diff --git a/http-service/src/main/java/net/runelite/http/service/RestSecurityConfiguration.java b/http-service/src/main/java/net/runelite/http/service/RestSecurityConfiguration.java deleted file mode 100644 index 28616693f9..0000000000 --- a/http-service/src/main/java/net/runelite/http/service/RestSecurityConfiguration.java +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright (c) 2017, Adam - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR - * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND - * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS - * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -package net.runelite.http.service; - -import org.springframework.context.annotation.Configuration; -import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; - -@Configuration -public class RestSecurityConfiguration extends WebSecurityConfigurerAdapter -{ - @Override - protected void configure(HttpSecurity http) throws Exception - { - http.csrf().disable(); - } -} diff --git a/http-service/src/main/java/net/runelite/http/service/cache/CacheSecurity.java b/http-service/src/main/java/net/runelite/http/service/cache/CacheSecurity.java index 4a7989bd82..dda373bfc6 100644 --- a/http-service/src/main/java/net/runelite/http/service/cache/CacheSecurity.java +++ b/http-service/src/main/java/net/runelite/http/service/cache/CacheSecurity.java @@ -43,6 +43,11 @@ public class CacheSecurity extends WebSecurityConfigurerAdapter @Override protected void configure(HttpSecurity http) throws Exception { + // By default spring security adds headers to not cache anything + http.headers().cacheControl().disable(); + + http.csrf().disable(); + http.httpBasic() .and() .authorizeRequests()