From f793a6900f58794e058625e7906c24511de2dc14 Mon Sep 17 00:00:00 2001
From: Luke Leber <lal65@psu.edu>
Date: Thu, 14 Dec 2017 16:27:18 -0500
Subject: [PATCH] Added 'no-store' to the cache-control header to prevent
 Google Chrome from serving the 302 redirect from disk cache

---
 lib/SimpleSAML/Utils/HTTP.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/SimpleSAML/Utils/HTTP.php b/lib/SimpleSAML/Utils/HTTP.php
index 03b4d1bab..d96ed81a1 100644
--- a/lib/SimpleSAML/Utils/HTTP.php
+++ b/lib/SimpleSAML/Utils/HTTP.php
@@ -176,7 +176,7 @@ class HTTP
 
             // disable caching of this response
             header('Pragma: no-cache');
-            header('Cache-Control: no-cache, must-revalidate');
+            header('Cache-Control: no-cache, no-store, must-revalidate');
         }
 
         // show a minimal web page with a clickable link to the URL
-- 
GitLab