Does anyone out there know the correct syntax to set the Expires
header? I cannot seem to get it to work correctly and cannot find any
examples on the internet?
Thanks,
Jaman
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Monday, August 23, 1999 5:37 PM
To: [EMAIL PROTECTED]
Subject: Re: BACK-ing into trouble
On Mon, 23 Aug 1999, Jaman Burton wrote:
> Any assistance would be greatly appreciated in this matter...
>
> In the midst of developing our internet site using HTTPSessions I've
> discovered that when a user employs the use of a browser's "BACK"
> button they can unwittingly bring themselves to one of our error
> pages.
>
> Although this outcome, isn't harmful to us or our users, it is
> unwanted. Is there a way that the "BACK" button can be disabled
> within a servlet or if not, I have seen sites were it seems as
> though pages won't let you "BACK" into them...how is this
> accomplished?
Questions like these seem to come up from time to time. I don't have
a specific answer for you, but perhaps thinking about how the BACK
button works might help you. If I have any of this wrong, please
correct me.
The BACK button is pure browser, i.e. client-side, functionality. As
such, it is out of direct server-side control. All it does is recall
the previous (or the nth previous) URL, and perhaps re-request it
(i.e. it is really no different than if the user typed in that URL).
I say "perhaps" because it is subject to caching considerations -- if
the client has cached the URL in question, it will just display the
cached version, without re-requesting it. That means you really won't
be able to do anything about it, since the server isn't being
contacted.
>From the server-side you do have some control over whether a page is
cached, though, which may give you enough indirect control of what
happens when the BACK button is pressed to restrict things as you
want. Notice I say "may", because supposedly not all browsers obey
the headers you use to indicate that you don't want the page cached
(everything's full of caveats :-).
So, for example, you could set things up such that the pages in
question are not cached, and use sessions and such to store enough
info about the user's session, and thus detect and control what
happens when the BACK button is pressed.
Here's what I've heard to use to get browsers to not cache a page (it
was recommended to use all of them):
1. Set the Expires header to some date in the past (far in the past,
so you don't get screwed up by a clock that's five minutes off)
2. Set the Cache-Control header to "no-cache"
3. Set the Pragma header to "no-cache"
Hope this helps.
Milt Epstein
Research Programmer
Software/Systems Development Group
Computing and Communications Services Office (CCSO)
University of Illinois at Urbana-Champaign (UIUC)
[EMAIL PROTECTED]
________________________________________________________________________
___
To unsubscribe, send email to [EMAIL PROTECTED] and include in the
body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
