Note that HTTP/1.0 proxies arenít expected to understand Cache-Control header. If youíre really concerned about user information leakage and thereís a possibility that your users are behind HTTP/1.0 proxies, use technique #5 (random strings in the URL).