[jira] [Commented] (AMQ-9545) Setting Cache-Control policy on web console.

Ken Liao (Jira) Wed, 07 Aug 2024 11:55:38 -0700


    [ 
https://issues.apache.org/jira/browse/AMQ-9545?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17871764#comment-17871764
 ]


Ken Liao commented on AMQ-9545:
-------------------------------

https://github.com/apache/activemq/pull/1238

> Setting Cache-Control policy on web console.
> --------------------------------------------
>
>                 Key: AMQ-9545
>                 URL: https://issues.apache.org/jira/browse/AMQ-9545
>             Project: ActiveMQ Classic
>          Issue Type: Improvement
>          Components: Web Console
>            Reporter: Ken Liao
>            Priority: Minor
>             Fix For: 6.2.0
>
>
> Unspecified Cache-Control HTTP header is vulnerable. Set it to no-store to 
> avoid caching sensitive data for stronger security. It should be the default 
> unless users override it.
> Reference: [https://www.virtuesecurity.com/kb/cache-controls-explained/]



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
For further information, visit: https://activemq.apache.org/contact

[jira] [Commented] (AMQ-9545) Setting Cache-Control policy on web console.

Reply via email to