From a1a15bbd3d4ec54c6b9e3fc6e2aac34e326952b5 Mon Sep 17 00:00:00 2001 From: Julien Huang Date: Tue, 21 Aug 2018 18:47:09 +0200 Subject: [PATCH 1/2] Fix: invalid Cache-Control directives for REST package 1. There was a typo on the `must-revalidate` directive (missing dash) 2. The `Cache-Control` header didn't completely prevent HTTP caching 3. The `Last-Modified` header is advantageously replaced by right `Expires` and `Cache-Control` headers --- .../jersey2/internal/CacheControlFeature.java | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/rest/jersey2/src/main/java/org/seedstack/seed/rest/jersey2/internal/CacheControlFeature.java b/rest/jersey2/src/main/java/org/seedstack/seed/rest/jersey2/internal/CacheControlFeature.java index 0eb179e21..3b8237bb7 100644 --- a/rest/jersey2/src/main/java/org/seedstack/seed/rest/jersey2/internal/CacheControlFeature.java +++ b/rest/jersey2/src/main/java/org/seedstack/seed/rest/jersey2/internal/CacheControlFeature.java @@ -50,7 +50,6 @@ public void configure(ResourceInfo resourceInfo, FeatureContext featureContext) } private static class CacheResponseFilter implements ContainerResponseFilter { - private static final String MUST_REVALIDATE_PRIVATE = "must revalidate, private"; private final CachePolicy policy; CacheResponseFilter(CachePolicy policy) { @@ -63,9 +62,19 @@ public void filter(ContainerRequestContext requestContext, switch (this.policy) { case NO_CACHE: MultivaluedMap headers = responseContext.getHeaders(); - headers.putSingle(HttpHeaders.LAST_MODIFIED, new Date()); - headers.putSingle(HttpHeaders.EXPIRES, -1); - headers.putSingle(HttpHeaders.CACHE_CONTROL, MUST_REVALIDATE_PRIVATE); + + // HTTP Caching is a tough subject thanks to the diversity of clients (browser and cache/proxy servers) + // See below a pretty good reference on HTTP Caching: + // https://stackoverflow.com/questions/49547/how-to-control-web-page-caching-across-all-browsers + + // For client that doesn't support newer `Cache-Control` HTTP header + // https://tools.ietf.org/html/rfc7234#section-5.3 + headers.putSingle(HttpHeaders.EXPIRES, 0); + + // https://tools.ietf.org/html/rfc7234#section-5.2.2 + // Theoretically, `no-store` only would be sufficient + // But for compatibility-purpose, adding other related headers doesn't hurt + headers.putSingle(HttpHeaders.CACHE_CONTROL, "no-store, no-cache, must-revalidate, private"); break; case CUSTOM: break; From 662787cfd8b5a2f07713f9250c843270fa653ee2 Mon Sep 17 00:00:00 2001 From: Adrien LAUER Date: Mon, 27 Aug 2018 12:47:34 +0200 Subject: [PATCH 2/2] Fix test after cache-related HTTP header changes --- CHANGELOG.md | 4 ++++ cli/pom.xml | 2 +- core/pom.xml | 2 +- pom.xml | 2 +- rest/core/pom.xml | 2 +- rest/jersey2/pom.xml | 2 +- .../test/java/org/seedstack/seed/rest/jersey2/Jersey2IT.java | 5 ++--- rest/pom.xml | 2 +- rest/specs/pom.xml | 2 +- security/core/pom.xml | 2 +- security/pom.xml | 2 +- security/specs/pom.xml | 2 +- specs/pom.xml | 2 +- testing/arquillian/pom.xml | 2 +- testing/core/pom.xml | 2 +- testing/junit4/pom.xml | 2 +- testing/pom.xml | 2 +- testing/specs/pom.xml | 2 +- web/core/pom.xml | 2 +- web/pom.xml | 2 +- web/security/pom.xml | 2 +- web/specs/pom.xml | 2 +- web/undertow/pom.xml | 2 +- 23 files changed, 27 insertions(+), 24 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f809f2b86..60962a4ca 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,7 @@ +# Version 3.7.1 (2018-09-??) + +* [fix] Fix HTTP headers sent when the NO_CACHE policy is applied on a JAX-RS resource (the default). + # Version 3.7.0 (2018-07-31) * [new] Bean Validation 2.0 support through Hibernate Validator 6 implementation. diff --git a/cli/pom.xml b/cli/pom.xml index 5a915352d..9e8661d53 100644 --- a/cli/pom.xml +++ b/cli/pom.xml @@ -14,7 +14,7 @@ org.seedstack.seed seed - 3.7.0-SNAPSHOT + 3.7.1-SNAPSHOT seed-cli diff --git a/core/pom.xml b/core/pom.xml index fea57bf87..b20cb321e 100644 --- a/core/pom.xml +++ b/core/pom.xml @@ -14,7 +14,7 @@ org.seedstack.seed seed - 3.7.0-SNAPSHOT + 3.7.1-SNAPSHOT seed-core diff --git a/pom.xml b/pom.xml index bc1071af2..6816b301f 100644 --- a/pom.xml +++ b/pom.xml @@ -19,7 +19,7 @@ org.seedstack.seed seed - 3.7.0-SNAPSHOT + 3.7.1-SNAPSHOT pom diff --git a/rest/core/pom.xml b/rest/core/pom.xml index e5b3904a4..1d08f23ed 100644 --- a/rest/core/pom.xml +++ b/rest/core/pom.xml @@ -14,7 +14,7 @@ org.seedstack.seed seed-rest - 3.7.0-SNAPSHOT + 3.7.1-SNAPSHOT seed-rest-core diff --git a/rest/jersey2/pom.xml b/rest/jersey2/pom.xml index 4a6b6fd42..4e694cbfe 100644 --- a/rest/jersey2/pom.xml +++ b/rest/jersey2/pom.xml @@ -14,7 +14,7 @@ org.seedstack.seed seed-rest - 3.7.0-SNAPSHOT + 3.7.1-SNAPSHOT seed-rest-jersey2 diff --git a/rest/jersey2/src/test/java/org/seedstack/seed/rest/jersey2/Jersey2IT.java b/rest/jersey2/src/test/java/org/seedstack/seed/rest/jersey2/Jersey2IT.java index 9d8a9de17..5da7c62cf 100644 --- a/rest/jersey2/src/test/java/org/seedstack/seed/rest/jersey2/Jersey2IT.java +++ b/rest/jersey2/src/test/java/org/seedstack/seed/rest/jersey2/Jersey2IT.java @@ -46,9 +46,8 @@ public void basicAsyncResource() throws JSONException { @Test public void cacheIsDisabledByDefault() { Response response = expect().statusCode(200).when().get(baseUrl + "hello"); - assertThat(response.header("Last-Modified")).isNotEmpty(); - assertThat(response.header("Expires")).isEqualTo("-1"); - assertThat(response.header("Cache-Control")).isEqualTo("must revalidate, private"); + assertThat(response.header("Expires")).isEqualTo("0"); + assertThat(response.header("Cache-Control")).isEqualTo("no-store, no-cache, must-revalidate, private"); } @Test diff --git a/rest/pom.xml b/rest/pom.xml index 6e49c75a0..f9bc9fdb5 100644 --- a/rest/pom.xml +++ b/rest/pom.xml @@ -13,7 +13,7 @@ org.seedstack.seed seed - 3.7.0-SNAPSHOT + 3.7.1-SNAPSHOT seed-rest diff --git a/rest/specs/pom.xml b/rest/specs/pom.xml index 6e53b626a..127bb8438 100644 --- a/rest/specs/pom.xml +++ b/rest/specs/pom.xml @@ -13,7 +13,7 @@ org.seedstack.seed seed-rest - 3.7.0-SNAPSHOT + 3.7.1-SNAPSHOT seed-rest-specs diff --git a/security/core/pom.xml b/security/core/pom.xml index b0ab65674..118f3f13c 100644 --- a/security/core/pom.xml +++ b/security/core/pom.xml @@ -14,7 +14,7 @@ org.seedstack.seed