[ranger] branch ranger-2.2 updated: RANGER-3171 : Ranger ui became broken after logout in Firefox.

Wed, 24 Feb 2021 08:13:59 -0800 

This is an automated email from the ASF dual-hosted git repository.

vel pushed a commit to branch ranger-2.2
in repository https://gitbox.apache.org/repos/asf/ranger.git


The following commit(s) were added to refs/heads/ranger-2.2 by this push:
     new ede5686  RANGER-3171 : Ranger ui became broken after logout in Firefox.
ede5686 is described below

commit ede568667973c96b1be5dcba8117c18725a98f58
Author: Dhaval Rajpara <dhavalrajpara1...@gmail.com>
AuthorDate: Fri Feb 19 01:52:38 2021 +0530

    RANGER-3171 : Ranger ui became broken after logout in Firefox.
    
    Signed-off-by: Velmurugan Periasamy <v...@apache.org>
---
 .../security/web/filter/RangerSecurityContextFormationFilter.java     | 1 +
 security-admin/src/main/webapp/login.jsp                              | 4 ++++
 2 files changed, 5 insertions(+)

diff --git 
a/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSecurityContextFormationFilter.java
 
b/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSecurityContextFormationFilter.java
index 6cc3a81..c508579 100644
--- 
a/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSecurityContextFormationFilter.java
+++ 
b/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSecurityContextFormationFilter.java
@@ -133,6 +133,7 @@ public class RangerSecurityContextFormationFilter extends 
GenericFilterBean {
                                context.setUserSession(userSession);
                        }
                        HttpServletResponse res = (HttpServletResponse)response;
+                       res.setHeader("Cache-Control", "no-cache, no-store, 
max-age=0, must-revalidate");
                        res.setHeader("X-Frame-Options", "DENY" );
                        res.setHeader("X-XSS-Protection", "1; mode=block");
                        res.setHeader("Strict-Transport-Security", 
"max-age=31536000; includeSubDomains");
diff --git a/security-admin/src/main/webapp/login.jsp 
b/security-admin/src/main/webapp/login.jsp
index e61278d..df234ef 100644
--- a/security-admin/src/main/webapp/login.jsp
+++ b/security-admin/src/main/webapp/login.jsp
@@ -57,6 +57,10 @@
             response.setHeader("X-XSS-Protection", "1; mode=block");
             response.setHeader("Content-Security-Policy", "default-src 'none'; 
script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 
'self'; style-src 'self' 'unsafe-inline';font-src 'self'");
             response.setHeader("Strict-Transport-Security", "max-age=31536000; 
includeSubDomains");
+            // Delete browser cache in firefox environment
+            response.setHeader("Cache-Control", "no-cache, no-store, 
max-age=0, must-revalidate"); // HTTP 1.1.
+            response.setHeader("Pragma", "no-cache");
+            response.setHeader("Expires", "0");
         %>
         <!-- Page content
         ================================================== -->

Reply via email to