-
Notifications
You must be signed in to change notification settings - Fork 821
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
WIP NEW Add better HTTP cache-control manipulation #8086
Changes from 1 commit
d0ee187
ec57565
566185e
88ed12a
121daf7
aa06d88
db2dca0
45c7d13
140cd19
de8e45b
179fbe3
e58a00f
4982ba1
71978c6
3cfe582
442235b
8063603
ec0a469
9b5a464
a159cdd
b104a3b
d1362e9
321eb78
2050c46
8f74270
335fb1e
66214f6
2420742
a352619
3d2269d
645f025
acf2a39
d63a234
0cd3315
f89b24f
35d547d
919b5ba
4c96332
4ff0e28
16094ed
2695778
14ba6ed
1cb8a39
35b81d8
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -371,8 +371,10 @@ public static function add_cache_headers($body = null) { | |
if(headers_sent() && !$body) { | ||
return; | ||
} | ||
// Skip already assigned cache-control headers | ||
|
||
// Warn if already assigned cache-control headers | ||
if ($body && $body->getHeader('Cache-Control')) { | ||
trigger_error("Cache-Control header has already been set", E_USER_WARNING); | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. In addition, we should say something like "Please use HTTPCacheControl::singleton() methods to more safely customise your cache-control headers." There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. How about trigger_error(
"Cache-Control header has already been set. "
. "Please use HTTPCacheControl API to set caching options instead.",
E_USER_WARNING
); |
||
return; | ||
} | ||
|
||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That seems a bit dangerous in terms of footguns, e.g. devs might miss the fact that we have a highlevel API and add go the obvious route instead, using
SS_HTTPResponse->addHeader()
. In particular, it doesn't protect any devs who used this lowlevel API in existing projects by default. I thinkHTTPCacheControl
needs to override direct setting ofCache-Control
headers. We should also note this inaddHeaders()
PHPDoc.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Discussed this with Sam and Damian, we'll retain the warning for custom
addHeader()
uses (which you should be warned about), and deprecate the entire controllerpolicy module (to avoid situations where the warning doesn't apply).