mirror
/
hometown
mirror of https://github.com/hometown-fork/hometown.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Fix Vary parsing in cache control enforcement (#37426)

pull/1371/head
Joshua Rogers 2 months ago committed by Misty De Meo
parent
6612ce1791
commit
d0bf26a03b
No known key found for this signature in database
GPG Key ID: 76CF846A2F674B2C
1 changed files with 1 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      app/controllers/concerns/cache_concern.rb

2
app/controllers/concerns/cache_concern.rb
Unescape View File

@ -19,7 +19,7 @@ module CacheConcern
# from being used as cache keys, while allowing to `Vary` on them (to not serve # from being used as cache keys, while allowing to `Vary` on them (to not serve
# anonymous cached data to authenticated requests when authentication matters) # anonymous cached data to authenticated requests when authentication matters)
def enforce_cache_control! def enforce_cache_control!
vary = response.headers['Vary']&.split&.map { |x| x.strip.downcase } vary = response.headers['Vary'].to_s.split(',').map { |x| x.strip.downcase }.reject(&:empty?)
return unless vary.present? && %w(cookie authorization signature).any? { |header| vary.include?(header) && request.headers[header].present? } return unless vary.present? && %w(cookie authorization signature).any? { |header| vary.include?(header) && request.headers[header].present? }
response.cache_control.replace(private: true, no_store: true) response.cache_control.replace(private: true, no_store: true)

Write Preview
Loading…
Cancel
Save