Output cache-control headers that disable intermediate caching even if
OutputPage->mEnableClientCache is true when the response includes
set-cookie headers as well. This change mirrors logic that has been in
use on the Wikimedia Foundation production cluster's Varnish cache
system for over 2 years to guard against accidentally caching backend
responses which include Set-Cookie headers.
Co-Author: Max Semenik <maxsem.wiki@gmail.com>
Bug: T127993
Change-Id: I1a0d38a5b9dba754b91a7832371b3dc0df51bd5a
if ( $this->mEnableClientCache ) {
if (
- $config->get( 'UseSquid' ) && !SessionManager::getGlobalSession()->isPersistent() &&
- !$this->isPrintable() && $this->mCdnMaxage != 0 && !$this->haveCacheVaryCookies()
+ $config->get( 'UseSquid' ) &&
+ !$response->hasCookies() &&
+ !SessionManager::getGlobalSession()->isPersistent() &&
+ !$this->isPrintable() &&
+ $this->mCdnMaxage != 0 &&
+ !$this->haveCacheVaryCookies()
) {
if ( $config->get( 'UseESI' ) ) {
# We'll purge the proxy cache explicitly, but require end user agents
public function clearCookie( $name, $options = [] ) {
$this->setCookie( $name, '', time() - 31536000 /* 1 year */, $options );
}
+
+ /**
+ * Checks whether this request is performing cookie operations
+ *
+ * @return bool
+ * @since 1.27
+ */
+ public function hasCookies() {
+ return (bool)self::$setCookies;
+ }
}
/**