我设置了一个过滤器bean来插入缓存控制标头。这工作正常,除了在过滤器之后的某个时刻,插入了额外的缓存控制标头。Spring Boot - Duplicate Headers
我正在使用Spring Boot。
关于可能导致此问题的任何想法?
public class CacheControlFilter extends GenericFilterBean {
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
Calendar expires = Calendar.getInstance();
expires.add(Calendar.HOUR, 24);
HttpServletResponse httpResponse = (HttpServletResponse) response;
// Returns false
System.out.println("==========> " + httpResponse.containsHeader("Cache-Control"));
httpResponse.addHeader("Cache-Control", "max-age=" + (expires.getTimeInMillis()/1000));
httpResponse.addDateHeader("Expires", expires.getTimeInMillis());
chain.doFilter(request, response);
}
}
看到重复的高速缓存控制标题:
HTTP/1.1 200 OK
...
Cache-Control: max-age=1411755690
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Fri, 26 Sep 2014 18:21:30 GMT
Expires: 0
Pragma: no-cache
Content-Type: image/png
...
不是禁用所有Spring Security的头,你可能希望缩小范围,这样你仍然可以得到其他的头,而插入你自己的缓存控制。有关更多详细信息,请阅读http://docs.spring.io/spring-security/site/docs/3.2.5/reference/htmlsingle/#default-security-headers。 – gregturn 2014-09-26 19:36:13
到春季文档的链接不再有效。我想这一个现在是好的:http://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/#default-security-headers – 2016-03-17 09:14:21
这个解决方案禁用Spring Security的所有头文件。 – 2017-12-20 13:35:31