Posted by ErmanArslansOracleBlog on
URL: http://erman-arslan-s-oracle-forum.114.s1.nabble.com/Security-report-r12-2-tp9851p9857.html

Cant you just take actions on the client side for this?

It is not documented for EBS.. I don't think it is applicable in standard ways..
There should be a special header variable named Cache-Control in the packets, so you may implement it by using a load balancer or reverse proxy but it will be a little adventure..

Something like;

Header set Cache-Control "no-cache, no-store, must-revalidate"
How to Add Cache-control and "Pragma: no-cache" headers on Oracle HTTP Server (Doc ID 2274034.1)

Maybe you can add those directives to the Oracle HTTP Server of EBS, but as I said this is not documented so a little challange and your conf. will be unsupported if you do manual conf in standard component configuration files.. In addition to that, if you modify the apache/Oracle HTTP Server conf and set that cache-control, you need to test your EBS well enough to ensure that nothing gets broken.