troubleshooting Question

private browser cache for web form over SSL

Avatar of jongenant
jongenantFlag for United States of America asked on
PHP
7 Comments1 Solution564 ViewsLast Modified:
I have a web form hosted over SSL using php and sessions (page1). I want to be able to POST to page2 then return (via back button) to page1 and still retain the original data in the form fields. I used to be able to achieve this effect by simply adding the following headers to page1:

header("Expires: Sat, 01 Jan 2000 00:00:00 GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: post-check=0, pre-check=0",false);
session_cache_limiter("private, must-revalidate");
session_start();

However, after upgrading server to php 5 and re-installing apache, this does not work for me anymore (returning to page 1 gives me empty form fields). Not sure why. Is the browser unable to satisfy request to cache privately b/c of the nature of ssl?

Understand I could store posted data in a session then re-populate fields accordingly, however, would be much easier to just add a few header lines, as with previous approach.

Does anyone know the appropriates headers to enable private-cache with php (using sessions) over SSL? Thanks.


note: I am not sure if manipulating headers (to cache content privately, on client) poses much of a security risk. Would assume since both page1 and page2 are hosted over SSL, the transfer of the viewer data is secure (and although the private browser cache may pose minor security threat - it's probably not much different than storing as php session on server). I'm not posting overly sensitive data (no credit card info, just email/name/address), but still want it to be secure.
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 1 Answer and 7 Comments.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 7 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros