Prevent caching of protected pages

For security reasons one does not want certain pages to be cached, ever, by the web browser. After logging out from the website, one should not be able to view cached pages when pressing the back button.

Hence Yanel allows to configure for each resource a property called 'yanel:no-cache', for example

<yanel:resource-config xmlns:yanel="http://www.wyona.org/yanel/rti/1.1">
  <yanel:rti name="xml" namespace="http://www.wyona.org/yanel/resource/1.0"/>

  <yanel:property name="yanel:no-cache" value="true"/>

such that Yanel (org.wyona.yanel.servlet.YanelServlet) will set the following HTTP headers

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0

Set Expires HTTP header for global resources

One can set the Expires HTTP header explicitely for global resources, like for example

../../../yanel/yanel-js/jquery/1.4.4/jquery.min.js

by setting the parameter 'static-content-cache-expires' inside web.xml



Your comments are much appreciated

Is the content of this page unclear or you think it could be improved? Please add a comment and we will try to improve it accordingly.