fix headerow

app.py

@@ -1417,6 +1417,13 @@ def require_system_password():
 
 @app.after_request
 def apply_headers(response):
+
+    if request.path == "/expenses_data":
+        response.headers["Cache-Control"] = "no-cache, no-store, must-revalidate"
+        response.headers["Pragma"] = "no-cache"
+        response.headers["Expires"] = "0"
+        return response
+
     if request.path.startswith(("/static/", "/uploads/")):
         response.headers["Vary"] = "Accept-Encoding"
         return response

deploy/varnish/default.vcl.template

@@ -71,6 +71,10 @@ sub vcl_recv {
     return (hash);
   }
 
+  if (!req.http.X-Forwarded-Proto) {
+    set req.http.X-Forwarded-Proto = "https";
+  }
+
   return (hash);
 }
 
@@ -104,6 +108,14 @@ sub vcl_backend_response {
     set beresp.uncacheable = true;
     set beresp.ttl = 0s;
     return (deliver);
+
+  # NIE cache'uj redirectów do loginu (HTML) z backendu
+  if (beresp.status >= 300 && beresp.status < 400) {
+    set beresp.uncacheable = true;
+    set beresp.ttl = 0s;
+    return (deliver);
+  }
+
   }
 
   # ---- STATYCZNE: zdejmij Set-Cookie i Vary: Cookie, zapewnij TTL ----