<META HTTP-EQUIV="Content-Type" content="text/html; charset=WINDOWS-1250">I have no idea why this stopped the "Access Denied" errors. Turns out it apparently had nothing to do with page expiration. I only found this solution by accident because I initially removed _all_ meta tags, including three that affected expiration and cache-control:
<META HTTP-EQUIV="Expires" CONTENT="0"> <META HTTP-EQUIV="Pragma" CONTENT="no-cache"> <META HTTP-EQUIV="cache-control" CONTENT="no-cache, no-store, must-revalidate">And that fixed the problem. Then I figured that the "Content-Type" meta tag probably had nothing to do with the problem, so I put it back, and the problem started happening again. So I took it out and put the other meta tags back, and now everything is fine.