Hello.
I have an issue with our security team that they have reported that I should disable the caching in the response headers of SAP SMP
They executed a command from a third party security provider, sending a request to https://host/sapui5/resources/sap/ui/thirdparty/jqueryui/jquery-uiwidget.js
I double checked using chrome and I saw this
I've been playing around with the web.xml and context.xml of tomcat by adding a parameter for caching into false. But still same result.
Im pretty much dead end from here.
These are the requirements
Set Cache-Control directive to private, no-cache and/or no-store.
Another issue is that I need to add the HSTS protocol. Which I dont know how to, except I have I feeling that I need to modify the default-server.xml in tomcat folder.
Help is greatly appreciated
Thanks!