We have to provide the following HTTP headers in all responses containing sensitive content: Cache-control: no-store Pragma: no-cache
We have identified some files at the following path, where we need to provide above headers. We are not able to identify the jsp pages or servlet, so that we can provide these headers. Can you please suggest us the exact locations of the pages? If they are servlets, these headers should be provided there.
/jira/plugins/servlet/gadgets/dashboard-diagnostics /jira/plugins/servlet/gadgets/ifr /jira/plugins/servlet/gliffyapi/clientresource /jira/rest/plugins/1.0/notifications/kbiswas /jira/s/en_US-jqmja3/729/168/_/favicon.ico