TheSession = CreateSession(1, &SessionList, Hdr, &SessionListMutex);
if ((StrLength(Hdr->c_username) == 0) &&
- (!Hdr->HR.DontNeedAuth))
+ (!Hdr->HR.DontNeedAuth)) {
OverrideRequest(Hdr, HKEY("GET /static/nocookies.html?force_close_session=yes HTTP/1.0"));
+ Hdr->HR.prohibit_caching = 1;
+ }
if (StrLength(Hdr->c_language) > 0) {
lprintf(9, "Session cookie requests language '%s'\n", ChrPtr(Hdr->c_language));
hprintf("Content-encoding: gzip\r\n");
}
+ if (WCC->Hdr->HR.prohibit_caching)
+ hprintf("Pragma: no-cache\r\nCache-Control: no-store\r\nExpires:-1\r\n");
hprintf("Content-length: %d\r\n\r\n", StrLength(WCC->WBuf));
ptr = ChrPtr(WCC->HBuf);
long ContentLength;
time_t if_modified_since;
int gzip_ok; /**< Nonzero if Accept-encoding: gzip */
+ int prohibit_caching;
/* these are references into Hdr->HTTPHeaders, so we don't need to free them. */
StrBuf *ContentType;