Merge pull request #431 from DedunuKarunarathne/master

Fix security vulnerabilities

monitoring-dashboard/components/org.wso2.ei.dashboard.bootstrap/src/main/java/org/wso2/ei/dashboard/bootstrap/SecurityHeaderFilter.java

@@ -49,6 +49,7 @@ public void doFilter(ServletRequest servletRequest, ServletResponse servletRespo
         httpResponse.addHeader("Referrer-Policy", "same-origin");
         httpResponse.addHeader("X-XSS-Protection", "1; mode=block");
         httpResponse.addHeader("Strict-Transport-Security", "max-age=31536000; includeSubDomains");
+        httpResponse.addHeader("Cache-Control", "no-cache, no-store, must-revalidate");
         filterChain.doFilter(servletRequest, servletResponse);
 
     }

monitoring-dashboard/components/org.wso2.ei.dashboard.core/src/main/java/org/wso2/ei/dashboard/core/commons/utils/HttpUtils.java

@@ -319,7 +319,8 @@ public static void setHeaders(Response.ResponseBuilder responseBuilder) {
                 .header("X-Content-Type-Options", "nosniff")
                 .header("Referrer-Policy", "same-origin")
                 .header("X-XSS-Protection", "1; mode=block")
-                .header("Strict-Transport-Security", "max-age=31536000; includeSubDomains; preload");
+                .header("Strict-Transport-Security", "max-age=31536000; includeSubDomains; preload")
+                .header("Cache-Control", "no-cache, no-store, must-revalidate");
     }
 
 }

monitoring-dashboard/components/org.wso2.micro.integrator.dashboard.web/web-app/package.json

@@ -11,7 +11,7 @@
     "@testing-library/jest-dom": "^5.11.4",
     "@testing-library/react": "^11.1.0",
     "@testing-library/user-event": "^12.1.10",
-    "axios": "^0.21.4",
+    "axios": "^1.7.7",
     "jwt-decode": "^3.1.2",
     "monaco-editor": "^0.38.0",
     "react": "^16.14.0",