[NIFI-7961] Add option to disable caching for HTTP responses - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Open
Priority: Trivial
Resolution: Unresolved
Affects Version/s: 1.12.1
Fix Version/s: None
Component/s: Core Framework, Core UI
Labels:
- cache-control
- http
- jetty
- security

Description

Some users are requesting the Cache-Control: no-store HTTP response header to be enabled for security reasons [1]. As NiFi is a SPA, this could significantly impact performance and we suspect it has minimal security impact. Adding this response header would necessitate an admin-configurable setting to enable/disable the header with the default value false (continuing existing behavior).

[1] https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Andy LoPresto

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 28/Oct/20 16:26

Updated:: 28/Oct/20 16:30