Uploaded image for project: 'Apache Airflow'
  1. Apache Airflow
  2. AIRFLOW-4178

[security] cache-control header is not present

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: security, ui
    • Labels:
      None

      Description

      The cache-control header is not present to specify that the response should not be cached.

      If UIs may contain other sensitive information, set the cache to prevent inadvertent page caching:

      • Cache-control header (HTTP 1.1) set to "no-cache, no-store"
      • Pragma header (HTTP 1.0) set to "no-cache"
      • Expires header served pre-expired (i.e. backdated one year)

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              toopt4 t oo
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: