You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bi...@apache.org on 2002/11/15 06:29:35 UTC
cvs commit: jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator AuthenticatorBase.java
billbarker 2002/11/14 21:29:35
Modified: catalina/src/share/org/apache/catalina/authenticator
AuthenticatorBase.java
Log:
Porting option to disable not allowing Proxies to cache content from the 5.0 branch.
Revision Changes Path
1.34 +28 -5 jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java
Index: AuthenticatorBase.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java,v
retrieving revision 1.33
retrieving revision 1.34
diff -u -r1.33 -r1.34
--- AuthenticatorBase.java 15 Aug 2002 17:42:57 -0000 1.33
+++ AuthenticatorBase.java 15 Nov 2002 05:29:35 -0000 1.34
@@ -194,6 +194,11 @@
protected static final String info =
"org.apache.catalina.authenticator.AuthenticatorBase/1.0";
+ /**
+ * Flag to determine if we disable proxy caching, or leave the issue
+ * up to the webapp developer.
+ */
+ protected boolean noProxyCaching = true;
/**
* The lifecycle event support for this component.
@@ -388,6 +393,23 @@
}
+ /**
+ * Return the flag that states if we add headers to disable caching by
+ * proxies.
+ */
+ public boolean getNoProxyCaching() {
+ return noProxyCaching;
+ }
+
+ /**
+ * Set the value of the flag that states if we add headers to disable
+ * caching by proxies.
+ * @param nocache <code>true</code> if we add headers to disable proxy
+ * caching, <code>false</code> if we leave the headers alone.
+ */
+ public void setNoProxyCaching(boolean nocache) {
+ noProxyCaching = nocache;
+ }
// --------------------------------------------------------- Public Methods
@@ -476,7 +498,8 @@
// Make sure that constrained resources are not cached by web proxies
// or browsers as caching can provide a security hole
- if (!(((HttpServletRequest) hrequest.getRequest()).isSecure())) {
+ if (noProxyCaching &&
+ !(((HttpServletRequest) hrequest.getRequest()).isSecure())) {
HttpServletResponse sresponse =
(HttpServletResponse) response.getResponse();
sresponse.setHeader("Pragma", "No-cache");
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>