12 messages in org.apache.tomcat.usersRe: Cache-Control headers not being a...| From | Sent On | Attachments |
|---|---|---|
| Zampani, Michael | Aug 16, 2011 1:42 pm | |
| Christopher Schultz | Aug 16, 2011 1:57 pm | |
| Richard Frovarp | Aug 16, 2011 2:01 pm | |
| Zampani, Michael | Aug 16, 2011 2:20 pm | |
| Mark Thomas | Aug 17, 2011 12:33 am | |
| Zampani, Michael | Aug 22, 2011 2:38 pm | |
| Christopher Schultz | Aug 23, 2011 6:47 am | |
| Zampani, Michael | Aug 23, 2011 11:08 am | |
| Christopher Schultz | Aug 23, 2011 12:10 pm | |
| Mark Thomas | Aug 23, 2011 12:48 pm | |
| Zampani, Michael | Aug 23, 2011 1:39 pm | |
| Mark Thomas | Aug 23, 2011 1:43 pm |
| Subject: | Re: Cache-Control headers not being added to secure requests | |
|---|---|---|
| From: | Christopher Schultz (chr...@christopherschultz.net) | |
| Date: | Aug 16, 2011 1:57:03 pm | |
| List: | org.apache.tomcat.users | |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Michael,
On 8/16/2011 4:42 PM, Zampani, Michael wrote:
I don't understand why it was ever present, though. Does anybody know why you wouldn't want these headers on secure requests?
The svn comment says "...to reduce the likelihood of issues when downloading files with IE.". Presumably, [MS]IE has "issues" with downloading files with those response headers.
Is there a separate way I'm supposed to configure Tomcat to add these flags for secure requests?
The only change was that the Authenticator's default value for securePagesWithPragma was changed from "true" to "false".
Don't have an Authenticator <Valve> set up? Add one.
- -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk5K2bYACgkQ9CaO5/Lv0PBDAwCfY/U+WFXO4rnZqztkSgV2/5el QYYAnj1qvQKWeNTmepid4Qhj9PG866Jd =ro3C -----END PGP SIGNATURE-----