[gatein-issues] [JBoss JIRA] (GTNPORTAL-3560) Cache-control on the UI encodes too much

[RH Bugzilla Integration (JIRA)]

    [ https://issues.jboss.org/browse/GTNPORTAL-3560?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13051280#comment-13051280 ] 

RH Bugzilla Integration commented on GTNPORTAL-3560:
----------------------------------------------------

vramik at redhat.com changed the Status of [bug 1165102|https://bugzilla.redhat.com/show_bug.cgi?id=1165102] from ON_QA to VERIFIED

> Cache-control on the UI encodes too much
> ----------------------------------------
>
>                 Key: GTNPORTAL-3560
>                 URL: https://issues.jboss.org/browse/GTNPORTAL-3560
>             Project: GateIn Portal
>          Issue Type: Feature Request
>            Reporter: Juraci Paixão Kröhling
>            Assignee: Juraci Paixão Kröhling
>             Fix For: 3.9.0.Final, 3.8.9.Alpha02
>
>
> The cache-control directive, when specified on the UI, gets too much encoding when being set as a header. This means that it's not useful at the current state when more than one parameter for the cache-control is set:
> For instance, the string "no-cache, max-age=0, must-revalidate, no-store" becomes this header:
> {code}Cache-Control:no-cache%2C+max-age%3D0%2C+must-revalidate%2C+no-store{code}
> The input should be sanitized only for new lines, to avoid a "HTTP Response Splitting" attack. 



--
This message was sent by Atlassian JIRA
(v6.3.11#6341)