From b5e0850f04d7ab4f47a1b33087a87698a117058d Mon Sep 17 00:00:00 2001 From: Roan Kattouw Date: Wed, 3 Aug 2011 12:00:47 +0000 Subject: [PATCH] Introduce $wgVaryOnXFPToAPI which sends Vary: X-Forwarded-Proto (and the appropriate XVO, if needed) on cached API requests. This effectively splits the API cache between HTTP and HTTPS for people with an HTTPS termination setup in front of a caching proxy (like, say, WMF) --- includes/DefaultSettings.php | 7 +++++++ includes/api/ApiMain.php | 17 +++++++++++++++-- 2 files changed, 22 insertions(+), 2 deletions(-) diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php index f75d3ec309..643df90648 100644 --- a/includes/DefaultSettings.php +++ b/includes/DefaultSettings.php @@ -1739,6 +1739,13 @@ $wgUseESI = false; /** Send X-Vary-Options header for better caching (requires patched Squid) */ $wgUseXVO = false; +/** Add X-Forwarded-Proto to the Vary and X-Vary-Options headers for API + * requests. Use this if you have an SSL termination setup and want to split + * the cache between HTTP and HTTPS for API requests. This does not affect + * 'regular' requests. + */ +$wgVaryOnXFPForAPI = false; + /** * Internal server name as known to Squid, if different. Example: * diff --git a/includes/api/ApiMain.php b/includes/api/ApiMain.php index c03a9e6e3f..e45ba85cf1 100644 --- a/includes/api/ApiMain.php +++ b/includes/api/ApiMain.php @@ -399,6 +399,7 @@ class ApiMain extends ApiBase { } protected function sendCacheHeaders() { + global $wgUseXVO, $wgOut, $wgVaryOnXFPForAPI; $response = $this->getRequest()->response(); if ( $this->mCacheMode == 'private' ) { @@ -407,9 +408,12 @@ class ApiMain extends ApiBase { } if ( $this->mCacheMode == 'anon-public-user-private' ) { - global $wgUseXVO, $wgOut; - $response->header( 'Vary: Accept-Encoding, Cookie' ); + $xfp = $wgVaryOnXFPForAPI ? ', X-Forwarded-Proto' : ''; + $response->header( 'Vary: Accept-Encoding, Cookie' . $xfp ); if ( $wgUseXVO ) { + if ( $wgVaryOnXFPForAPI ) { + $wgOut->addVaryHeader( 'X-Forwarded-Proto' ); + } $response->header( $wgOut->getXVO() ); if ( $wgOut->haveCacheVaryCookies() ) { // Logged in, mark this request private @@ -424,6 +428,15 @@ class ApiMain extends ApiBase { return; } // else no XVO and anonymous, send public headers below } + + // Send public headers + if ( $wgVaryOnXFPForAPI ) { + $response->header( 'Vary: Accept-Encoding, X-Forwarded-Proto' ); + if ( $wgUseXVO ) { + // Bleeeeegh. Our header setting system sucks + $response->header( 'X-Vary-Options: Accept-Encoding;list-contains=gzip, X-Forwarded-Proto' ); + } + } // If nobody called setCacheMaxAge(), use the (s)maxage parameters if ( !isset( $this->mCacheControl['s-maxage'] ) ) { -- 2.20.1