No matter what I do Firefox and Chrome (not Safari) are caching the contents and cookies of iFrames.
I have tried all the suggestions from: Preventing iframe caching in browser
And consulted ChatGPT which suggests:
<IfModule mod_headers.c>
Header set Cache-Control "no-store, no-cache, must-revalidate, max-age=0"
Header set Pragma "no-cache"
Header set Expires 0
</IfModule>
Or similar in the meta tags, or adding a dynamic variable to the src URL.
It just seems impossible to stop it loading a cache version, which is a problem as when a user returns to my site even if they login Firefox remembers the state from the first visit (and they have to login again).
Note the problem only occurs if the user links from the same domain as the first visit.
So...
<IfModule mod_headers.c>
Header set Cache-Control "no-store, no-cache, must-revalidate, max-age=0"
Header set Pragma "no-cache"
Header set Expires 0
</IfModule>
...does work but you have to empty the browsers cache or it saves the previous cache settings!