How to make ajax (JSONP) GET request leave no browser history?

I have an ajax call (JSONP) using JQuery with GET method. I think because I use GET, it will leave the url along with the parameters in the browser history. So, how do I make it don't save in browser history?

Will Jquery.ajax property "cache" set to false work?

please advice.

Thanks for all the answers & ideas

The reason I ask about the history thing is that I use the ajaxp for login (with password). My PM is so worry about leaving trace in the history (by default or anything like firebug). Thus, i want to find out how to deal with it. Of course, now I realize browser by default will not track the ajaxp, but any plug-in may leave a trace.

At last, my solutions are:

1) Set the server response with no cache.

2) I make it two trips. The first ajax asks the server for a key&value, then the JS uses the value for encrypting data and send back the encrypted data with the key in the 2nd call. JS will remove the value (or just keep it in the callback closure). The server will use the key to retrieve the value from the DB (or server cache, well I actually use mongodb). And then use the value to decrypt 开发者_开发知识库data and get the login & password.

Thanks guys.

You can set your server side script to send headers that prohibit browsers and proxies from caching the page:

Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

The above headers were copied from PHP manual for session_cache_limiter.

I think because I use GET, it will leave the url along with the parameters in the browser history

History and cache are different concepts. Ajax requests are not recorded in the browser history. There are even plugins allowing you to achieve this by manipulating the hash portion of the url.

As far as caching is concerned, GET requests might indeed be cached by the browser. The cache: false attribute disables caching and ensures that the server will be hit to fetch a fresh version of the resource.

The call will not appear in the browser history and won't affect the back/forward buttons.

If your intention is to prevent the user from finding out about the call (the URL, the data etc.) you're still out of luck as they can find it by looking in the page source or monitoring network traffic (e.g using Firebug).