Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Fix for CHttpCacheFilter's Cache-Control headers being overwritten by started sessions #1628

Merged
merged 6 commits into from

4 participants

@DaSourcerer

As reported here, there is a problem with the Cache-Control header being overwritten by PHP's session logic. This can result into situations where http caching loses its effects.

This PR sets a header via session_cache_limiter() which will be immediately overwritten. In addition, the Pragma header will be cleared as well. This seems to work well in PHP v5.4.x and according to this comment, it should work with previous versions of PHP too. I'd still appreciate some review by others.

@samdark samdark was assigned
@DaSourcerer

Are there any objections? If not, I'd like to add a line to CHANGELOG now ...

@mdomba
Collaborator

as you wrote... this still needs to be tested... "it should work" does not mean it works.

@DaSourcerer

True. I'm a bit worried, though: Except for @samdark assigning himself, this PR hasn't seen any attention in a week. I realize that the issue resolved by this is not the most pressing one, but it clearly impairs the operation of CHttpCacheFilter for logged-in users, so I'd like to see this tested and pulled asap (or at least timely enough to be included in v1.1.13).

I just realized that I've got a box left which is locked at PHP v5.3, so I could actually test this myself. I'll report back soon.

@samdark
Owner

@DaSourcerer it will be very helpful.

@resurtm
Collaborator

Solution works as expected on 5.2.17. Feel free to request additional tests on 5.2.17.

framework/web/filters/CHttpCacheFilter.php
@@ -181,6 +181,11 @@ protected function send304Header()
*/
protected function sendCacheControlHeader()
{
+ if(Yii::app()->session->isStarted)
@resurtm Collaborator
resurtm added a note

Don't forget about indentation. :hand:

Looks like this diff has been whitespace-damaged while it looked ok in my editor... Thanks for pointing this out.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
@DaSourcerer

I can now confirm that this works on PHP v5.3.18 as well.

@samdark
Owner

Nice. Add a changelog line, update and we will merge it.

@DaSourcerer

Done with 686480e

CHANGELOG
@@ -35,6 +35,7 @@ Version 1.1.13 work in progress
- Bug #1652: Fixed incorrect syntax of CDbSchema::renameTable() for SQLite, added CSqliteSchema::renameTable() method (Sarke)
- Bug: Table schema is refreshed on Gii model generation when schemaCachingDuration is used (SonkoDmitry)
- Bug: CDbCommand::setFetchMode wasn't accepting additional arguments needed for PDO::FETCH_CLASS (samdark)
+- Bug: Active HTTP sessions overwrote the Cache-Control header set by CHttpCacheFilter (DaSourcerer)
@samdark Owner
samdark added a note

Need issue number here. In this case it's 1628. That's one last thing. Can't do it myself since using iPhone currently :)

Ah, I thought since #1628 is "just" the PR, I could leave it out. Adding right away ...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
@samdark samdark merged commit 446bb67 into from
@samdark
Owner

Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Oct 27, 2012
  1. @DaSourcerer
Commits on Oct 29, 2012
  1. @DaSourcerer
Commits on Nov 8, 2012
  1. @DaSourcerer

    csfix - thx @resurtm

    DaSourcerer authored
Commits on Nov 9, 2012
  1. @DaSourcerer
  2. @DaSourcerer

    Updated CHANGELOG

    DaSourcerer authored
Commits on Nov 10, 2012
  1. @DaSourcerer

    Added issue number

    DaSourcerer authored
This page is out of date. Refresh to see the latest.
Showing with 7 additions and 1 deletion.
  1. +1 −0  CHANGELOG
  2. +6 −1 framework/web/filters/CHttpCacheFilter.php
View
1  CHANGELOG
@@ -31,6 +31,7 @@ Version 1.1.13 work in progress
- Bug #1584: Fixed CGridView and CListView urls when enableHistory was used with "path" urlFormat (mdomba)
- Bug #1622: CLocale::getTerritory() used to return invalid territory name when locales (language tags) were specified without territory part (e.g. 'de', 'fr') (resurtm)
- Bug #1624: Requirements page now tries all other preferred languages when the most preferred one is missing (ArtVal)
+- Bug #1628: Active HTTP sessions overwrote the Cache-Control header set by CHttpCacheFilter (DaSourcerer)
- Bug #1646: CLocale::getTerritory() used to return invalid territory name when locales (language tags) were specified with script part (e.g. 'zh-Hans-CN', 'zh-Hant-HK') (resurtm)
- Bug #1652: Fixed incorrect syntax of CDbSchema::renameTable() for SQLite, added CSqliteSchema::renameTable() method (Sarke)
- Bug: Table schema is refreshed on Gii model generation when schemaCachingDuration is used (SonkoDmitry)
View
7 framework/web/filters/CHttpCacheFilter.php
@@ -181,7 +181,12 @@ protected function send304Header()
*/
protected function sendCacheControlHeader()
{
- header('Cache-Control: '.$this->cacheControl, true);
+ if(Yii::app()->session->isStarted)
+ {
+ session_cache_limiter('public');
+ header('Pragma:',true);
+ }
+ header('Cache-Control: '.$this->cacheControl,true);
}
/**
Something went wrong with that request. Please try again.