Add cache-control header to the requests

wso2 · Oct 31, 2024 · c638220 · c638220
1 parent f39d4fe
commit c638220
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 1 deletion.
diff --git a/...shboard.bootstrap/src/main/java/org/wso2/ei/dashboard/bootstrap/SecurityHeaderFilter.java b/...shboard.bootstrap/src/main/java/org/wso2/ei/dashboard/bootstrap/SecurityHeaderFilter.java
@@ -49,6 +49,7 @@ public void doFilter(ServletRequest servletRequest, ServletResponse servletRespo
         httpResponse.addHeader("Referrer-Policy", "same-origin");
         httpResponse.addHeader("X-XSS-Protection", "1; mode=block");
         httpResponse.addHeader("Strict-Transport-Security", "max-age=31536000; includeSubDomains");
+        httpResponse.addHeader("Cache-Control", "no-cache, no-store, must-revalidate");
         filterChain.doFilter(servletRequest, servletResponse);
 
     }

diff --git a/...2.ei.dashboard.core/src/main/java/org/wso2/ei/dashboard/core/commons/utils/HttpUtils.java b/...2.ei.dashboard.core/src/main/java/org/wso2/ei/dashboard/core/commons/utils/HttpUtils.java
@@ -319,7 +319,8 @@ public static void setHeaders(Response.ResponseBuilder responseBuilder) {
                 .header("X-Content-Type-Options", "nosniff")
                 .header("Referrer-Policy", "same-origin")
                 .header("X-XSS-Protection", "1; mode=block")
-                .header("Strict-Transport-Security", "max-age=31536000; includeSubDomains; preload");
+                .header("Strict-Transport-Security", "max-age=31536000; includeSubDomains; preload")
+                .header("Cache-Control", "no-cache, no-store, must-revalidate");
     }
 
 }