Keep page submit from caching

Question

For security reasons, we don't want someone's submitted info to be stored. For instance, after coming to a page via a form submit, when I refresh, it asks if I want to send that same data again (at least in Chrome).

We're attempting to create a session-ish behavior. We're not maintaining a server session - after log in, the user gets a single page returned. Since there are no other pages for the user to navigate to once logged in (no server calls at all) it seemed simpler to handle it this way. However, refreshing the page allows the data to be resubmitted, we don't want that. You can also click the back button, then the forward button, and the page is still there, or go on to other sites, and back-button back to the page.

I found <meta http-equiv="CACHE-CONTROL" content="NO-CACHE"> but it doesn't seem to be having any effect.

Javascript solutions are acceptable, as javascript is required (not by me, don't shoot the messenger) for access.

Thanks!

Answer 1

In order to insure that the page wont cache you need to place another set of 'HEAD' tags at the bottom of the document aswell.

For example:

<HTML>
<HEAD>
<TITLE>No Cache</TITLE>
<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
<META HTTP-EQUIV="Expires" CONTENT="-1">
</HEAD>
<BODY>

...

</BODY>
<HEAD>
<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
<META HTTP-EQUIV="Expires" CONTENT="-1">
</HEAD>
</HTML>

source

-- or --

<meta http-equiv="cache-control" content="max-age=0" />
<meta http-equiv="cache-control" content="no-cache" />
<meta http-equiv="expires" content="0" />
<meta http-equiv="expires" content="Tue, 01 Jan 1980 1:00:00 GMT" />
<meta http-equiv="pragma" content="no-cache" />

The specified date should be a date in the past so that the browser will immediately discard the cached copy or not cache it at all.