Download as
Browse Code »

Commit 99fa04df9a85351aafa03ad0adcdbf27f6658960

Authored by Antonio Terceiro
1 parent 3c206e7b
Exists in master and in 29 other branches add_member_task_reject_details, admin_visible_profile, article-list-template, community_notifications, contact_admin_translation, event_fixes, fix_comments_pagination, fix_rails4_organization_ratings, fix_sign_up_form, follow_step_fix, forum_topic_creation, mirror_block_improvements, multi_env_on_remote_user, new_security, noosfero_spb_ci, organization_ratings_improvements, organization_ratings_link_to_profile_stable-spb-1.3, organization_ratings_translations_fix, profile_api_improvements, ratings_minor_fixes, remote_user_fix, send_email_to_admins, stable-spb-1.3, stable-spb-1.3-fixes, stable-spb-1.4, stable-spb-1.5, suggest_rejected_value, web_steps_improvements, xss_terminate_custom_options

Don't cache error responses (status >= 400)

Showing 3 changed files with 26 additions and 1 deletions   Show diff stats
app/controllers/public/profile_controller.rb
  Diff comments   View file @99fa04d
@@ -18,6 +18,7 @@ class ProfileController < PublicController @@ -18,6 +18,7 @@ class ProfileController < PublicController
18 @tags = profile.article_tags 18 @tags = profile.article_tags
19 unless profile.display_info_to?(user) 19 unless profile.display_info_to?(user)
20 profile.visible? ? private_profile : invisible_profile 20 profile.visible? ? private_profile : invisible_profile
  21 + render :action => 'index', :status => 403
21 end 22 end
22 end 23 end
23 24
test/integration/http_caching_test.rb
  Diff comments   View file @99fa04d
@@ -74,6 +74,23 @@ class HttpCachingTest < ActionController::IntegrationTest @@ -74,6 +74,23 @@ class HttpCachingTest < ActionController::IntegrationTest
74 assert_no_cache 74 assert_no_cache
75 end 75 end
76 76
  77 + test 'private community profile should not return cache headers' do
  78 + create_private_community('the-community')
  79 +
  80 + get "/profile/the-community"
  81 + assert_response 403
  82 + assert_no_cache
  83 + end
  84 +
  85 + test 'private community content should not return cache headers' do
  86 + community = create_private_community('the-community')
  87 + create(Article, profile_id: community.id, name: 'Test page')
  88 +
  89 + get "/the-community/test-page"
  90 + assert_response 403
  91 + assert_no_cache
  92 + end
  93 +
77 protected 94 protected
78 95
79 def set_env_config(data) 96 def set_env_config(data)
@@ -84,6 +101,13 @@ class HttpCachingTest < ActionController::IntegrationTest @@ -84,6 +101,13 @@ class HttpCachingTest < ActionController::IntegrationTest
84 env.save! 101 env.save!
85 end 102 end
86 103
  104 + def create_private_community(identifier)
  105 + community = fast_create(Community, identifier: identifier)
  106 + community.public_profile = false
  107 + community.save!
  108 + community
  109 + end
  110 +
87 def assert_no_cache 111 def assert_no_cache
88 assert(cache_parts == ['max-age=0', 'must-revalidate', 'private'] || cache_parts == ['no-cache'], "should not set cache headers (found #{cache_parts.inspect})") 112 assert(cache_parts == ['max-age=0', 'must-revalidate', 'private'] || cache_parts == ['no-cache'], "should not set cache headers (found #{cache_parts.inspect})")
89 end 113 end
vendor/plugins/noosfero_caching/init.rb
  Diff comments   View file @99fa04d
@@ -21,7 +21,7 @@ module NoosferoHttpCaching @@ -21,7 +21,7 @@ module NoosferoHttpCaching
21 end 21 end
22 end 22 end
23 end 23 end
24 - if n 24 + if n && response.status < 400
25 expires_in n.minutes, :private => false, :public => true 25 expires_in n.minutes, :private => false, :public => true
26 end 26 end
27 end 27 end