FIX: Remove X-Requested-With from default Vary header.

The X-Requested-With header does modify the result of Director::is_ajax
and so this should strictly be in there. In practise, this can cause
issues with CDNs such as Incapsula, and LeftAndMain adds this vary
header itself, which is the principle place where Director::is_ajax
is used.
This commit is contained in:
Sam Minnee 2018-07-04 13:35:47 +12:00
parent 00a263092e
commit 9c9872ebac

View File

@ -16,7 +16,7 @@ HTTP:
no-cache: "true" no-cache: "true"
no-store: "true" no-store: "true"
must-revalidate: "true" must-revalidate: "true"
vary: "X-Requested-With, X-Forwarded-Protocol" vary: "X-Forwarded-Protocol"
LeftAndMain: LeftAndMain:
dependencies: dependencies:
versionProvider: %$SilverStripeVersionProvider versionProvider: %$SilverStripeVersionProvider