tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity

NEW: Improve HTTP caching logic to automatically disable caching for requests that use the session.

Browse Source 
This improvement makes it easier to set a side-wide default cache time without needing to worry about CSRF-protected forms, etc.
This commit is contained in:
Hamish Friedlander 2011-09-29 16:21:32 +13:00 committed by Sam Minnee
parent b114aa2488
commit 2916f2043c
3 changed files with 15 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
control/Controller.php
View File

@ -477,6 +477,9 @@ class Controller extends RequestHandler implements TemplateGlobalProvider {
* @uses redirect()
*/
public function redirectBack() {
// Don't cache the redirect back ever
HTTP::set_cache_age(0);
$url = null;
// In edge-cases, this will be called outside of a handleRequest() context; in that case,

4
control/HTTP.php
View File

@ -285,14 +285,14 @@ class HTTP {
}
if(self::$cache_age > 0) {
$responseHeaders["Cache-Control"] = "max-age=" . self::$cache_age . ", must-revalidate";
$responseHeaders["Cache-Control"] = "max-age=" . self::$cache_age . ", must-revalidate, no-transform";
$responseHeaders["Pragma"] = "";
// To do: User-Agent should only be added in situations where you *are* actually varying according to user-agent.
$responseHeaders['Vary'] = 'Cookie, X-Forwarded-Protocol, User-Agent';
} else {
$responseHeaders["Cache-Control"] = "no-cache, max-age=0, must-revalidate";
$responseHeaders["Cache-Control"] = "no-cache, max-age=0, must-revalidate, no-transform";
}
if(self::$modification_date && self::$cache_age > 0) {

12
forms/Form.php
View File

@ -707,8 +707,16 @@ class Form extends RequestHandler {
if(!$attrs || is_string($attrs)) $attrs = $this->getAttributes();
// Forms shouldn't be cached, cos their error messages won't be shown
HTTP::set_cache_age(0);
// Figure out if we can cache this form
// - forms with validation shouldn't be cached, cos their error messages won't be shown
// - forms with security tokens shouldn't be cached because security tokens expire
$needsCacheDisabled = false;
if ($this->getSecurityToken()->isEnabled()) $needsCacheDisabled = true;
if ($this->FormMethod() != 'get') $needsCacheDisabled = true;
if (!($this->validator instanceof RequiredFields) || count($this->validator->getRequired())) $needsCacheDisabled = true;
// If we need to disable cache, do it
if ($needsCacheDisabled) HTTP::set_cache_age(0);
$attrs = $this->getAttributes();