Spring boot 2 adding cache response headers without using Spring security

Question

I am using Spring boot 2 and in application.properties file, I have specified the cache values as below :

spring.resources.cache.cachecontrol.max-age=0
spring.resources.cache.cachecontrol.no-cache=true
spring.resources.cache.cachecontrol.must-revalidate=true
spring.resources.cache.cachecontrol.no-store=true

Except for max-age, none of the headers is visible in the chrome developer tools network tab.

In my application I am making a Get request and getting ResponseEntity<Long> as response back.

Is there something else needs to be done to add these cache-headers in the response ?

Answer 1

I used filter for setting HttpHeader. It can give you fine grained control over setting value and validate your request before passing to controller.

public class CORSFilter extends OncePerRequestFilter {

    @Override
    protected void doFilterInternal(HttpServletRequest req, HttpServletResponse res, FilterChain chain)
            throws ServletException, IOException {

        res.setHeader("Access-Control-Allow-Origin", "*");
        res.setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
        res.setHeader("Access-Control-Max-Age", "3600");
        res.setHeader("Access-Control-Allow-Headers",
                "X-PINGOTHER,Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization");
        res.addHeader("Access-Control-Expose-Headers", "xsrf-token");

        res.setHeader("Cache-Control","no-cache,no-store,must-revalidate,private,max-age=0");
        res.setHeader("Pragma","no-cache");
        res.setDateHeader("Expires",0);        


        if(!res.containsHeader("X-FRAME-OPTIONS"))
            res.addHeader("X-FRAME-OPTIONS", "SAMEORIGIN");

        if ("OPTIONS".equals(req.getMethod())) {
            res.setStatus(HttpServletResponse.SC_OK);
        } else {
            chain.doFilter(req, res);
        }
    }
}