You can actually set up the caching headers such that most browsers (ie/firefox at least) will cache Everything. You can do this by adding the header "Cache-Control: cache". I think.

One idea I had (and tested successfully) is to use always-cached pages along with some javascript to do fancy things. JS gets re-executed, but gets to keep some variables (so you can tell that you've already been viewed). You can also do those fancy xmlhttprequest thingies.

So most of the time when you go back it just shows you the page. But you could also have your js ask the server if it is OK to re-display this particular page, and then display a message (or nuke the page through DOM or whatever) if its not OK. That way they can't mess with you much if the go back to a one-time page --- a "are you sure you want to delete X" page or "Are you sure you want to charge 1 million dollars to your credit card?"

I give each page I display its own unique ID, so it would be easy to just keep a server-side list of which pages to "expire" or invalidate.

As always, however, Javascript is helpful for useability and does nothing for security.

In reply to Re^6: How do you do sessions in Web Sites by awwaiid
in thread How do you do sessions in Web Sites by digiryde

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.