Fixes for action=raw (used when sites include other site's javascript),
and stashed images.
Bug: 53032
Change-Id: I8f915f6a4756f750c74d9ee9bec58f7ba6c0c827
# Output may contain user-specific data;
# vary generated content for open sessions on private wikis
$privateCache = !User::isEveryoneAllowed( 'read' ) && ( $smaxage == 0 || session_id() != '' );
+ // Bug 53032 - make this private if user is logged in,
+ // so we don't accidentally cache cookies
+ $privateCache = $privateCache ?: $this->getUser()->isLoggedIn();
# allow the client to cache this for 24 hours
$mode = $privateCache ? 'private' : 'public';
$response->header(
header( "Content-Type: $contentType", true );
header( 'Content-Transfer-Encoding: binary', true );
header( 'Expires: Sun, 17-Jan-2038 19:14:07 GMT', true );
+ // Bug 53032 - It shouldn't be a problem here, but let's be safe and not cache
+ header( 'Cache-Control: private' );
header( "Content-Length: $size", true );
}