[Webkit-unassigned] [Bug 214361] New: Back cache ignores cache-control: no-cache no-store
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Jul 15 10:26:00 PDT 2020
https://bugs.webkit.org/show_bug.cgi?id=214361
Bug ID: 214361
Summary: Back cache ignores cache-control: no-cache no-store
Product: WebKit
Version: Safari 13
Hardware: Macintosh
OS: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: WebCore Misc.
Assignee: webkit-unassigned at lists.webkit.org
Reporter: zfriss at hubspot.com
When an HTML Page sets `cache-control: no-cache no-store` Safari 13 ignores this and still stores the value in the back/forward cache.
This is problematic when you explicitly don't want the page to be cached. Example you have a page where the user is logged in then log out and hit "Back" in their browser it seems like they are still logged in due to the cache.
This behavior isn't present in Safari 12.
Test site: https://safari-cache-bug.hubspot-product-prod.workers.dev/pageOne.html
Click on Page Two then hit back in browser and see that the time is set to the previous value.
If you go to Page Three -> Page One and press back page three will show the correct time as that page has a script to reload if it was a cached page load which shouldn't be necessary.
It seems like this behavior was introduced in https://bugs.webkit.org/show_bug.cgi?id=202314 but it doesn't make sense to ignore a `no-cache no-store` setting.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20200715/745bf050/attachment-0001.htm>
More information about the webkit-unassigned
mailing list