You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by fm...@apache.org on 2010/10/12 11:05:40 UTC
svn commit: r1021690 -
/sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/spi/AbstractAuthenticationHandler.java
Author: fmeschbe
Date: Tue Oct 12 09:05:40 2010
New Revision: 1021690
URL: http://svn.apache.org/viewvc?rev=1021690&view=rev
Log:
SLING-1841 Send cache control headers to prevent caching the result
and set content type to prevent Firefox from trying to parse the result
if requesting with an XHR request
Modified:
sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/spi/AbstractAuthenticationHandler.java
Modified: sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/spi/AbstractAuthenticationHandler.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/spi/AbstractAuthenticationHandler.java?rev=1021690&r1=1021689&r2=1021690&view=diff
==============================================================================
--- sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/spi/AbstractAuthenticationHandler.java (original)
+++ sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/spi/AbstractAuthenticationHandler.java Tue Oct 12 09:05:40 2010
@@ -284,6 +284,19 @@ public abstract class AbstractAuthentica
public static void sendValid(final HttpServletResponse response) {
try {
response.setStatus(HttpServletResponse.SC_OK);
+
+ // expressely tell we have no content but set content type
+ // to prevent firefox from trying to parse the response
+ // (SLING-1841)
+ response.setContentType("text/plain");
+ response.setContentLength(0);
+
+ // prevent the client from aggressively caching the response
+ // (SLING-1841)
+ response.setHeader("Pragma", "no-cache");
+ response.setHeader("Cache-Control", "no-cache");
+ response.addHeader("Cache-Control", "no-store");
+
response.flushBuffer();
} catch (IOException ioe) {
// TODO: log.error("Failed to send 200/OK response", ioe);