tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From r...@apache.org
Subject cvs commit: jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator AuthenticatorBase.java
Date Wed, 27 Feb 2002 17:42:58 GMT
remm        02/02/27 09:42:58

  Modified:    catalina/src/share/org/apache/catalina/authenticator Tag:
                        tomcat_40_branch AuthenticatorBase.java
  Log:
  - Fix 6641.
  - Don't set the cache control headers if the connection is secure.
  
  Revision  Changes    Path
  No                   revision
  
  
  No                   revision
  
  
  1.23.2.5  +14 -11    jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java
  
  Index: AuthenticatorBase.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java,v
  retrieving revision 1.23.2.4
  retrieving revision 1.23.2.5
  diff -u -r1.23.2.4 -r1.23.2.5
  --- AuthenticatorBase.java	31 Jan 2002 17:47:45 -0000	1.23.2.4
  +++ AuthenticatorBase.java	27 Feb 2002 17:42:58 -0000	1.23.2.5
  @@ -1,10 +1,10 @@
   /*
  - * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java,v
1.23.2.4 2002/01/31 17:47:45 patrickl Exp $
  - * $Revision: 1.23.2.4 $
  - * $Date: 2002/01/31 17:47:45 $
  - * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java,v
1.23.2.4 2002/01/31 17:47:45 patrickl Exp $
  - * $Revision: 1.23.2.4 $
  - * $Date: 2002/01/31 17:47:45 $
  + * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java,v
1.23.2.5 2002/02/27 17:42:58 remm Exp $
  + * $Revision: 1.23.2.5 $
  + * $Date: 2002/02/27 17:42:58 $
  + * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java,v
1.23.2.5 2002/02/27 17:42:58 remm Exp $
  + * $Revision: 1.23.2.5 $
  + * $Date: 2002/02/27 17:42:58 $
    *
    * ====================================================================
    *
  @@ -124,7 +124,7 @@
    * requests.  Requests of any other type will simply be passed through.
    *
    * @author Craig R. McClanahan
  - * @version $Revision: 1.23.2.4 $ $Date: 2002/01/31 17:47:45 $
  + * @version $Revision: 1.23.2.5 $ $Date: 2002/02/27 17:42:58 $
    */
   
   
  @@ -480,10 +480,13 @@
   
           // Make sure that constrained resources are not cached by web proxies
           // or browsers as caching can provide a security hole
  -        HttpServletResponse sresponse = (HttpServletResponse)response.getResponse();
  -        sresponse.setHeader("Pragma", "No-cache");
  -        sresponse.setHeader("Cache-Control", "no-cache");
  -        sresponse.setDateHeader("Expires", 1);
  +        if (!(((HttpServletRequest) hrequest.getRequest()).isSecure())) {
  +            HttpServletResponse sresponse = 
  +                (HttpServletResponse) response.getResponse();
  +            sresponse.setHeader("Pragma", "No-cache");
  +            sresponse.setHeader("Cache-Control", "no-cache");
  +            sresponse.setDateHeader("Expires", 1);
  +        }
   
           // Enforce any user data constraint for this security constraint
           if (debug >= 1)
  
  
  

--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>


Mime
View raw message