This is an automated email from the ASF dual-hosted git repository.

vel pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git


The following commit(s) were added to refs/heads/master by this push:
     new 10c8555  RANGER-3171 : Ranger ui became broken after logout in Firefox.
10c8555 is described below

commit 10c8555055579b34f18088a26949eb1254c0e914
Author: Dhaval Rajpara <[email protected]>
AuthorDate: Fri Feb 19 01:52:38 2021 +0530

    RANGER-3171 : Ranger ui became broken after logout in Firefox.
    
    Signed-off-by: Velmurugan Periasamy <[email protected]>
---
 .../security/web/filter/RangerSecurityContextFormationFilter.java     | 1 +
 security-admin/src/main/webapp/login.jsp                              | 4 ++++
 2 files changed, 5 insertions(+)

diff --git 
a/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSecurityContextFormationFilter.java
 
b/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSecurityContextFormationFilter.java
index 6cc3a81..c508579 100644
--- 
a/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSecurityContextFormationFilter.java
+++ 
b/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSecurityContextFormationFilter.java
@@ -133,6 +133,7 @@ public class RangerSecurityContextFormationFilter extends 
GenericFilterBean {
                                context.setUserSession(userSession);
                        }
                        HttpServletResponse res = (HttpServletResponse)response;
+                       res.setHeader("Cache-Control", "no-cache, no-store, 
max-age=0, must-revalidate");
                        res.setHeader("X-Frame-Options", "DENY" );
                        res.setHeader("X-XSS-Protection", "1; mode=block");
                        res.setHeader("Strict-Transport-Security", 
"max-age=31536000; includeSubDomains");
diff --git a/security-admin/src/main/webapp/login.jsp 
b/security-admin/src/main/webapp/login.jsp
index e61278d..df234ef 100644
--- a/security-admin/src/main/webapp/login.jsp
+++ b/security-admin/src/main/webapp/login.jsp
@@ -57,6 +57,10 @@
             response.setHeader("X-XSS-Protection", "1; mode=block");
             response.setHeader("Content-Security-Policy", "default-src 'none'; 
script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 
'self'; style-src 'self' 'unsafe-inline';font-src 'self'");
             response.setHeader("Strict-Transport-Security", "max-age=31536000; 
includeSubDomains");
+            // Delete browser cache in firefox environment
+            response.setHeader("Cache-Control", "no-cache, no-store, 
max-age=0, must-revalidate"); // HTTP 1.1.
+            response.setHeader("Pragma", "no-cache");
+            response.setHeader("Expires", "0");
         %>
         <!-- Page content
         ================================================== -->

Reply via email to