Rails ( set_no_cache method) Cannot disable browser caching in Safari and Opera

Question

After using Devise for my authentication, I found that there was a security hole in that, after the user logs out, the session variables are preserved. This allows anyone to

Answer 1

First of all, for any issues with cache, use Mark Nottingham's guide on HTTP caching

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0

Try this.