As you browse the web, various components are cached (reused) to speed up your experience. For example, why download the eBay logo anew on each ebay.com page? It rarely changes, so just keep reusing the same one.

What happens when we don’t want things cached? For example, your online bank statement. If that were cached and someone broke into your computer, they could see your bank statement web page sitting in the cache.

To prevent this behaviour, set the Cache-Control HTTP header. It’s a bit technical, but basically you tell someone’s browser not to store sensitive information in the cache.

What about sensitive attachments? For example, viewing your account statement as a PDF. In Internet Explorer, this is not possible.

“Wait!” you’re saying. “Rob, I just did this today. I went to TD Ameritrade and viewed my transaction history as a PDF and it worked!”

Alright, I wasn’t quite honest there. It is possible in Internet Explorer, but in order to do so you have to instruct the browser to store the PDF in your cache. If the security of your machine is compromised, an attacker doesn’t need your bank account numbers or customer numbers; they’re sitting there on documents in your cache.

According to Microsoft “This behaviour is by design.” After all, if you tell your browser not to store the attachment, how can you view it after downloading? This is their statement, in a nutshell.

Firefox doesn’t have this problem

How is this related to usability?

There are downstream effects to Microsoft’s decision. They could have implemented this (Firefox does), but chose not to. If you want to offer secure downloads to your clients, you can’t. A decision having nothing to do with anything more than a function call at Microsoft dictates how businesses are best able to serve their customers.

It’s a pretty simple case of the needs of the machine being given more importance than the needs of the user.

The above-linked article makes mention of the specific API call to open the file – IPersistFile::Load – as the reason why this impossible.  It just as easily could be ITransientFile::Load or IMemoryFile::Load, right?  Or how about Internet Explorer deletes the file from your cache when it’s done viewing?  Lots of possible solutions here but all we’re given is a technology-first justification of why it’s broken today.

Then again, if any of you are looking towards Microsoft as a paragon of secure computing, I have some bridges for sale…