diff --git a/core/trino-main/src/main/java/io/trino/server/ui/UiQueryResource.java b/core/trino-main/src/main/java/io/trino/server/ui/UiQueryResource.java index 9ed0e1f6fac07..1757f4aefc18a 100644 --- a/core/trino-main/src/main/java/io/trino/server/ui/UiQueryResource.java +++ b/core/trino-main/src/main/java/io/trino/server/ui/UiQueryResource.java @@ -67,7 +67,7 @@ public UiQueryResource(DispatchManager dispatchManager, AccessControl accessCont @ResourceSecurity(WEB_UI) @GET - public List getAllQueryInfo(@QueryParam("state") String stateFilter, @Context HttpServletRequest servletRequest, @Context HttpHeaders httpHeaders) + public Response getAllQueryInfo(@QueryParam("state") String stateFilter, @Context HttpServletRequest servletRequest, @Context HttpHeaders httpHeaders) { QueryState expectedState = stateFilter == null ? null : QueryState.valueOf(stateFilter.toUpperCase(Locale.ENGLISH)); @@ -80,7 +80,12 @@ public List getAllQueryInfo(@QueryParam("state") String s builder.add(new TrimmedBasicQueryInfo(queryInfo)); } } - return builder.build(); + return Response.ok(builder.build()) + .header("X-Download-Options", "noopen") + .header("Cache-Control", "no-cache, no-store, max-age=0") + .header("Pragma", "no-cache") + .header("Expires", "-1") + .build(); } @ResourceSecurity(WEB_UI) @@ -94,13 +99,23 @@ public Response getQueryInfo(@PathParam("queryId") QueryId queryId, @Context Htt if (queryInfo.isPresent()) { try { checkCanViewQueryOwnedBy(sessionContextFactory.extractAuthorizedIdentity(servletRequest, httpHeaders), queryInfo.get().getSession().toIdentity(), accessControl); - return Response.ok(queryInfo.get()).build(); + return Response.ok(queryInfo.get()) + .header("X-Download-Options", "noopen") + .header("Cache-Control", "no-cache, no-store, max-age=0") + .header("Pragma", "no-cache") + .header("Expires", "-1") + .build(); } catch (AccessDeniedException e) { throw new ForbiddenException(); } } - return Response.status(Status.GONE).build(); + return Response.status(Status.GONE) + .header("X-Download-Options", "noopen") + .header("Cache-Control", "no-cache, no-store, max-age=0") + .header("Pragma", "no-cache") + .header("Expires", "-1") + .build(); } @ResourceSecurity(WEB_UI) @@ -130,18 +145,33 @@ private Response failQuery(QueryId queryId, TrinoException queryException, HttpS // check before killing to provide the proper error code (this is racy) if (queryInfo.getState().isDone()) { - return Response.status(Status.CONFLICT).build(); + return Response.status(Status.CONFLICT) + .header("X-Download-Options", "noopen") + .header("Cache-Control", "no-cache, no-store, max-age=0") + .header("Pragma", "no-cache") + .header("Expires", "-1") + .build(); } dispatchManager.failQuery(queryId, queryException); - return Response.status(Status.ACCEPTED).build(); + return Response.status(Status.ACCEPTED) + .header("X-Download-Options", "noopen") + .header("Cache-Control", "no-cache, no-store, max-age=0") + .header("Pragma", "no-cache") + .header("Expires", "-1") + .build(); } catch (AccessDeniedException e) { throw new ForbiddenException(); } catch (NoSuchElementException e) { - return Response.status(Status.GONE).build(); + return Response.status(Status.GONE) + .header("X-Download-Options", "noopen") + .header("Cache-Control", "no-cache, no-store, max-age=0") + .header("Pragma", "no-cache") + .header("Expires", "-1") + .build(); } } }