IntenseWebs/mattermost
3
0
Fork 0
mirror of https://github.com/mattermost/mattermost.git synced 2025-02-25 18:55:24 -06:00
Code Issues Packages Projects Releases Wiki Activity

MM-31721: Fix Cache-Control directives (#16763)

Browse Source 
We were incorrectly setting the cache control to public
when it should be rather private.

https://mattermost.atlassian.net/browse/MM-31721

```release-notes
Fix Cache-Control headers to instruct that responses may only be cached
on browsers.
```
This commit is contained in:
Agniva De Sarker
2021-01-21 17:08:49 +05:30
committed by GitHub
parent f8caa6c841
commit dccdc9f6cf
8 changed files with 10 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
api4/bot.go
View File

@@ -293,7 +293,7 @@ func getBotIconImage(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
w.Header().Set("Cache-Control", fmt.Sprintf("max-age=%v, public", 24*60*60)) // 24 hrs
w.Header().Set("Cache-Control", fmt.Sprintf("max-age=%v, private", 24*60*60)) // 24 hrs
w.Header().Set(model.HEADER_ETAG_SERVER, etag)
w.Header().Set("Content-Type", "image/svg+xml")
w.Write(img)

2
api4/compliance.go
View File

@@ -130,7 +130,7 @@ func downloadComplianceReport(c *Context, w http.ResponseWriter, r *http.Request
c.LogAudit("downloaded " + job.Desc)
w.Header().Set("Cache-Control", "max-age=2592000, public")
w.Header().Set("Cache-Control", "max-age=2592000, private")
w.Header().Set("Content-Length", strconv.Itoa(len(reportBytes)))
w.Header().Del("Content-Type") // Content-Type will be set automatically by the http writer

2
api4/emoji.go
View File

@@ -240,7 +240,7 @@ func getEmojiImage(c *Context, w http.ResponseWriter, r *http.Request) {
}
w.Header().Set("Content-Type", "image/"+imageType)
w.Header().Set("Cache-Control", "max-age=2592000, public")
w.Header().Set("Cache-Control", "max-age=2592000, private")
w.Write(image)
}

2
api4/file.go
View File

@@ -635,7 +635,7 @@ func getFileInfo(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
w.Header().Set("Cache-Control", "max-age=2592000, public")
w.Header().Set("Cache-Control", "max-age=2592000, private")
w.Write([]byte(info.ToJson()))
}

2
api4/post.go
View File

@@ -746,7 +746,7 @@ func getFileInfosForPost(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
w.Header().Set("Cache-Control", "max-age=2592000, public")
w.Header().Set("Cache-Control", "max-age=2592000, private")
w.Header().Set(model.HEADER_ETAG_SERVER, model.GetEtagForFileInfos(infos))
w.Write([]byte(model.FileInfosToJson(infos)))
}

2
api4/team.go
View File

@@ -1412,7 +1412,7 @@ func getTeamIcon(c *Context, w http.ResponseWriter, r *http.Request) {
}
w.Header().Set("Content-Type", "image/png")
w.Header().Set("Cache-Control", fmt.Sprintf("max-age=%v, public", 24*60*60)) // 24 hrs
w.Header().Set("Cache-Control", fmt.Sprintf("max-age=%v, private", 24*60*60)) // 24 hrs
w.Header().Set(model.HEADER_ETAG_SERVER, etag)
w.Write(img)
}

6
api4/user.go
View File

@@ -368,7 +368,7 @@ func getDefaultProfileImage(c *Context, w http.ResponseWriter, r *http.Request)
return
}
w.Header().Set("Cache-Control", fmt.Sprintf("max-age=%v, public", 24*60*60)) // 24 hrs
w.Header().Set("Cache-Control", fmt.Sprintf("max-age=%v, private", 24*60*60)) // 24 hrs
w.Header().Set("Content-Type", "image/png")
w.Write(img)
}
@@ -408,9 +408,9 @@ func getProfileImage(c *Context, w http.ResponseWriter, r *http.Request) {
}
if readFailed {
w.Header().Set("Cache-Control", fmt.Sprintf("max-age=%v, public", 5*60)) // 5 mins
w.Header().Set("Cache-Control", fmt.Sprintf("max-age=%v, private", 5*60)) // 5 mins
} else {
w.Header().Set("Cache-Control", fmt.Sprintf("max-age=%v, public", 24*60*60)) // 24 hrs
w.Header().Set("Cache-Control", fmt.Sprintf("max-age=%v, private", 24*60*60)) // 24 hrs
w.Header().Set(model.HEADER_ETAG_SERVER, etag)
}