12 messages in org.apache.tomcat.usersCache-Control headers not being added...| From | Sent On | Attachments |
|---|---|---|
| Zampani, Michael | Aug 16, 2011 1:42 pm | |
| Christopher Schultz | Aug 16, 2011 1:57 pm | |
| Richard Frovarp | Aug 16, 2011 2:01 pm | |
| Zampani, Michael | Aug 16, 2011 2:20 pm | |
| Mark Thomas | Aug 17, 2011 12:33 am | |
| Zampani, Michael | Aug 22, 2011 2:38 pm | |
| Christopher Schultz | Aug 23, 2011 6:47 am | |
| Zampani, Michael | Aug 23, 2011 11:08 am | |
| Christopher Schultz | Aug 23, 2011 12:10 pm | |
| Mark Thomas | Aug 23, 2011 12:48 pm | |
| Zampani, Michael | Aug 23, 2011 1:39 pm | |
| Mark Thomas | Aug 23, 2011 1:43 pm |
| Subject: | Cache-Control headers not being added to secure requests | |
|---|---|---|
| From: | Zampani, Michael (zamp...@amazon.com) | |
| Date: | Aug 16, 2011 1:42:05 pm | |
| List: | org.apache.tomcat.users | |
Hi,
CLN 1126273
http://svn.apache.org/viewvc?view=revision&revision=1126273
Seems to have disabled the automatic addition of the cache-control and pragma
response headers on secure constrained pages.
The initial revision of this file(at least the oldest copy I could find) had
this check
http://svn.apache.org/viewvc/tomcat/tc5.5.x/trunk/container/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java?revision=301082&view=markup
but it was commented out in CLN 302373
http://svn.apache.org/viewvc?view=revision&revision=302373
I don't understand why it was ever present, though. Does anybody know why you
wouldn't want these headers on secure requests?
Is there a separate way I'm supposed to configure Tomcat to add these flags for
secure requests?
Thanks, Michael