HTML5 application cache issue - php session - logging out of applicaiton

Question

Testing an on-line application and the appcache is working, however, when logging out and then returning to the target php page the if(!isset($_SESSION['user'])) to return the user to the log-in page is not working even though the session information is not present. The session has been destroyed, the user unset, and the cookie expired on logout. The same result trying to check the cookie status - if(!isset($_COOKIE['name'])). !isset is returning False even thought the cookie doesn't exist.

Remove manifest reference from the html tag and it works fine.

Thanks

Answer 1

The manifest reference in the html tag adds that page to the appcache even though it's not listed in the manifest file. Viewing chrome://appcache-internals/ in the browser displays the appcache and the html page as the master item.

Chrome and Safari appear to be ignoring no-chache no-store http headers when using appcache. When injecting an iframe to load a separate page containing the manifest, the main page elements weren't being retrieved from Chrome's cache.

The solution was to check the cookie or sessionstorage state in javascript to ensure the user wasn't directed to the cached page when logging back in.