From b99f620517c6ec3b66d9bbff324e5cb7777cc98b Mon Sep 17 00:00:00 2001
From: markt <markt@13f79535-47bb-0310-9956-ffa450edef68>
Date: Mon, 29 Aug 2011 14:40:27 +0000
Subject: [PATCH] Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=51712
 Ensure cache control headers are sent even if request is secure. Patch
 provided by Michael Zampani

git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@1162836 13f79535-47bb-0310-9956-ffa450edef68
---
 java/org/apache/catalina/authenticator/AuthenticatorBase.java | 1 -
 1 file changed, 1 deletion(-)

diff --git a/java/org/apache/catalina/authenticator/AuthenticatorBase.java b/java/org/apache/catalina/authenticator/AuthenticatorBase.java
index da01cc805..0eac4be44 100644
--- a/java/org/apache/catalina/authenticator/AuthenticatorBase.java
+++ b/java/org/apache/catalina/authenticator/AuthenticatorBase.java
@@ -476,7 +476,6 @@ public abstract class AuthenticatorBase extends ValveBase
         // Make sure that constrained resources are not cached by web proxies
         // or browsers as caching can provide a security hole
         if (constraints != null && disableProxyCaching && 
-            !request.isSecure() &&
             !"POST".equalsIgnoreCase(request.getMethod())) {
             if (securePagesWithPragma) {
                 // Note: These can cause problems with downloading files with IE
-- 
2.11.0