This is an automated email from the ASF dual-hosted git repository.
sbp pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tooling-trusted-releases.git
The following commit(s) were added to refs/heads/main by this push:
new b4a8b06c Adding Cache-Control params; fixes #788
b4a8b06c is described below
commit b4a8b06c1292ee2ebff00b7d68182a30729987be
Author: Andrew Musselman <[email protected]>
AuthorDate: Tue Mar 3 07:54:49 2026 -0800
Adding Cache-Control params; fixes #788
---
atr/post/tokens.py | 4 +++-
atr/web.py | 1 +
2 files changed, 4 insertions(+), 1 deletion(-)
diff --git a/atr/post/tokens.py b/atr/post/tokens.py
index 157b8023..3f8abd08 100644
--- a/atr/post/tokens.py
+++ b/atr/post/tokens.py
@@ -42,7 +42,9 @@ async def jwt_post(session: web.Committer, _tokens_jwt:
Literal["tokens/jwt"], _
URL: /tokens/jwt
"""
jwt_token = jwtoken.issue(session.uid)
- return web.TextResponse(jwt_token)
+ response = web.TextResponse(jwt_token)
+ response.headers["Cache-Control"] = "no-store"
+ return response
@post.typed
diff --git a/atr/web.py b/atr/web.py
index d5499972..47bdd842 100644
--- a/atr/web.py
+++ b/atr/web.py
@@ -271,6 +271,7 @@ class RouteFunction(Protocol[R]):
class ShellResponse(quart.Response):
+ # audit_guidance this is an intentional use of x-shellscript without
Content-Disposition
def __init__(self, text: str, status: int = 200) -> None:
super().__init__(text, status=status, mimetype="text/x-shellscript")
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
