https://issues.shibboleth.net/jira/browse/SSPCPP-187

diff --git a/saml/saml1/binding/impl/SAML1POSTEncoder.cpp b/saml/saml1/binding/impl/SAML1POSTEncoder.cpp
index b147dc1..d362a3d 100644 (file)
--- a/saml/saml1/binding/impl/SAML1POSTEncoder.cpp
+++ b/saml/saml1/binding/impl/SAML1POSTEncoder.cpp
@@ -29,6 +29,7 @@
 #include <fstream>
 #include <sstream>
 #include <xercesc/util/Base64.hpp>
+#include <xmltooling/io/HTTPResponse.h>
 #include <xmltooling/logging.h>
 #include <xmltooling/util/NDC.h>
 #include <xmltooling/util/PathResolver.h>
@@ -180,6 +181,12 @@ long SAML1POSTEncoder::encode(
     stringstream s;
     engine->run(infile, s, pmap);
     genericResponse.setContentType("text/html");
+    HTTPResponse* httpResponse = dynamic_cast<HTTPResponse*>(&genericResponse);
+    if (httpResponse) {
+        httpResponse->setResponseHeader("Expires", "01-Jan-1997 12:00:00 GMT");
+        httpResponse->setResponseHeader("Cache-Control", "no-cache, no-store, must-revalidate, private");
+        httpResponse->setResponseHeader("Pragma", "no-cache");
+    }
     long ret = genericResponse.sendResponse(s);
 
     // Cleanup by destroying XML.

diff --git a/saml/saml1/binding/impl/SAML1SOAPEncoder.cpp b/saml/saml1/binding/impl/SAML1SOAPEncoder.cpp
index f20e49d..a036dd3 100644 (file)
--- a/saml/saml1/binding/impl/SAML1SOAPEncoder.cpp
+++ b/saml/saml1/binding/impl/SAML1SOAPEncoder.cpp
@@ -97,6 +97,7 @@ long SAML1SOAPEncoder::encode(
     genericResponse.setContentType("text/xml");
     HTTPResponse* httpResponse = dynamic_cast<HTTPResponse*>(&genericResponse);
     if (httpResponse) {
+        httpResponse->setResponseHeader("Expires", "01-Jan-1997 12:00:00 GMT");
         httpResponse->setResponseHeader("Cache-Control", "no-cache, no-store, must-revalidate, private");
         httpResponse->setResponseHeader("Pragma", "no-cache");
     }

diff --git a/saml/saml2/binding/impl/SAML2ArtifactEncoder.cpp b/saml/saml2/binding/impl/SAML2ArtifactEncoder.cpp
index a4dd248..ea879a0 100644 (file)
--- a/saml/saml2/binding/impl/SAML2ArtifactEncoder.cpp
+++ b/saml/saml2/binding/impl/SAML2ArtifactEncoder.cpp
@@ -201,6 +201,9 @@ long SAML2ArtifactEncoder::encode(
         stringstream s;
         engine->run(infile, s, params);
         httpResponse->setContentType("text/html");
+        httpResponse->setResponseHeader("Expires", "01-Jan-1997 12:00:00 GMT");
+        httpResponse->setResponseHeader("Cache-Control", "no-cache, no-store, must-revalidate, private");
+        httpResponse->setResponseHeader("Pragma", "no-cache");
         return httpResponse->sendResponse(s);
     }
 }

diff --git a/saml/saml2/binding/impl/SAML2ECPEncoder.cpp b/saml/saml2/binding/impl/SAML2ECPEncoder.cpp
index c74e0cc..90ea516 100644 (file)
--- a/saml/saml2/binding/impl/SAML2ECPEncoder.cpp
+++ b/saml/saml2/binding/impl/SAML2ECPEncoder.cpp
@@ -127,6 +127,7 @@ long SAML2ECPEncoder::encode(
     genericResponse.setContentType(request ? "application/vnd.paos+xml" : "text/xml");
     HTTPResponse* httpResponse = dynamic_cast<HTTPResponse*>(&genericResponse);
     if (httpResponse) {
+        httpResponse->setResponseHeader("Expires", "01-Jan-1997 12:00:00 GMT");
         httpResponse->setResponseHeader("Cache-Control", "no-cache, no-store, must-revalidate, private");
         httpResponse->setResponseHeader("Pragma", "no-cache");
     }

diff --git a/saml/saml2/binding/impl/SAML2POSTEncoder.cpp b/saml/saml2/binding/impl/SAML2POSTEncoder.cpp
index 146621c..6fc4bc6 100644 (file)
--- a/saml/saml2/binding/impl/SAML2POSTEncoder.cpp
+++ b/saml/saml2/binding/impl/SAML2POSTEncoder.cpp
@@ -29,6 +29,7 @@
 #include <fstream>
 #include <sstream>
 #include <xercesc/util/Base64.hpp>
+#include <xmltooling/io/HTTPResponse.h>
 #include <xmltooling/logging.h>
 #include <xmltooling/util/NDC.h>
 #include <xmltooling/util/PathResolver.h>
@@ -221,6 +222,12 @@ long SAML2POSTEncoder::encode(
     stringstream s;
     engine->run(infile, s, pmap);
     genericResponse.setContentType("text/html");
+    HTTPResponse* httpResponse = dynamic_cast<HTTPResponse*>(&genericResponse);
+    if (httpResponse) {
+        httpResponse->setResponseHeader("Expires", "01-Jan-1997 12:00:00 GMT");
+        httpResponse->setResponseHeader("Cache-Control", "no-cache, no-store, must-revalidate, private");
+        httpResponse->setResponseHeader("Pragma", "no-cache");
+    }
     long ret = genericResponse.sendResponse(s);
 
     // Cleanup by destroying XML.

diff --git a/saml/saml2/binding/impl/SAML2SOAPEncoder.cpp b/saml/saml2/binding/impl/SAML2SOAPEncoder.cpp
index 3efb12b..a4aa894 100644 (file)
--- a/saml/saml2/binding/impl/SAML2SOAPEncoder.cpp
+++ b/saml/saml2/binding/impl/SAML2SOAPEncoder.cpp
@@ -97,6 +97,7 @@ long SAML2SOAPEncoder::encode(
     genericResponse.setContentType("text/xml");
     HTTPResponse* httpResponse = dynamic_cast<HTTPResponse*>(&genericResponse);
     if (httpResponse) {
+        httpResponse->setResponseHeader("Expires", "01-Jan-1997 12:00:00 GMT");
         httpResponse->setResponseHeader("Cache-Control", "no-cache, no-store, must-revalidate, private");
         httpResponse->setResponseHeader("Pragma", "no-cache");
     }