Protected content displayed before login dialog

hcl-bot · June 18, 2003, 1:51pm

I have a html page in a proteced directory outside the Domino data directory, like this:/somewhere/intranet/tut/appl/index.html
The page can be accessed like this:

http://www.foo.com/intranet/tut/appl/index.html

To achieve this I have placed a URL redirection that translates /intranet into /somewhere/intranet.

In addition I have set a file protection on /somewhere/intranet with No Access for Default and Read Access for internal users.

Sometimes I recognize that the page is displayed just before the login dialog appears and the user is able to see the content of the page before he/she has entered his/her userid and password.

However, since the directory is protected I’m expecting the page not to be visible before the user has entered a valid username and password.

Is this because the page has been cashed from a previous session by the browser (then it’s ok) or is this a bug in the server (then I’m worried)? Or is it just because I’m not doing enough to protect my files?

So far I’ve seen this behaviour on MSIE 6.0 only.

hcl-bot · June 18, 2003, 2:08pm

Subject: Sounds like a browser cache issue

Try to set the IE cache to “Every visit to the page” (the default is “automatic”), clear the cache and try again.If that is it, then create a HTTP header response rule to always set the content of your protected folder to expired to force the browser to obtain a new version.

hcl-bot · June 18, 2003, 2:31pm

Subject: RE: Sounds like a browser cache issue

Thank you Thomas! That was it.

Haven’t seen things like this for a long time so I didn’t remember that simple browser option.