Caching should be disbaled for /system/sling/info.sessionInfo
-------------------------------------------------------------
Key: SLING-1776
URL: https://issues.apache.org/jira/browse/SLING-1776
Project: Sling
Issue Type: Bug
Components: Authentication
Environment: InternetExplorer
Reporter: Clemens Wyss
IE seems to cache the /system/sling/info.sessionInfo.json page/result.
If you perform an authentication in the browser and then gather the current
session info through Sling.getSessionInfo the outdated info is returned
instead.
Solution:
the following http header should be attached to the given url/resource:
Cache-Control : private, no-store, no-cache, max-age=0, must-revalidate
Additionally the Sling#getSessionInfor method in sling.js could make the URI
unique by adding a time tag and hence preventing any browser from caching the
result.
...
var res=Sling.httpGet(Sling.baseurl+"/system/sling/info.sessionInfo."+new
Date().getTime()+".json");
...
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
