A browser program running on a client computer attached to a network is capable of requesting information from another computer in the network. The information may be identified by a Uniform Resource Locator (URL) or other type of special syntax identifier. A URL for example defines a communication path to a computer having the desired information (e.g. a server) as well as a block of information called a page or web page. When a server receives a request for a page, the information is sent over the network to the requesting browser. Pages received by the browser are stored or cached by the browser on the client computer on which the browser program is running.
Caching a page on the client computer improves the overall access speed, because the browser can access the information on the page directly from the client computer, rather than re-requesting the page whenever a second or subsequent need arises for information in the page.
Some or all of the information in a page may be sensitive or confidential information such as bank balances, brokerage balances, business strategy, personal or medical data and the like, which is intended to be viewed only by the user operating the browser program. However, anyone having access to the cache, whether locally at the client computer or over the network may be able to view the sensitive information in the pages in the cache.
One way to minimize this exposure is to instruct the user at a client computer to log out and clear the cache after viewing the information or after a session of working with various pages. Typically the log out is performed by selecting an object on a web page. The user then selects various options on a taskbar of the browser program to locate a clear cache button to select. This method is awkward on present browsers, but even if a clear cache button were easily accessible, the cache is completely cleared of all pages. Subsequent needs for information in web pages which could have been provided from the cache now require re-loading these pages over the network, even for pages which have no sensitive information.
Allen et al. in U.S. Pat. No. 6,314,492 attempt to address this problem by describing a method for controlling the contents of a browser cache. A browser receives in a data stream from a host server, a clear cache tag. In response to the clear cache tag, the browser clears the cache. A server would normally place a clear cache tag in a .you are logged out. web page. When the client browser receives this web page with the clear cache tag, the browser clears its cache of data, thereby making the data unavailable from the client computer.
In another embodiment Allen et al. describe a client browser which upon receipt of a clear cache tag, clears a part of its cache, that portion of the cache containing data in a data stream between a start cache tag and the clear cache tag.
Himmel et al. in U.S. Pat. No. 6,453,342 describe a method for selectively caching web information in a browser cache. Web content is retrieved by a browser. The web content is parsed for an indication, such as a no cache tag, that the web content is to be removed from a cache after the browsing session terminates. If the no cache tag is found, then the web content is removed from the cache in response to the browsing session terminating, or after a period of time passes while the browser is idle.
U.S. Pat. Nos. 6,314,492 and 6,453,342 are hereby incorporated by reference.
The Hypertext Transfer Protocol (HTTP) is a known protocol for handling the transfer of information across a network. This protocol describes a cache control capability based on entering a “no-cache” directive in a header field of a response. When a browser receives a response having the directive in its header, no part of the response message may be cached anywhere.
Despite the aforementioned developments and capabilities, it would be advantageous to have an improved and easier to use method for selectively clearing entries in a web browser cache in order to reduce the risk of unauthorized access to sensitive or confidential data.