AnsweredAssumed Answered

Caching within /Share/Page Form

Question asked by whitegeek on Aug 31, 2017

A system has undergone a vulnerability scan indicating that the login page has "Cache Control" enabled.  The scan results suggested that the form caching be set to 'Pragma:no-Cache" along with 'Cache-Control:no-Store,no_Cache' to prevent caching of content within the form.  I've tracked through the Alfresco Share Login process found on another site but to no avail.      Can't seem to find where the Cache-Control is being set.  I have used both grep and find to search to no avail. 

 

Number of forms in the page cache = 1

<form autocomplete=off   class=form-fields   action=/share/page/dologin   method=post

accept-charset=UTF-8    id=page_x002e_components_x002e_slingshot-login_x0023_default-form    >

<input type=hidden   value=/share/page/   name=success id=page_x002e_components_x002e_slingshot-login_x0023_default-success      >

<input type=hidden   value=/share/page/?&error=true   name=failure    >

<input type=text   maxlength=255   autocomplete=off   name=username id=page_x002e_components_x002e_slingshot-login_x0023_default-username      >

<input type=password   maxlength=255   autocomplete=off   name=password id=page_x002e_components_x002e_slingshot-login_x0023_default-password      >

<input type=button   tabindex=0

id=page_x002e_components_x002e_slingshot-login_x0023_default-submit-button      >

/form>

Can't seem to find the file where the cache is being set.  

Outcomes