Re: Apache Tomcat 10.1.42 Cache-Control header changed when added security-constraint with transport-guarantee CONFIDENTIAL

Mark Thomas Fri, 04 Jul 2025 00:41:59 -0700

On 04/07/2025 06:37, Rolandas Karosas | Edrana Baltic wrote:

Different value for securePagesWithPragma on the authenticator for the
two system being tested?



No. authenticator is not used at all.

Yes, it is. There are security constraints so there will be anauthenticator even if it is the NonLoginAuthenticator.


The authenticator is the only place I see Tomcat setting:

Cache-Control: private

Mark

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Re: Apache Tomcat 10.1.42 Cache-Control header changed when added security-constraint with transport-guarantee CONFIDENTIAL

Reply via email to