Secure applications disable browser history and internal cache. Unfortunately, this causes problems with most browsers when following the standard Rails pattern for displaying errors. For full protection from ERR_CACHE_MISS (in Chrome with no-cache, no-store), and equivalent in other browsers, the pattern should be altered to follow a full POST-REDIRECT-GET patten. This way the browser will always have a consistent back-button history to traverse without triggering browser errors.
Required Ruby Version
None
Authors
Tom Meier