Question

我试图通过Spring Security配置XML将ret,thresh5 = cv2.threshold(img_g,150,255,cv2.THRESH_TOZERO)响应头配置为自定义值。不幸的是，我似乎只能禁用来自XML配置as per the documentation的cache-control标头：

cache-control

似乎是这种情况，我试图创建一个自定义的WebSecurityConfigurerAdapter：

<http>
    <headers defaults-disable="true">
        <cache-control />
    </headers>
</http>

不幸的是，尽管该类实际上是最初调用的，但似乎配置实际上被XML覆盖，因为@EnableWebSecurity public class WebSecurityConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { System.out.println("******* SETTING CUSTOM CACHE-CONTROL...."); StaticHeadersWriter writer = new StaticHeadersWriter("Cache-Control", "2592000"); RequestMatcher resourcesMatcher = new AntPathRequestMatcher("/**/*"); HeaderWriter resourcesHeaderWriter = new DelegatingRequestMatcherHeaderWriter(resourcesMatcher, writer); http.headers().cacheControl().disable().addHeaderWriter(resourcesHeaderWriter); http.headers().disable(); } }响应头仍然显示为默认值：

关于如何使用XML文件本身指定类似内容的任何想法，最好能够匹配特定模式（例如* .js）？

谢谢！

Answer 1

我相信您想要的答案已经在此处的问题中得到了描述：

disable caching for specific url in spring security

通过执行以下操作：

<security:http>
[intercept-url, etc omitted...]
        <security:headers>
            <!-- selectively applied to dynamic pages only via pattern matching,  -->
            <security:header ref="noCacheHeaders"/>
        </security:headers>
    </security:http>    

<bean id="noCacheHeaders" class="org.springframework.security.web.header.writers.DelegatingRequestMatcherHeaderWriter">
        <constructor-arg>
            <bean class="org.springframework.security.web.util.matcher.AntPathRequestMatcher">
                <constructor-arg value="/index.html"/>
            </bean>
        </constructor-arg>
        <constructor-arg>
                <bean class="org.springframework.security.web.header.writers.CacheControlHeadersWriter"/>
        </constructor-arg>
    </bean>

为Spring Security的配置XML设置自定义缓存控制头？

1 个答案: