Re: Is disabling browser caching secure?

[Rogan Dawes <discard () dawes za net>]

smith.norton () gmail com wrote:
> Many articles on the net speaks of disabling browser caching.
>
> I don't feel its secure because even if a browser faithfully follows the protocol, a programmer might write a small 
> browser of his own which caches all pages.
>
> What do others say?

Patient: Doctor, Doctor, it hurts when I do *THIS*!

Doctor:  Well, don't DO that!

App designers cannot be held responsible for non-compliant client 
software. All they can do is a best effort, since they do not have 
control over what the client uses (in most cases, corporate standards aside)

If a programmer wants to write a custom browser that ignores cache 
control instructions, then he should be aware of the consequences. 
Similarly a user, should they choose to use a non-standard (not widely 
used, anyway) piece of software without understanding the implications, 
is responsible for the consequences.

Rogan

-------------------------------------------------------------------------
This List Sponsored by: SPI Dynamics

ALERT: "How A Hacker Launches A Web Application Attack!" 
Step-by-Step - SPI Dynamics White Paper
Learn how to defend against Web Application Attacks with real-world 
examples of recent hacking methods such as: SQL Injection, Cross Site 
Scripting and Parameter Manipulation

https://download.spidynamics.com/1/ad/web.asp?Campaign_ID=701300000003gRl
--------------------------------------------------------------------------