From fbeb66feddf033bdca9290bb2efa408a08e55f39 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Wed, 24 Jan 2018 13:40:39 +0100
Subject: [PATCH] Fix refreshing of captcha broken if a cache-control set by
 server

---
 htdocs/core/antispamimage.php | 2 +-
 htdocs/main.inc.php           | 7 ++++++-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/htdocs/core/antispamimage.php b/htdocs/core/antispamimage.php
index 816763eeaf5..7f0f2bde12f 100644
--- a/htdocs/core/antispamimage.php
+++ b/htdocs/core/antispamimage.php
@@ -59,7 +59,7 @@ if (empty($img))
 }
 
 // Define mime type
-top_httphead('image/png');
+top_httphead('image/png', 1);
 
 $background_color = imagecolorallocate($img, 250, 250, 250);
 $ecriture_color = imagecolorallocate($img, 0, 0, 0);
diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php
index 9f3cb0b95ad..6a70a21f28d 100644
--- a/htdocs/main.inc.php
+++ b/htdocs/main.inc.php
@@ -1047,9 +1047,10 @@ if (! function_exists("llxHeader"))
  *  Show HTTP header
  *
  *  @param  string  $contenttype    Content type. For example, 'text/html'
+ *  @param	int		$forcenocache	Force disabling of cache for the page
  *  @return	void
  */
-function top_httphead($contenttype='text/html')
+function top_httphead($contenttype='text/html', $forcenocache=0)
 {
 	global $conf;
 
@@ -1066,6 +1067,10 @@ function top_httphead($contenttype='text/html')
 		// default-src https://cdn.example.net; object-src 'none'
 		header("Content-Security-Policy: ".$conf->global->MAIN_HTTP_CONTENT_SECURITY_POLICY);
 	}
+	if ($forcenocache)
+	{
+		header("Cache-Control: no-cache, no-store, must-revalidate, max-age=0");
+	}
 }
 
 /**