summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authoralecpl <alec@alec.pl>2009-11-23 19:25:43 +0000
committeralecpl <alec@alec.pl>2009-11-23 19:25:43 +0000
commit496da6a42081aaa9dd13ab9c84faf33223eb520b (patch)
tree2e46bcc48d6a5dfe695a48761e136491a1930129
parentc96c5a98af8b9374010ebb692c89f82d67faf72e (diff)
- Fix possible messages exposure when using Roundcube behind a proxy (#1486281)
-rw-r--r--CHANGELOG1
-rw-r--r--program/include/rcube_shared.inc2
2 files changed, 2 insertions, 1 deletions
diff --git a/CHANGELOG b/CHANGELOG
index 2457c3dc2..734a9c776 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,7 @@
CHANGELOG RoundCube Webmail
===========================
+- Fix possible messages exposure when using Roundcube behind a proxy (#1486281)
- Fix unicode para and line separators in javascript response (#1486310)
- additional_message_headers: allow unsetting headers, support plugin's config file (#1486268)
- Fix displaying of hidden directories in skins list (#1486301)
diff --git a/program/include/rcube_shared.inc b/program/include/rcube_shared.inc
index 4119f1287..2cf59af5f 100644
--- a/program/include/rcube_shared.inc
+++ b/program/include/rcube_shared.inc
@@ -93,7 +93,7 @@ function send_modified_header($mdate, $etag=null, $skip_check=false)
else
header("Last-Modified: ".gmdate("D, d M Y H:i:s", $mdate)." GMT");
- header("Cache-Control: max-age=0");
+ header("Cache-Control: private, must-revalidate, max-age=0");
header("Expires: ");
header("Pragma: ");