Java + Spring Boot:我正在尝试将 CacheControl 标头添加到 ResponseEntity
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/38131725/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Java + Spring Boot: I am trying to add CacheControl header to ResponseEntity
提问by user3742622
I am not so good in Java + Spring, but I'd like to add Cache-Controlheader to my ResponseEntity.
我不太擅长 Java + Spring,但我想Cache-Control在我的ResponseEntity.
@RequestMapping(value = "/data/{id}", method = GET")
public ResponseEntity<String> getData(@PathVariable("id") String id) {
try {
...
HttpHeaders headers = new HttpHeaders();
headers.setCacheControl("max-age=600");
return new ResponseEntity<String>(body, headers, HttpStatus.OK);
}
}
I added two lines of code for HttpHeadersand now I get two Cache-Controlheaders in my response:
我添加了两行代码HttpHeaders,现在Cache-Control我的响应中有两个标题:
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Cache-Control: max-age=600
Content-Type: application/json;charset=UTF-8
Content-Length: 18223
Date: Wed, 29 Jun 2016 21:56:57 GMT
What did I do wrong? Could somebody give me a helping hand.
我做错了什么?有人可以帮帮我吗。
回答by Ali Dehghani
TL;DR
TL; 博士
Just add the following to your application.properties:
只需将以下内容添加到您的application.properties:
security.headers.cache=false
More Details
更多细节
As Spring Security documentationstates:
正如Spring Security 文档所述:
Spring Security allows users to easily inject the default security headers to assist in protecting their application. The default for Spring Security is to include the following headers:
Spring Security 允许用户轻松注入默认安全标头以帮助保护他们的应用程序。Spring Security 的默认值是包含以下标头:
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
now I get 2 CacheControl headers in my response
现在我的响应中有 2 个 CacheControl 标头
One of them is provided by Spring Security. If you don't like them, you can disable the default Cache-Controlheaders in your WebSecurityConfigurerAdapter:
其中之一是由 Spring Security 提供的。如果你不喜欢它们,你可以禁用你的默认Cache-Control标题WebSecurityConfigurerAdapter:
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
// Other configurations
@Override
protected void configure(HttpSecurity http) throws Exception {
http
// Other configurations
.headers()
.cacheControl().disable();
}
}
Since you're using Spring Boot, you can achieve the same using the security.headers.*properties. In order to disable that default Cache-Controlheader, just add the following to your application.properties:
由于您使用的是 Spring Boot,因此您可以使用这些security.headers.*属性实现相同的效果。为了禁用该默认Cache-Control标头,只需将以下内容添加到您的application.properties:
security.headers.cache=false
Also, more idiomatic way of adding Cache-Controlheaders is to use the new cacheControlbuilder:
此外,更惯用的添加Cache-Control标题的方法是使用新的cacheControl构建器:
ResponseEntity.ok()
.cacheControl(CacheControl.maxAge(600, TimeUnit.SECONDS))
.body(body);
