Installing Arbortext Publishing Engine > Arbortext Publishing Engine Installation > Security > Customizing Cacheable HTTPS Response for Browsers
  
Customizing Cacheable HTTPS Response for Browsers
Some browsers may store a local cached copy of content received from web servers. If sensitive information in application responses is stored in the local cache, then this may be retrieved by other users who have access to the same computer at a future time. To avoid this, PTC recommends to set Cacheable HTTPS response to instruct browsers not to store local copies of any sensitive data.
1. Open <Tomcat install directory>\conf\web.xml in a text editor.
2. Add the following filter-mapping and filter:
<filter-mapping>
<filter-name>ExpiresFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>

<filter>
<filter-name>ExpiresFilter</filter-name>
<filter-class>org.apache.catalina.filters.ExpiresFilter</filter-class>
<init-param>
<param-name>ExpiresByType image</param-name>
<param-value>access plus 0 seconds</param-value>
</init-param>
<init-param>
<param-name>ExpiresByType text/css</param-name>
<param-value>access plus 0 seconds</param-value>
</init-param>
<init-param>
<param-name>ExpiresByType application/javascript</param-name>
<param-value>access plus 0 seconds</param-value>
</init-param>

<init-param>
<param-name>ExpiresDefault</param-name>
<param-value>access plus 0 seconds</param-value>
</init-param>
</filter>
3. Save web.xml.