From 477e9fe824efeae0085ea15ec4bd05740fa2df40 Mon Sep 17 00:00:00 2001
From: Felix Fontein <ff@dybuster.com>
Date: Wed, 8 Apr 2020 13:48:27 +0200
Subject: Expired session: use 403 Forbidden instead of 410 Gone (#11859)

Use 403 Forbidden instead of 410 Gone when session expired. Also prevent caching in more cases.
---
 .../com/vaadin/client/communication/DefaultConnectionStateHandler.java  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'client/src')

diff --git a/client/src/main/java/com/vaadin/client/communication/DefaultConnectionStateHandler.java b/client/src/main/java/com/vaadin/client/communication/DefaultConnectionStateHandler.java
index 27c7052d30..f0630592be 100644
--- a/client/src/main/java/com/vaadin/client/communication/DefaultConnectionStateHandler.java
+++ b/client/src/main/java/com/vaadin/client/communication/DefaultConnectionStateHandler.java
@@ -146,7 +146,7 @@ public class DefaultConnectionStateHandler implements ConnectionStateHandler {
         int statusCode = response.getStatusCode();
         getLogger().warning("Heartbeat request returned " + statusCode);
 
-        if (response.getStatusCode() == Response.SC_GONE) {
+        if (response.getStatusCode() == Response.SC_FORBIDDEN) {
             // Session expired
             getConnection().showSessionExpiredError(null);
             stopApplication();
-- 
cgit v1.2.3