From 40033716d753ef40cf6c47b55642366f5010a924 Mon Sep 17 00:00:00 2001 From: Jan Danielzick Date: Mon, 2 Mar 2020 14:09:17 +0100 Subject: [PATCH] added variable to request clients to not cache the files --- variable_grabbler.pass2.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/variable_grabbler.pass2.json b/variable_grabbler.pass2.json index e732ae4..9aad220 100644 --- a/variable_grabbler.pass2.json +++ b/variable_grabbler.pass2.json @@ -1,4 +1,5 @@ { "CONTENT_DIR":"/common/threadr", -"NO_CHEAP_SESSION_STEALING":"if (isset($_SESSION['user_id'])) {if ($_SESSION['user_ip']!=$_SERVER['REMOTE_ADDR'] || $_SESSION['user_http_user_agent']!=$_SERVER['HTTP_USER_AGENT']){ $_SESSION = array(); if (ini_get(\"session.use_cookies\")){ $params = session_get_cookie_params(); setcookie(session_name(), '', time() - 42000, $params[\"path\"], $params[\"domain\"], $params[\"secure\"], $params[\"httponly\"]); } session_destroy(); header(\"Location: https://lostcave.ddnss.de/common/threadr/login/?error=session\"); die();}}" +"NO_CHEAP_SESSION_STEALING":"if (isset($_SESSION['user_id'])) {if ($_SESSION['user_ip']!=$_SERVER['REMOTE_ADDR'] || $_SESSION['user_http_user_agent']!=$_SERVER['HTTP_USER_AGENT']){ $_SESSION = array(); if (ini_get(\"session.use_cookies\")){ $params = session_get_cookie_params(); setcookie(session_name(), '', time() - 42000, $params[\"path\"], $params[\"domain\"], $params[\"secure\"], $params[\"httponly\"]); } session_destroy(); header(\"Location: https://lostcave.ddnss.de/common/threadr/login/?error=session\"); die();}}", +"PLEAZE_NO_CACHE":"header('Cache-Control: no-cache, no-store, must-revalidate');header('Pragma: no-cache');header('Expires: 0');" }