Funkcionalnosć toś togo sedła se pśez wótwardowańske źěła wobgranicujo, kótarež maju wašo dožywjenje pólěpšyś. Jolic nastawk waš problem njerozwězujo a cośo pšašanje stajiś, wobrośćo se na našo zgromoźeństwo pomocy, kótarež na to caka, wam na @FirefoxSupport na Twitter a /r/firefox na Reddit pomagaś.

Pomoc pśepytaś

Glědajśo se wobšudy pomocy. Njenapominajomy was nigda, telefonowy numer zawołaś, SMS pósłaś abo wósobinske informacije pśeraźiś. Pšosym dajśo suspektnu aktiwitu z pomocu nastajenja „Znjewužywanje k wěsći daś“ k wěsći.

Dalšne informacije

J2EE application caching issue in Firefox 64 after setting "Cache-Control", "no-store, no-cache, must-revalidate" | "Pragma", "no-cache" |

  • 2 wótegronje
  • 1 ma toś ten problem
  • 4 naglědy
  • Slědne wótegrono wót mohanasundaram

more options

I have J2EE web application site which sends the response header as cache:control set to "no-store, no-cache". After logout when the user is pressing the back button of the browser, user is thrown with the cache-expired page, and it’s working as expected. But if the user clicks on the view-page-source on the cache expired page, user is shown with the source code of the previous logged in page with all confidential data pertaining to logged out user. Please let us know do we need any specific response header for Mozilla Firefox to disable the caching of the source code? Your help is much appreciated.

       p_response.setDateHeader("Expires", -1);
       p_response.setHeader("Expires", "0");
       p_response.setDateHeader("Last-Modified", System.currentTimeMillis());
       p_response.addHeader("Cache-Control", "no-store, no-cache, must-revalidate");
       p_response.addHeader("Cache-Control", "post-check=0, pre-check=0, false");
       p_response.addHeader("Pragma", "no-cache");

Thanks

I have J2EE web application site which sends the response header as cache:control set to "no-store, no-cache". After logout when the user is pressing the back button of the browser, user is thrown with the cache-expired page, and it’s working as expected. But if the user clicks on the view-page-source on the cache expired page, user is shown with the source code of the previous logged in page with all confidential data pertaining to logged out user. Please let us know do we need any specific response header for Mozilla Firefox to disable the caching of the source code? Your help is much appreciated. p_response.setDateHeader("Expires", -1); p_response.setHeader("Expires", "0"); p_response.setDateHeader("Last-Modified", System.currentTimeMillis()); p_response.addHeader("Cache-Control", "no-store, no-cache, must-revalidate"); p_response.addHeader("Cache-Control", "post-check=0, pre-check=0, false"); p_response.addHeader("Pragma", "no-cache"); Thanks

Wšykne wótegrona (2)

more options

Hi,

the use of the cache is documented in the DND documentation, which I believe will be answered by the following links


https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control

https://developer.mozilla.org/en-US/docs/Web/API/Request/cache


thank's

more options

Thanks for the reply, the options in the specified url works fine only for chrome and IE browser and not for Firefox 64.02 Here is the snippet of the code:

p_response.setDateHeader("Expires", -1);

p_response.setHeader("Expires", "0");

       p_response.setDateHeader("Last-Modified", System.currentTimeMillis());
       p_response.addHeader("Cache-Control", "private, no-store, no-cache, must-revalidate");
       p_response.addHeader("Cache-Control", "post-check=0, pre-check=0, false");
       p_response.addHeader("Pragma", "no-cache, no-store");
       p_response.addHeader("Clear-Site-Data", "cache, cookies, storage, executionContexts");
       p_response.addHeader("cache", "force-cache");

Thanks