Forcing document to expirt in all browsers 1

[Swi]

Adding the normal response.expires and other meta tags seems to work for FF and IE but Safari and Chrome seem to ignore these. Any ideas on how to make my asp pages expire in all browsers? Part of my code is below.

Thanks.

<%@ Language=VBScript %>
<% Option Explicit %>
<% Response.Buffer = true %>
<% Response.Expires = -1 %>
<% Response.ExpiresAbsolute = Now() - 2 %>
<% Server.ScriptTimeout = 200 %>
<% Session.Timeout = 20 %>
<% Response.AddHeader "pragma","no-cache" %>
<% Response.AddHeader "cache-control","private" %>
<% Response.CacheControl = "private" %>

<!--#include virtual="include/ForceSSL.inc"-->

<!DOCTYPE html>
<html>
<head>
  <meta name="viewport" content="width=device-width, initial-scale=1" charset="UTF-8">
  <meta http-equiv="Pragma" content="no-cache">
  <meta http-equiv="Expires" content="-1">
  <meta http-equiv="CACHE-CONTROL" content="NO-CACHE">

Swi

 

[ElEye]

Side note: I strongly advise you change your server-side include filename to forcessl.asp as a .inc file can be displayed as plain text.

Dave
[

http://flashspot.com

]

 

[Swi]

Ok, thanks for the tip.

Swi

 

[guitarzan]

> as a .inc file can be displayed as plain text.
Source? Pretty sure this is not the case in IIS 6 and higher

 

[ElEye]

Guitarzan: it's IIS not the browser.

Dave
[

http://flashspot.com

]

 

[guitarzan]

Swi: I'm sorry, I don't mean to hijack your thread... but...

>it's IIS not the browser.
ElEye: I'm vaguely aware of a vulnerability that allowed an include file to be accessed directly from a browser in plain text, but this was only in versions of IIS older than IIS6. I know of no other problems using an include file with a .inc extension, which is why I asked what the source of your information is. I don't believe you are correct, but would be happy to be corrected myself if I'm wrong.

 

[Swi]

No problem. I did change to a .ASP file in the end for the Force SSL.

Still trying to find a way to expire a page that will work across all browsers though.

Thanks.

Swi

 

[ElEye]

OK, now I feel bad. I misread G's post. He clearly stated IIS6, not IE6. I apologize. Since IIS5 I've just always used ASP rather than INC. And I apologize for hijacking this thread!

Back to the thread, my standard expiration stuff is very similar to yours, Swi, so I don't know why yours would not work:


Response.expires = 0
Response.expiresabsolute = Now() - 1
Response.addHeader "pragma", "no-cache"
Response.addHeader "cache-control", "private"
Response.addHeader "cache-control", "no-cache"
Response.addHeader "cache-control", "no-store"
Response.CacheControl = "no-cache"

Dave
[

http://flashspot.com

]

 

[Swi]

Have you tested in IE and Chrome. The code I have above works in most browsers but not all.

Thanks.

Swi

 

[ElEye]

Yes, Swi, I've not had issues in any browser. How does it not appear to work for you in IE or Chrome?

Dave
[

http://flashspot.com

]

 

[Swi]

If I hit the back button after a page is posted the previous page does not expire in Chrome or Safari. Works fine in IE and Firefox.

Swi

 

[ElEye]

I found this nearly fifteen (!) year old article.

[URL unfurl="true"]http://www.4guysfromrolla.com/webtech/111500-1.shtml[/url]

Dave
[

http://flashspot.com

]

 

[Swi]

Thanks, saw that one too.

Swi