From e4fa12bd8c6d4d4bb898102077086640d07c45c8 Mon Sep 17 00:00:00 2001
From: jomu <jomu@711a9084-f618-47a6-a783-754c49204487>
Date: Thu, 7 Feb 2013 01:02:26 +0000
Subject: [PATCH] disabled cache by http header Pragma and Cache-control

---
 .../de/muehlencord/shared/jeeutil/OwaspStandardFilter.java | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/jeeutil/src/main/java/de/muehlencord/shared/jeeutil/OwaspStandardFilter.java b/jeeutil/src/main/java/de/muehlencord/shared/jeeutil/OwaspStandardFilter.java
index ff3d46b..6e7f699 100644
--- a/jeeutil/src/main/java/de/muehlencord/shared/jeeutil/OwaspStandardFilter.java
+++ b/jeeutil/src/main/java/de/muehlencord/shared/jeeutil/OwaspStandardFilter.java
@@ -51,6 +51,13 @@ public class OwaspStandardFilter implements Filter {
         // The only defined value, "nosniff", prevents Internet Explorer from MIME-sniffing a response away from the declared content-type. 
         // This also applies to Google Chrome, when downloading extensions.
         res.addHeader("X-Content-Type-Options", "nosniff");
+        
+        // disableing caching by Pragma setting
+        res.addHeader("Pragma", "no-cache");
+        
+        // disabling caching by Cache-control settings
+        res.addHeader("Cache-control", "no-cache, no-store, must-revalidate, private"); 
+        
         chain.doFilter(request, response);
     }