Re: Enforce reloading of page when using the back-button from Dan Connolly on 2000-03-09 (www-talk@w3.org from March to April 2000)

From: Dan Connolly <connolly@w3.org>
Date: Wed, 08 Mar 2000 23:19:32 -0600
To: grahame@melb1.kestral.com.au
CC: www-talk@w3.org
Message-ID: <38C73464.94C9C150@w3.org>

Grahame Grieve wrote:
[...]
> Dan, you wrote,
[...]
> >Would you please help me understand why it is you
> >feel that it is "perfectly appropriate"?
> 
> I don't know if I can reassure. but I will try to
> explain. I have developed an application that
> publishes patient medical record information on
> both intranet and internet. [...]

OK... thanks. Now I understand your motivation.
From a purely architectural/technical point of view, I agree
with others here who have suggested that your
issue is with the user agent, not with the HTTP
protocol. But I infer that your system engineering
constraints prescribe particular user agents. Sigh...

> But once logged out, there is nothing to stop anyone
> walking up to the computer and pushing the back button
> and seeing whatever the last user saw. They can't get
> new information. My information isn't in the cache, but
> in the history.

The solution I've seen in airport Internet kiosks and
hotel tv web browsers is to just restart the user agent
process (and clear the memory and disk caches, I think)
between users, i.e. at logout. The user agent they
use appears to be a lightly-hacked version of MS IE.
I gather lightly-hacked versions of Mozilla are
getting easier to come by these days too.

Is that approach feasible in your application?

> I realise that I am pushing the envelope for what web
> applications can do.

No, you're just pushing the envelope of what you
can do with some user agents without restarting them ;-)

> But it's frustrating to overcome
> all the other obstacles and not this little one.

I know the feeling!

> The HTTP standard has historically assumed that once
> the user[-agent] has the data they are permitted to
> do whatever they wanted. I am pushing the envelope to
> publish data where this is not the case. The user is
> allowed to use it how they want but the user-agent
> isn't, since it is shared between users on a
> [potentially] non-secure system

Actually, I find quite explicit protocol support in HTTP 1.1 for this
case:

"private 
     Indicates that all or part of the response message is intended for
a single user
     and MUST NOT be cached by a shared cache. This allows an origin
server to
     state that the specified parts of the 
     response are intended for only one user and are not a valid
response for
     requests by other users. A private (non-shared) cache MAY cache the
response. 

     Note: This usage of the word private only controls where the
response may be
     cached, and cannot ensure the privacy of the message content. "

-- http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9.1

Again, I think your issue is with User Agents that lack support for
this sort of thing.

-- 
Dan Connolly, W3C http://www.w3.org/People/Connolly/

Received on Thursday, 9 March 2000 00:20:51 UTC