mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-15 03:12:41 +01:00
439821c7b2
Summary: Ref T10262. This removes one-time tokens and makes file data responses always-cacheable (for 30 days). The URI will stop working once any attached object changes its view policy, or the file view policy itself changes. Files with `canCDN` (totally public data like profile images, CSS, JS, etc) use "cache-control: public" so they can be CDN'd. Files without `canCDN` use "cache-control: private" so they won't be cached by the CDN. They could still be cached by a misbehaving local cache, but if you don't want your users seeing one anothers' secret files you should configure your local network properly. Our "Cache-Control" headers were also from 1999 or something, update them to be more modern/sane. I can't find any evidence that any browser has done the wrong thing with this simpler ruleset in the last ~10 years. Test Plan: - Configured alternate file domain. - Viewed site: stuff worked. - Accessed a file on primary domain, got redirected to alternate domain. - Verified proper cache headers for `canCDN` (public) and non-`canCDN` (private) files. - Uploaded a file to a task, edited task policy, verified it scrambled the old URI. - Reloaded task, new URI generated transparently. Reviewers: chad Reviewed By: chad Maniphest Tasks: T10262 Differential Revision: https://secure.phabricator.com/D15642 |
||
|---|---|---|
| .. | ||
| __tests__ | ||
| application | ||
| controller | ||
| management | ||
| postprocessor | ||
| resources | ||
| api.php | ||
| CelerityAPI.php | ||
| CelerityResourceGraph.php | ||
| CelerityResourceMap.php | ||
| CelerityResourceMapGenerator.php | ||
| CelerityResourceTransformer.php | ||
| CeleritySpriteGenerator.php | ||
| CelerityStaticResourceResponse.php | ||