cache-control in opera-mini

Discuss general web development related issues. For Opera bugs, use the Bug Report Wizard: https://bugs.opera.com/wizard/. For Opera feature requests and queries, use Desktop wish-list: http://my.opera.com/community/forums/forum.dml?id=24.

Note: You need to login to post in the forums. if you don't have an account you first need to sign up.

By ptmurphy Tuesday, 7. July 2009, 09:44:57

First post, so please excuse any forum etiquette errors.

We have a mobile banking application that uses sessions which seems to work fine in all browsers apart from opera-mini.
The specifics of the problem are:
1)User logs in, conducts some transactions and then logs out
2)User clicks on back button several times. This goes back through the browser history displaying all recent information. This display of information can be classed as a security issue (or not).
a)If the user clicks on any link on any screen (apart from login screen), then the user is directed to the login screen to login again. This is thus not a security issue.
b)However, if the user goes back to the login screen and then clicks submit, then the user is logged in again in a new session. This is because the opera-mini browser caches both the login name and the password (which is not the behaviour of other browsers). This is a potential security issue if the phone falls into the wrong hands.

We have tried
<META Http-Equiv="Cache-Control" Content="no-cache">
<META Http-Equiv="Pragma" Content="no-cache">
<META Http-Equiv="Expires" Content="0">
but this doesn't work.

2b is the specific concern.
First prize would be correct HTML lines that work (please provide in full)
Second prize is an opera-mini setting that works either before or after the session (e.g. clearing the cache)
Third prize - a recommendation not to use opera-mini but rather some other version of Opera - please advise as to which to use for mobile use.

Thanks for any help.

Login

Forums » General Web Development Discussions

cache-control in opera-mini