Permalink
Browse files

disallow caching of api responses

  • Loading branch information...
lloyd committed Dec 14, 2011
1 parent 9cdf0db commit 06255b960e1f9078bc935c1c7af0662f33c88818
Showing with 4 additions and 2 deletions.
  1. +4 −2 server/main.js
View
@@ -40,9 +40,11 @@ app.use(express.cookieParser());
// parse post bodies
app.use(express.bodyParser());
// session support using signed cookies
// session support using signed cookies, also no caching of api requests
app.use(function (req, res, next) {
if (/^\/api/.test(req.url)) {
res.setHeader('Cache-Control', 'no-cache, max-age=0');
return sessions({
secret: COOKIE_SECRET,
key: 'myfavoritebeer_session',
@@ -128,7 +130,7 @@ app.post("/api/login", function (req, res) {
console.log("assertion verified successfully for email:", email);
} else {
console.log("failed to verify assertion:", verifierResp.reason);
}
}
res.json(email);
} catch(e) {
console.log("non-JSON response from verifier");

0 comments on commit 06255b9

Please sign in to comment.