From 6f6e25d25811fa3833d86b14384f089eb2ab2424 Mon Sep 17 00:00:00 2001
From: fredbi <frederic@oneconcern.com>
Date: Mon, 9 Sep 2019 13:52:00 +0200
Subject: [PATCH] [KEYCLOAK-9452] redirections should instruct browser to
 disable caching (#451)

* [KEYCLOAK-9452] Added cache-control header to redirections
- Fix a typo in Cache-Control headers
Signed-off-by: Frederic BIDON <frederic@oneconcern.com>
---
 misc.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/misc.go b/misc.go
index 3f3f369..b7a029b 100644
--- a/misc.go
+++ b/misc.go
@@ -84,6 +84,7 @@ func (r *oauthProxy) accessForbidden(w http.ResponseWriter, req *http.Request) c
 
 // redirectToURL redirects the user and aborts the context
 func (r *oauthProxy) redirectToURL(url string, w http.ResponseWriter, req *http.Request, statusCode int) context.Context {
+	w.Header().Add("Cache-Control", "no-cache, no-store, must-revalidate, max-age=0")
 	http.Redirect(w, req, url, statusCode)
 
 	return r.revokeProxy(w, req)
-- 
GitLab