Provide HTTP headers for the content that absolutely must not be cached on the client

XMLWordPrintable

    • Type: Suggestion
    • Resolution: Won't Fix
    • Component/s: None
    • Environment:

      NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion.

      We have to provide the following HTTP headers in all responses containing sensitive content:
      Cache-control: no-store
      Pragma: no-cache

      We have identified some files at the following path, where we need to provide above headers. We are not able to identify the jsp pages or servlet, so that we can provide these headers. Can you please suggest us the exact locations of the pages? If they are servlets, these headers should be provided there.

      /jira/plugins/servlet/gadgets/dashboard-diagnostics
      /jira/plugins/servlet/gadgets/ifr
      /jira/plugins/servlet/gliffyapi/clientresource
      /jira/rest/plugins/1.0/notifications/kbiswas
      /jira/s/en_US-jqmja3/729/168/_/favicon.ico

              Assignee:
              Unassigned
              Reporter:
              Reetesh Kumar
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: