I used devise for authentication in my rails project. After I signed out; I clicked the back button in the browser; Oh!!! the browser was showing the previous page from which I clicked ‘sign out’. I tested this and found that the browser is caching the page.
I used firebug to analyze the project page(s). I found that the
To add ‘no-cache’, I added the following lines @ the application_controller.rb file
before_filter :set_no_cache
and the function
def set_no_cache response.headers["Cache-Control"] = "no-cache, no-store, max-age=0, must-revalidate" response.headers["Pragma"] = "no-cache" response.headers["Expires"] = "Fri, 01 Jan 1990 00:00:00 GMT" end
Restarted the server and found that after I signout and hit ‘back button’ of the browser; the page is redirected to the sign_in page. [ I have configured devise to redirect to sign_in when the session is not valid].
Hope this helps rails users like me.
and I analyzed the rails project page(s) using firebug andThe firebug analyzed results
no-cache implemeted