I have a web form hosted over SSL using php and sessions (page1). I want to be able to POST to page2 then return (via back button) to page1 and still retain the original data in the form fields. I used to be able to achieve this effect by simply adding the following headers to page1:
header("Expires: Sat, 01 Jan 2000 00:00:00 GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: post-check=0, pre-check=0",false);
However, after upgrading server to php 5 and re-installing apache, this does not work for me anymore (returning to page 1 gives me empty form fields). Not sure why. Is the browser unable to satisfy request to cache privately b/c of the nature of ssl?
Understand I could store posted data in a session then re-populate fields accordingly, however, would be much easier to just add a few header lines, as with previous approach.
Does anyone know the appropriates headers to enable private-cache with php (using sessions) over SSL? Thanks.
note: I am not sure if manipulating headers (to cache content privately, on client) poses much of a security risk. Would assume since both page1 and page2 are hosted over SSL, the transfer of the viewer data is secure (and although the private browser cache may pose minor security threat - it's probably not much different than storing as php session on server). I'm not posting overly sensitive data (no credit card info, just email/name/address), but still want it to be secure.