RANGER-3171 : Ranger ui became broken after logout in Firefox.
Signed-off-by: Velmurugan Periasamy <vel@apache.org>
diff --git a/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSecurityContextFormationFilter.java b/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSecurityContextFormationFilter.java
index 6cc3a81..c508579 100644
--- a/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSecurityContextFormationFilter.java
+++ b/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSecurityContextFormationFilter.java
@@ -133,6 +133,7 @@ public void doFilter(ServletRequest request, ServletResponse response,
context.setUserSession(userSession);
}
HttpServletResponse res = (HttpServletResponse)response;
+ res.setHeader("Cache-Control", "no-cache, no-store, max-age=0, must-revalidate");
res.setHeader("X-Frame-Options", "DENY" );
res.setHeader("X-XSS-Protection", "1; mode=block");
res.setHeader("Strict-Transport-Security", "max-age=31536000; includeSubDomains");
diff --git a/security-admin/src/main/webapp/login.jsp b/security-admin/src/main/webapp/login.jsp
index e61278d..df234ef 100644
--- a/security-admin/src/main/webapp/login.jsp
+++ b/security-admin/src/main/webapp/login.jsp
@@ -57,6 +57,10 @@
response.setHeader("X-XSS-Protection", "1; mode=block");
response.setHeader("Content-Security-Policy", "default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline';font-src 'self'");
response.setHeader("Strict-Transport-Security", "max-age=31536000; includeSubDomains");
+ // Delete browser cache in firefox environment
+ response.setHeader("Cache-Control", "no-cache, no-store, max-age=0, must-revalidate"); // HTTP 1.1.
+ response.setHeader("Pragma", "no-cache");
+ response.setHeader("Expires", "0");
%>
<!-- Page content
================================================== -->
