TPac: Disable caching for auth-required pages

author Thomas Berezansky <tsbere@mvlc.org>

Thu, 14 Jun 2012 17:41:33 +0000 (13:41 -0400)

committer Dan Scott <dscott@laurentian.ca>

Thu, 12 Jul 2012 15:27:53 +0000 (11:27 -0400)
author Thomas Berezansky <tsbere@mvlc.org>
Thu, 14 Jun 2012 17:41:33 +0000 (13:41 -0400)
committer Dan Scott <dscott@laurentian.ca>
Thu, 12 Jul 2012 15:27:53 +0000 (11:27 -0400)
diff --git a/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader.pm b/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader.pm

index 7791cf8..06dee68 100644 (file)
--- a/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader.pm
+++ b/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader.pm
@@ -159,6 +159,10 @@ sub load {
      # ----------------------------------------------------------------
      return $self->redirect_auth unless $self->editor->requestor;
  
+    # Don't cache anything requiring auth for security reasons
+    $self->apache->headers_out->add("cache-control" => "no-store, no-cache, must-revalidate");
+    $self->apache->headers_out->add("expires" => "-1");
+
      return $self->load_email_record if $path =~ m|opac/record/email|;
  
      return $self->load_place_hold if $path =~ m|opac/place_hold|;
author	Thomas Berezansky <tsbere@mvlc.org>
	Thu, 14 Jun 2012 17:41:33 +0000 (13:41 -0400)
committer	Dan Scott <dscott@laurentian.ca>
	Thu, 12 Jul 2012 15:27:53 +0000 (11:27 -0400)