changeset 1580:1393f9e111f4

cleanup disabling of http caching, avoid usage of no-cache because it breaks attachment download on IE6
author Thomas Waldmann <tw AT waldmann-edv DOT de>
date Wed, 20 Sep 2006 15:08:47 +0200
parents 134062b3d442
children cd904ef15a0d f37b49b6313d
files MoinMoin/Page.py MoinMoin/PageEditor.py MoinMoin/PageGraphicalEditor.py MoinMoin/request/__init__.py
diffstat 4 files changed, 37 insertions(+), 30 deletions(-) [+]
line wrap: on
line diff
--- a/MoinMoin/Page.py	Mon Sep 18 23:17:08 2006 +0200
+++ b/MoinMoin/Page.py	Wed Sep 20 15:08:47 2006 +0200
@@ -1185,12 +1185,12 @@
             request.setHttpHeader("Content-Type: %s; charset=%s" % (self.output_mimetype, self.output_charset))
             if page_exists:
                 request.setHttpHeader('Status: 200 OK')
-                if not request.cacheable or request.user.valid:
-                    # use "nocache" headers if we're using a method that
-                    # is not simply "display", or if a user is logged in
-                    # (which triggers personalisation features)
-                    for header in request.nocache:
-                        request.setHttpHeader(header)
+                if not request.cacheable:
+                    # use "nocache" headers if we're using a method that is not simply "display"
+                    request.disableHttpCaching(level=2)
+                elif request.user.valid:
+                    # use nocache headers if a user is logged in (which triggers personalisation features)
+                    request.disableHttpCaching(level=1)
                 else:
                     # TODO: we need to know if a page generates dynamic content
                     # if it does, we must not use the page file mtime as last modified value
--- a/MoinMoin/PageEditor.py	Mon Sep 18 23:17:08 2006 +0200
+++ b/MoinMoin/PageEditor.py	Wed Sep 20 15:08:47 2006 +0200
@@ -143,7 +143,8 @@
 
         form = self.request.form
         _ = self._
-        self.request.emit_http_headers(self.request.nocache)
+        self.request.disableHttpCaching(level=2)
+        self.request.emit_http_headers()
 
         raw_body = ''
         msg = None
--- a/MoinMoin/PageGraphicalEditor.py	Mon Sep 18 23:17:08 2006 +0200
+++ b/MoinMoin/PageGraphicalEditor.py	Wed Sep 20 15:08:47 2006 +0200
@@ -53,7 +53,8 @@
         request = self.request
         form = self.request.form
         _ = self._
-        self.request.emit_http_headers(self.request.nocache)
+        self.request.disableHttpCaching(level=2)
+        self.request.emit_http_headers()
 
         raw_body = ''
         msg = None
--- a/MoinMoin/request/__init__.py	Mon Sep 18 23:17:08 2006 +0200
+++ b/MoinMoin/request/__init__.py	Wed Sep 20 15:08:47 2006 +0200
@@ -110,15 +110,6 @@
 class RequestBase(object):
     """ A collection for all data associated with ONE request. """
 
-    # Header set to force misbehaved proxies and browsers to keep their
-    # hands off a page
-    # Details: http://support.microsoft.com/support/kb/articles/Q234/0/67.ASP
-    nocache = [
-        "Pragma: no-cache",
-        "Cache-Control: no-cache",
-        "Expires: -1",
-    ]
-
     # Defaults (used by sub classes)
     http_accept_language = 'en'
     server_name = 'localhost'
@@ -142,6 +133,7 @@
 
         self.user_headers = []
         self.cacheable = 0 # may this output get cached by http proxies/caches?
+        self.http_caching_disabled = 0 # see disableHttpCaching()
         self.page = None
         self._dicts = None
 
@@ -1352,30 +1344,43 @@
         return '%s, %s %02d:%02d:%02d GMT' % (day, date, now.tm_hour,
                                               now.tm_min, now.tm_sec)
 
-    def disableHttpCaching(self):
-        """ Prevent caching of pages that should not be cached
+    def disableHttpCaching(self, level=1):
+        """ Prevent caching of pages that should not be cached.
+
+        level == 1 means disabling caching when we have a cookie set
+        level == 2 means completely disabling caching (used by Page*Editor)
 
         This is important to prevent caches break acl by providing one
         user pages meant to be seen only by another user, when both users
         share the same caching proxy.
+
+        AVOID using no-cache and no-store for attachments as it is completely broken on IE!
+        
+        Details: http://support.microsoft.com/support/kb/articles/Q234/0/67.ASP
         """
-        # Run only once
-        if hasattr(self, 'http_caching_disabled'):
-            return
-        self.http_caching_disabled = 1
+        if level <= self.http_caching_disabled:
+            return # only make caching stricter
 
-        # Set Cache control header for http 1.1 caches
-        # See http://www.cse.ohio-state.edu/cgi-bin/rfc/rfc2109.html#sec-4.2.3
-        # and http://www.cse.ohio-state.edu/cgi-bin/rfc/rfc2068.html#sec-14.9
-        self.setHttpHeader('Cache-Control: no-cache="set-cookie", private, max-age=0')
+        if level == 1:
+            # Set Cache control header for http 1.1 caches
+            # See http://www.cse.ohio-state.edu/cgi-bin/rfc/rfc2109.html#sec-4.2.3
+            # and http://www.cse.ohio-state.edu/cgi-bin/rfc/rfc2068.html#sec-14.9
+            #self.setHttpHeader('Cache-Control: no-cache="set-cookie", private, max-age=0')
+            self.setHttpHeader('Cache-Control: private, must-revalidate, max-age=10')
+        elif level == 2:
+            self.setHttpHeader('Cache-Control: no-cache')
 
         # Set Expires for http 1.0 caches (does not support Cache-Control)
-        yearago = time.time() - (3600 * 24 * 365)
-        self.setHttpHeader('Expires: %s' % self.httpDate(when=yearago))
+        when = time.time() - (3600 * 24 * 365)
+        self.setHttpHeader('Expires: %s' % self.httpDate(when=when))
 
         # Set Pragma for http 1.0 caches
         # See http://www.cse.ohio-state.edu/cgi-bin/rfc/rfc2068.html#sec-14.32
-        self.setHttpHeader('Pragma: no-cache')
+        # DISABLED for level == 1 to fix IE https file attachment downloading trouble.
+        if level == 2:
+            self.setHttpHeader('Pragma: no-cache')
+
+        self.http_caching_disabled = level
 
     def finish(self):
         """ General cleanup on end of request