我们在tomcat中部署了一个spring boot应用程序。我们希望tomcat将http请求重定向到https。但我们希望禁用tomcat默认情况下将“Cache-Control:private”添加到所有响应头。
对于其他API请求,我们希望弹出启动添加默认缓存标头。
Cache-Control:no-cache, no-store, max-age=0, must-revalidate
Pragma:no-cache
Expires:0
但是来自tomcat它是
Cache-Control:private
Cache-Control:private
Expires:Wed, 31 Dec 1969 19:00:00 EST
Expires:Wed, 31 Dec 1969 19:00:00 EST
似乎'Expires'标题会给出相同的无缓存效果。但是想知道是否有办法阻止tomcat添加缓存头。对于静态文件,标题也是'private,max-age = 2592000,public'而不是'max-age = 2592000,public'。下面是我的tomcat配置和代码,用于为静态文件添加自定义缓存头。
server.xml中
...
<Connector port="80" protocol="HTTP/1.1" connectionTimeout="20000"
redirectPort="443"/>
....
<Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" secure="true" scheme="https" compression="on"
sslProtocol="TLSv1.2" sslEnabledProtocols="TLSv1.2" sslCipherSuite="SHA1/SHA2"
acceptCount="100" clientAuth="false" disableUploadTimeout="true"
keystoreFile="mycertificate" keystorePass="mypassword" server="Server">
的web.xml
...
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Context</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
...
自定义缓存
@Configuration
public class LocaleConfiguration extends WebMvcConfigurerAdapter{
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
registry
.addResourceHandler("/content/**")
.addResourceLocations("/content/")
.setCacheControl(CacheControl.maxAge(30, TimeUnit.DAYS).cachePublic());
}
}