On Thu, Mar 29, 2007 at 11:44:35AM -0500, Jay K wrote: > Another thing to keep in mind here is that if you are not very > particular with your cache-control headers - Many browsers will cache > your page. So if you are accessing /articles/1723, and it detaches > to the login procedure, when the user hits /articles/1723 again - it > will often bring up the login page out of cache. You can avoid this > if you are sure to set your cache control headers properly within > your login action, but for this type of thing, I always try to use > redirect, because it saves me trying to figure out what the hell is > going wrong later.
I don't redirect as I like showing the URL of the page that requires login. But, I'm also careful with cache control headers. This always makes me wish for a 4xx code that could be returned to the client but not force the browser to ask for authentication. After all, the user is not currently authorized to view the page. And the idea being that the browser would not cache the 4xx response. -- Bill Moseley [EMAIL PROTECTED] _______________________________________________ List: Catalyst@lists.rawmode.org Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/ Dev site: http://dev.catalyst.perl.org/
