[
https://issues.apache.org/jira/browse/SLING-1776?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Justin Edelson updated SLING-1776:
----------------------------------
Fix Version/s: Servlets Get 2.0.10
Component/s: Servlets
(was: Authentication)
> Caching should be disabled for /system/sling/info.sessionInfo(.json)
> --------------------------------------------------------------------
>
> Key: SLING-1776
> URL: https://issues.apache.org/jira/browse/SLING-1776
> Project: Sling
> Issue Type: Bug
> Components: Servlets
> Environment: InternetExplorer
> Reporter: Clemens Wyss
> Assignee: Justin Edelson
> Fix For: Servlets Get 2.0.10
>
>
> IE seems to cache the /system/sling/info.sessionInfo.json page/result.
> If you perform an authentication in the browser and then gather the current
> session info through Sling.getSessionInfo the outdated info is returned
> instead.
> Solution:
> the following http header should be attached to the given url/resource:
> Cache-Control : private, no-store, no-cache, max-age=0, must-revalidate
> Additionally the Sling#getSessionInfor method in sling.js could make the URI
> unique by adding a time tag and hence preventing any browser from caching the
> result.
> ...
> var res=Sling.httpGet(Sling.baseurl+"/system/sling/info.sessionInfo."+new
> Date().getTime()+".json");
> ...
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
