Rails ( set_no_cache method) Cannot disable browser caching in Safari and Opera

Question

After using Devise for my authentication, I found that there was a security hole in that, after the user logs out, the session variables are preserved. This allows anyone to

Answer 1

I found that doing this in my application controller worked great for development.

after_filter  :expire_for_development

protected

def expire_for_development
  expires_now if Rails.env.development?
end