This is a great comment.
in reply to overkill anti-caching CGI headers
I spent quite a little while trying to determine why I was unable to get CGI::Application::Plugin::Authentication to work correctly with my CGI app; I'd fill in the login form, click the button, but no joy. Click again. Then again. Then, on the fourth try, the login would go through. But sometimes it took 5 clicks. Sometimes only 3. Drove me batty, until I realized that the web server was cacheing the result of cgi scripts... set at 10 seconds. Firefox wouldn't submit the login form's data to the script until 10 seconds had passed since the time the login form appeared in the browser.
I control the Apache config file on my server, and fixing the problem on the server side was easier for me. It was a matter of removing this line:
ExpiresDefault "access plus 10 seconds""