Hello We clearly posted a notice on our logout page explicitly telling users to close their browser (or drop the tab) after exiting a client application. We are not seeing users take advantage of that notice and instead have complaints from the registrar about the caching behavior of browsers. Since the data is private and violates FERPA in addition to leaving careless users vulnerable with regard to personal financial details, we are taking this seriously.
We have tried applying the following META tags in both the client app pages and CAS pages to stop the browser caching with absolutely no effect whatsoever. Suggestions? <meta http-equiv="Cache-control" content="no-cache, no-store, must-revalidate"/> <meta http-equiv="Pragma" content="no-cache" /> <meta http-equiv="Expires" content="0" /> Linda Toth University of Alaska - Office of Information Technology (OIT) - Identity and Access Management 910 Yukon Drive, Suite 103 Fairbanks, Alaska 99775 Tel: 907-450-8320 Fax: 907-450-8381 [email protected] | www.alaska.edu/oit/ -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
