Michael: We actually use the following formula to determine if the action of hitting the back button should query the server:
hit_server_on_back_forward = (https && no-cache) || no-store So, for normal HTTP content, you'd have to send "Cache-control: no-store" to bypass the cache when loading pages from session history (via back/forward buttons). For HTTPS content, you can either specify "Cache-control: no-store" or "Cache-control: no-cache" or "Pragma: no-cache". The distinction between HTTP and HTTPS content is made for compatibility reasons. Idealy, we should only bypass the cache when presented with a "no-store" header, but sadly too many online banks (and other secure sites) depend on the "no-cache" headers triggering this behavior. If you check out RFC2616 (http://www.w3.org/Protocols/rfc2616/rfc2616.html), you'll see that mozilla is in compliance with the HTTP/1.1 spec. Darin Gagan Saksena wrote: > I would imagine that a "Cache-Control: no-store, no-cache" header > should do the trick. If not you may have found a bug. Cc'ing Gordon > and Darin. > > -Gagan > > Michael Kinsley wrote: > >> Hello, >> >> I am sorry to bug, but I have searched through FAQ's and newsgroups >> to no >> avail. >> >> Here's the problem: >> >> When using Mozilla 1.0 and a user hits the BACK button the page >> reloads from >> cache no matter what! I have set the HEADERS telling the browser to >> reload >> the page every time. >> >> Even checking the status via about:cache claims that the page won't be >> reloaded from cache - but it IS!!! There is no problem in IE5.X, it >> reloads the page whenever the back button is hit. >> >> How do I tell mozilla to reload a page even if the back button is hit? >> >> thank you >> >> Michael Kinsley >> >>
