diff options
author | Morten Tokle <mortent@yahooinc.com> | 2022-10-24 13:28:34 +0200 |
---|---|---|
committer | Morten Tokle <mortent@yahooinc.com> | 2022-10-24 13:28:34 +0200 |
commit | df9b6d7b976666526b2713911a353638ee87b2c9 (patch) | |
tree | 73a078c5750aad86171a9dc379ba3b07cf3d47d4 /jdisc-security-filters | |
parent | fa29e75a71b49fc3925349457bb43de03b6d60d8 (diff) |
Prevent browsers caching api responses
Diffstat (limited to 'jdisc-security-filters')
-rw-r--r-- | jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/misc/SecurityHeadersResponseFilter.java | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/misc/SecurityHeadersResponseFilter.java b/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/misc/SecurityHeadersResponseFilter.java index 520e22de136..0059fcf1d25 100644 --- a/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/misc/SecurityHeadersResponseFilter.java +++ b/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/misc/SecurityHeadersResponseFilter.java @@ -20,5 +20,6 @@ public class SecurityHeadersResponseFilter implements SecurityResponseFilter { response.setHeader("X-Content-Type-Options", "nosniff"); response.setHeader("X-Frame-Options", "DENY"); response.setHeader("Referrer-Policy", "strict-origin-when-cross-origin"); + response.setHeader("Vary", "*"); } } |