store" should work, it doesn't. I would really appreicate knowing how to solve this, or for you to fix the problem on your end. Here is my header:

<meta http-equiv="Expires" content="Tue, 04-Dec-1993 21:29:02 GMT">
<meta http-equiv="Last Modified"
        CONTENT="Mon, 04-Dec-2006 21:29:02 GMT" >
<meta http-equiv="Cache-Control"
        CONTENT="no-store, no-cache, must-revalidate, max-age=0">
<meta-http-equiv="Cache-Control" content="no-store">
<meta http-equiv="Cache-Control"
        CONTENT="post-check=0, pre-check=0", false>
<meta http-equiv="Pragma" CONTENT="no-cache">
<title>CustomEHR Personal Start Page</title>

Am I doing something wrong? Thank you very much.
Steve Kanig

Reproducible: Always

Steps to Reproduce:
1. Use the back button from any page.
Actual Results:  
FF (and Camino) reloads from Cache. 

Expected Results:  
Page should be reloaded from the server.

Sorry that I'm writing about a previously reported problem, but it still exists. Thank you very much for your help.

Comment 1

13 years ago
Reporter, are you talking about the disk-cache or the memory-cache ? The first is non-volatile, and can be read externally, the second one is in memory, but we also have to support forward/backwards caches.

See bug 112564 and bug 261312 comment 7.

Comment 2

13 years ago
I'm talking primarily about memory-cache: I need to be able to prevent cache storage within a given session for my site, for the reasons I described. Of course every browser has to be able to support forwards/backwards caches, but that is not inconsistent with allowing a site to block memory-cache for dynamic content which should not be stored. "cache-control: no-store" is supposed to do this. It does not work for Firefox. The combination of header statements I copied above *does* work for every other browser. Why not Firefox (and Camino)???

Comment 3

13 years ago
Sounds like a dup of bug 272857.  Try using http headers instead of meta tags.

*** This bug has been marked as a duplicate of 272857 ***
Last Resolved: 13 years ago
Resolution: --- → DUPLICATE

Comment 4

13 years ago
Yes, using http headers instead of meta tags solved the problem.

Thank you!


13 years ago


10 years ago
Component: History → Bookmarks & History
QA Contact: history → bookmarks
You need to log in before you can comment on or make changes to this bug.