The application should return caching directives instructing browsers not to store local copies of any sensitive data.

Type atlassian
Reporter rkumar66
Modified 2018-02-08T06:17:46


{panel:bgColor=#e7f4fa} NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? [See the corresponding suggestion|]. {panel}

We want to control the server's caching directives from within individual scripts. We have identified following locations, where we can provide HTTP headers 'Cache-control: no-store' and 'Pragma: no-cache'. Please provide these response headers to the following identified locations and to all other pages where the sensitive contents must not be cached on the client.

/jira/includes/blank.html /jira/plugins/servlet/gadgets/dashboard-diagnostics /jira/plugins/servlet/gadgets/ifr /jira/plugins/servlet/gliffyapi/clientresource /jira/rest/plugins/1.0/notifications/kbiswas /jira/s/en_US-jqmja3/729/168/_/favicon.ico