diff options
author | Robert Speicher <rspeicher@gmail.com> | 2019-02-26 18:22:10 +0000 |
---|---|---|
committer | Robert Speicher <rspeicher@gmail.com> | 2019-02-26 18:22:10 +0000 |
commit | 9b3a0de5ed44fdcdb01bd520ad8e0ec8e3ab7ea6 (patch) | |
tree | 0baa0af87e391ed2c2d1b78daf7a08f15d0b06d4 /app/controllers | |
parent | f5201a816f2eff9393e16f362403451e5d86ee6c (diff) | |
parent | e7e5efd1319c1eb11e52e33f12f4c25c07682dc0 (diff) | |
download | gitlab-ce-9b3a0de5ed44fdcdb01bd520ad8e0ec8e3ab7ea6.tar.gz |
Merge branch '57905-etag-caching-probably-broken-since-11-5-0' into 'master'
Fix ETag caching not being used for AJAX requests
Closes #57905
See merge request gitlab-org/gitlab-ce!25400
Diffstat (limited to 'app/controllers')
-rw-r--r-- | app/controllers/application_controller.rb | 23 |
1 files changed, 16 insertions, 7 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index af0b0c64814..b7eb6af6d67 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -43,7 +43,10 @@ class ApplicationController < ActionController::Base :git_import_enabled?, :gitlab_project_import_enabled?, :manifest_import_enabled? + # Adds `no-store` to the DEFAULT_CACHE_CONTROL, to prevent security + # concerns due to caching private data. DEFAULT_GITLAB_CACHE_CONTROL = "#{ActionDispatch::Http::Cache::Response::DEFAULT_CACHE_CONTROL}, no-store".freeze + DEFAULT_GITLAB_CONTROL_NO_CACHE = "#{DEFAULT_GITLAB_CACHE_CONTROL}, no-cache".freeze rescue_from Encoding::CompatibilityError do |exception| log_exception(exception) @@ -235,9 +238,9 @@ class ApplicationController < ActionController::Base end def no_cache_headers - response.headers["Cache-Control"] = "no-cache, no-store, max-age=0, must-revalidate" - response.headers["Pragma"] = "no-cache" - response.headers["Expires"] = "Fri, 01 Jan 1990 00:00:00 GMT" + headers['Cache-Control'] = DEFAULT_GITLAB_CONTROL_NO_CACHE + headers['Pragma'] = 'no-cache' # HTTP 1.0 compatibility + headers['Expires'] = 'Fri, 01 Jan 1990 00:00:00 GMT' end def default_headers @@ -247,10 +250,16 @@ class ApplicationController < ActionController::Base headers['X-Content-Type-Options'] = 'nosniff' if current_user - # Adds `no-store` to the DEFAULT_CACHE_CONTROL, to prevent security - # concerns due to caching private data. - headers['Cache-Control'] = DEFAULT_GITLAB_CACHE_CONTROL - headers["Pragma"] = "no-cache" # HTTP 1.0 compatibility + headers['Cache-Control'] = default_cache_control + headers['Pragma'] = 'no-cache' # HTTP 1.0 compatibility + end + end + + def default_cache_control + if request.xhr? + ActionDispatch::Http::Cache::Response::DEFAULT_CACHE_CONTROL + else + DEFAULT_GITLAB_CACHE_CONTROL end end |