PHP Overriding Cache-Control Header
Posted: Fri Nov 13, 2009 9:02 am
I've been fighting an issue with PHP to disable caching on pages so that users are clicking the back button and seeing old data, or seeing anything they shouldn't once a user logs out. Here's the headers I'm setting:
This was based off the headers getting sent by an ASP.NET app I have working correctly. Everything gets sent across fine with PHP except the "Cache-Control" setting, it keeps defaulting to "private." I've examined the headers before the page finishes getting sent to the browser, and the headers are correct.
I also learned there was a setting in php.ini that allows PHP to handle this. I found the setting and commented it out, here's what it looks like now:
;session.cache_limiter =nocache
Even before commenting it out, it should not have been setting the cache-control to private by the looks of it.
Anyone else had this issue, or know what I can do to resolve it?
Thanks!
Code: Select all
Header( "Cache-Control: no-cache", true); // HTTP/1.1
Header( "Date: " . gmdate( "D, j M Y H:i:s" ) . " GMT" );
Header( "Expires: -1" );
Header( "Pragma: no-cache" ); // HTTP/1.0
I also learned there was a setting in php.ini that allows PHP to handle this. I found the setting and commented it out, here's what it looks like now:
;session.cache_limiter =nocache
Even before commenting it out, it should not have been setting the cache-control to private by the looks of it.
Anyone else had this issue, or know what I can do to resolve it?
Thanks!