Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 7e2a88a

Browse filesBrowse files
nicolas-grekasnicolas-grekas
committed
bug #48651 [HttpKernel] AbstractSessionListener should not override the cache lifetime for private responses (rodmen)
This PR was merged into the 5.4 branch. Discussion ---------- [HttpKernel] AbstractSessionListener should not override the cache lifetime for private responses Q | A | ------------- | --- | Branch? | 5.4 | Bug fix? | yes | New feature? | no | Deprecations? | no | Tickets | Fix #47660 AbstractSessionListener should not override the cache lifetime | License | MIT #47660 is opened as a bug This PR fix that AbstractSessionListener override the max-age and the expires cache headers if cache control is private and these values are explicit defined Commits ------- 36ad0be [HttpKernel] AbstractSessionListener should not override the cache lifetime for private responses
2 parents 35ac2d1 + 36ad0be commit 7e2a88a
Copy full SHA for 7e2a88a

File tree

2 files changed

+62
-2
lines changed
Filter options

2 files changed

+62
-2
lines changed

‎src/Symfony/Component/HttpKernel/EventListener/AbstractSessionListener.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpKernel/EventListener/AbstractSessionListener.php
+3-2Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -200,10 +200,11 @@ public function onKernelResponse(ResponseEvent $event)
200200
}
201201

202202
if ($autoCacheControl) {
203+
$maxAge = $response->headers->hasCacheControlDirective('public') ? 0 : (int) $response->getMaxAge();
203204
$response
204-
->setExpires(new \DateTime())
205+
->setExpires(new \DateTimeImmutable('+'.$maxAge.' seconds'))
205206
->setPrivate()
206-
->setMaxAge(0)
207+
->setMaxAge($maxAge)
207208
->headers->addCacheControlDirective('must-revalidate');
208209
}
209210

‎src/Symfony/Component/HttpKernel/Tests/EventListener/SessionListenerTest.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpKernel/Tests/EventListener/SessionListenerTest.php
+59Lines changed: 59 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -39,6 +39,7 @@ class SessionListenerTest extends TestCase
3939
{
4040
/**
4141
* @dataProvider provideSessionOptions
42+
*
4243
* @runInSeparateProcess
4344
*/
4445
public function testSessionCookieOptions(array $phpSessionOptions, array $sessionOptions, array $expectedSessionOptions)
@@ -531,6 +532,64 @@ public function testUninitializedSessionWithoutInitializedSession()
531532
$this->assertSame('60', $response->headers->getCacheControlDirective('s-maxage'));
532533
}
533534

535+
public function testResponseHeadersMaxAgeAndExpiresNotBeOverridenIfSessionStarted()
536+
{
537+
$session = $this->createMock(Session::class);
538+
$session->expects($this->exactly(2))->method('getUsageIndex')->will($this->onConsecutiveCalls(0, 1));
539+
540+
$container = new Container();
541+
$container->set('initialized_session', $session);
542+
543+
$listener = new SessionListener($container);
544+
$kernel = $this->createMock(HttpKernelInterface::class);
545+
546+
$request = new Request();
547+
$listener->onKernelRequest(new RequestEvent($kernel, $request, HttpKernelInterface::MAIN_REQUEST));
548+
549+
$response = new Response();
550+
$response->setPrivate();
551+
$expiresHeader = gmdate('D, d M Y H:i:s', time() + 600).' GMT';
552+
$response->setMaxAge(600);
553+
$listener->onKernelResponse(new ResponseEvent($kernel, new Request(), HttpKernelInterface::MAIN_REQUEST, $response));
554+
555+
$this->assertTrue($response->headers->has('expires'));
556+
$this->assertSame($expiresHeader, $response->headers->get('expires'));
557+
$this->assertFalse($response->headers->has('max-age'));
558+
$this->assertSame('600', $response->headers->getCacheControlDirective('max-age'));
559+
$this->assertFalse($response->headers->hasCacheControlDirective('public'));
560+
$this->assertTrue($response->headers->hasCacheControlDirective('private'));
561+
$this->assertTrue($response->headers->hasCacheControlDirective('must-revalidate'));
562+
$this->assertFalse($response->headers->has(AbstractSessionListener::NO_AUTO_CACHE_CONTROL_HEADER));
563+
}
564+
565+
public function testResponseHeadersMaxAgeAndExpiresDefaultValuesIfSessionStarted()
566+
{
567+
$session = $this->createMock(Session::class);
568+
$session->expects($this->exactly(2))->method('getUsageIndex')->will($this->onConsecutiveCalls(0, 1));
569+
570+
$container = new Container();
571+
$container->set('initialized_session', $session);
572+
573+
$listener = new SessionListener($container);
574+
$kernel = $this->createMock(HttpKernelInterface::class);
575+
576+
$request = new Request();
577+
$listener->onKernelRequest(new RequestEvent($kernel, $request, HttpKernelInterface::MAIN_REQUEST));
578+
579+
$response = new Response();
580+
$expiresHeader = gmdate('D, d M Y H:i:s', time()).' GMT';
581+
$listener->onKernelResponse(new ResponseEvent($kernel, new Request(), HttpKernelInterface::MAIN_REQUEST, $response));
582+
583+
$this->assertTrue($response->headers->has('expires'));
584+
$this->assertSame($expiresHeader, $response->headers->get('expires'));
585+
$this->assertFalse($response->headers->has('max-age'));
586+
$this->assertSame('0', $response->headers->getCacheControlDirective('max-age'));
587+
$this->assertFalse($response->headers->hasCacheControlDirective('public'));
588+
$this->assertTrue($response->headers->hasCacheControlDirective('private'));
589+
$this->assertTrue($response->headers->hasCacheControlDirective('must-revalidate'));
590+
$this->assertFalse($response->headers->has(AbstractSessionListener::NO_AUTO_CACHE_CONTROL_HEADER));
591+
}
592+
534593
public function testSurrogateMainRequestIsPublic()
535594
{
536595
$session = $this->createMock(Session::class);

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.