# 找到可快取的 SSL 頁面 修正： 在 SSL 頁面的回應中新增 "Cache-Control: no-store" 和 "Pragma: no-cache" 標頭，以防止快取 SSL頁面。 原本的網頁的Response Headers:  在程式上面新加: ```java= import org.apache.struts2.interceptor.ServletRequestAware; import org.apache.struts2.interceptor.ServletResponseAware; import org.apache.struts2.interceptor.SessionAware; import org.apache.struts2.util.ServletContextAware; import com.opensymphony.xwork2.ActionSupport; public class Test extends ActionSupport implements ServletRequestAware, ServletResponseAware, ServletContextAware, SessionAware private HttpServletRequest request; private HttpServletResponse response; private Map<String, Object> session; private ServletContext context; @Override public void setSession(Map<String, Object> session) { this.session = session; } /** * @return the session */ public Map<String, Object> getSession() { return session; } @Override public void setServletContext(ServletContext context) { this.context = context; } public ServletContext getServletContext() { return context; } @Override public void setServletResponse(HttpServletResponse response) { this.response = response; } public HttpServletResponse getServletResponse() { return response; } @Override public void setServletRequest(HttpServletRequest arg0) { this.request = arg0; } public HttpServletRequest getServletRequest() { return this.request; } HttpServletResponse response = this.getServletResponse(); response.setHeader( "Cache-Control", "no-store" ); response.setHeader( "Pragma", "no-cache" ); ``` 再次啟動後,網頁的Response Headers:  這樣就修正完成了 ###### tags: 弱點掃瞄