-
Bug
-
Resolution: Fixed
-
Minor
looking at the code I think that the no-store option should be used in addition to the no-cache.
as navigating back or resubmitting the data will likely lead to an out of date captcha.
- links to
[JENKINS-43852] SecurityRealm captcha should use no-store as well as no cache in cache-control
Labels | New: security |
Labels | Original: security | New: newbie-friendly security |
Assignee | New: Wadeck Follonier [ wfollonier ] |
Status | Original: Open [ 1 ] | New: In Progress [ 3 ] |
Remote Link | New: This issue links to "#3126 (jenkins-core) (Web Link)" [ 17988 ] |
Status | Original: In Progress [ 3 ] | New: In Review [ 10005 ] |
Summary | Original: securityrealm captcha sould use no-store as well as no cache in cache-control | New: SecurityRealm captcha should use no-store as well as no cache in cache-control |
Resolution | New: Fixed [ 1 ] | |
Status | Original: In Review [ 10005 ] | New: Resolved [ 5 ] |
Code changed in jenkins
User: Wadeck Follonier
Path:
core/src/main/java/hudson/security/SecurityRealm.java
test/src/test/java/hudson/security/SecurityRealmTest.java
http://jenkins-ci.org/commit/jenkins/80d17f5a68739eafc27d5a3fd003b7eee4cfe8f3
Log:
JENKINS-43852add caching options for captcha (#3126)JENKINS-42852add caching options for captcha