This is an automated email from the ASF dual-hosted git repository.
sbp pushed a commit to branch sbp
in repository https://gitbox.apache.org/repos/asf/tooling-trusted-releases.git
The following commit(s) were added to refs/heads/sbp by this push:
new e32be309 Prevent pages from being cached by default
e32be309 is described below
commit e32be309af1a87bbf81fa859cc5f6bd7506cfb72
Author: Sean B. Palmer <[email protected]>
AuthorDate: Fri Apr 3 14:39:35 2026 +0100
Prevent pages from being cached by default
---
atr/server.py | 2 ++
1 file changed, 2 insertions(+)
diff --git a/atr/server.py b/atr/server.py
index 6ae970fa..72981880 100644
--- a/atr/server.py
+++ b/atr/server.py
@@ -562,6 +562,8 @@ def _app_setup_security_headers(app: base.QuartApp) -> None:
# TODO: We could automatically include a form field noting the form action
URL
@app.after_request
async def add_security_headers(response: quart.Response) -> quart.Response:
+ if response.headers.get("Cache-Control") is None:
+ response.headers["Cache-Control"] = "no-store"
response.headers["Content-Security-Policy"] = csp_header
response.headers["Permissions-Policy"] = permissions_policy
# audit_guidance we set Referrer-Policy: same-origin in our frontend
proxy
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