seed-security - 3.7.0-SNAPSHOT + 3.7.1-SNAPSHOT seed-security-core diff --git a/security/pom.xml b/security/pom.xml index 3e7d074af..dc30dc416 100644 --- a/security/pom.xml +++ b/security/pom.xml @@ -14,7 +14,7 @@ org.seedstack.seed seed - 3.7.0-SNAPSHOT + 3.7.1-SNAPSHOT seed-security diff --git a/security/specs/pom.xml b/security/specs/pom.xml index a41d01d12..fb567f2b1 100644 --- a/security/specs/pom.xml +++ b/security/specs/pom.xml @@ -13,7 +13,7 @@ org.seedstack.seed seed-security - 3.7.0-SNAPSHOT + 3.7.1-SNAPSHOT seed-security-specs diff --git a/specs/pom.xml b/specs/pom.xml index fe0da3b9e..9a69358be 100644 --- a/specs/pom.xml +++ b/specs/pom.xml @@ -14,7 +14,7 @@ org.seedstack.seed seed - 3.7.0-SNAPSHOT + 3.7.1-SNAPSHOT seed-specs diff --git a/testing/arquillian/pom.xml b/testing/arquillian/pom.xml index 908e8478d..cb6e74ee6 100644 --- a/testing/arquillian/pom.xml +++ b/testing/arquillian/pom.xml @@ -14,7 +14,7 @@ org.seedstack.seed seed-testing - 3.7.0-SNAPSHOT + 3.7.1-SNAPSHOT seed-testing-arquillian diff --git a/testing/core/pom.xml b/testing/core/pom.xml index 2ca4b7c04..d12957a26 100644 --- a/testing/core/pom.xml +++ b/testing/core/pom.xml @@ -14,7 +14,7 @@ org.seedstack.seed seed-testing - 3.7.0-SNAPSHOT + 3.7.1-SNAPSHOT seed-testing-core diff --git a/testing/junit4/pom.xml b/testing/junit4/pom.xml index 34a9e96db..3764a6493 100644 --- a/testing/junit4/pom.xml +++ b/testing/junit4/pom.xml @@ -14,7 +14,7 @@ org.seedstack.seed seed-testing - 3.7.0-SNAPSHOT + 3.7.1-SNAPSHOT seed-testing-junit4 diff --git a/testing/pom.xml b/testing/pom.xml index d556d5e79..0862fb147 100644 --- a/testing/pom.xml +++ b/testing/pom.xml @@ -14,7 +14,7 @@ org.seedstack.seed seed - 3.7.0-SNAPSHOT + 3.7.1-SNAPSHOT seed-testing diff --git a/testing/specs/pom.xml b/testing/specs/pom.xml index 773dcd2f8..b2f8e382e 100644 --- a/testing/specs/pom.xml +++ b/testing/specs/pom.xml @@ -14,7 +14,7 @@ org.seedstack.seed seed-testing - 3.7.0-SNAPSHOT + 3.7.1-SNAPSHOT seed-testing-specs diff --git a/web/core/pom.xml b/web/core/pom.xml index cab03c4a9..c5cab5d05 100644 --- a/web/core/pom.xml +++ b/web/core/pom.xml @@ -14,7 +14,7 @@ org.seedstack.seed seed-web - 3.7.0-SNAPSHOT + 3.7.1-SNAPSHOT seed-web-core diff --git a/web/pom.xml b/web/pom.xml index 158396b8e..455e7c623 100644 --- a/web/pom.xml +++ b/web/pom.xml @@ -14,7 +14,7 @@ org.seedstack.seed seed - 3.7.0-SNAPSHOT + 3.7.1-SNAPSHOT seed-web diff --git a/web/security/pom.xml b/web/security/pom.xml index 55c8f7a82..c85242d24 100644 --- a/web/security/pom.xml +++ b/web/security/pom.xml @@ -14,7 +14,7 @@ org.seedstack.seed seed-web - 3.7.0-SNAPSHOT + 3.7.1-SNAPSHOT seed-web-security diff --git a/web/specs/pom.xml b/web/specs/pom.xml index 954466485..c50ca3432 100644 --- a/web/specs/pom.xml +++ b/web/specs/pom.xml @@ -13,7 +13,7 @@ org.seedstack.seed seed-web - 3.7.0-SNAPSHOT + 3.7.1-SNAPSHOT seed-web-specs diff --git a/web/undertow/pom.xml b/web/undertow/pom.xml index 10daa7f59..86cb107db 100644 --- a/web/undertow/pom.xml +++ b/web/undertow/pom.xml @@ -14,7 +14,7 @@ org.seedstack.seed seed-web - 3.7.0-SNAPSHOT + 3.7.1-SNAPSHOT seed-web-undertow