From 4746623aa34dbc7488548cf303e4fb1e694953d2 Mon Sep 17 00:00:00 2001 From: Jelle van Oosterbosch Date: Wed, 16 May 2018 11:15:05 +0200 Subject: [PATCH 1/2] [HttpKernel] Fix for 26769: letting the controller caching directives not be overwritten by the listener --- .../EventListener/AbstractSessionListener.php | 9 ++++++-- .../EventListener/SessionListenerTest.php | 21 +++++++++++++++++++ 2 files changed, 28 insertions(+), 2 deletions(-) diff --git a/src/Symfony/Component/HttpKernel/EventListener/AbstractSessionListener.php b/src/Symfony/Component/HttpKernel/EventListener/AbstractSessionListener.php index dff29ee80b418..c7a55f1e2b518 100644 --- a/src/Symfony/Component/HttpKernel/EventListener/AbstractSessionListener.php +++ b/src/Symfony/Component/HttpKernel/EventListener/AbstractSessionListener.php @@ -46,12 +46,17 @@ public function onKernelResponse(FilterResponseEvent $event) return; } - if (!$session = $event->getRequest()->getSession()) { + if (!$session = $this->getSession()) { + return; + } + + $response = $event->getResponse(); + if ($response->isCacheable()) { return; } if ($session->isStarted() || ($session instanceof Session && $session->hasBeenStarted())) { - $event->getResponse() + $response ->setPrivate() ->setMaxAge(0) ->headers->addCacheControlDirective('must-revalidate'); diff --git a/src/Symfony/Component/HttpKernel/Tests/EventListener/SessionListenerTest.php b/src/Symfony/Component/HttpKernel/Tests/EventListener/SessionListenerTest.php index 34598363c8914..1941300ac7815 100644 --- a/src/Symfony/Component/HttpKernel/Tests/EventListener/SessionListenerTest.php +++ b/src/Symfony/Component/HttpKernel/Tests/EventListener/SessionListenerTest.php @@ -76,4 +76,25 @@ public function testResponseIsPrivate() $this->assertTrue($response->headers->hasCacheControlDirective('must-revalidate')); $this->assertSame('0', $response->headers->getCacheControlDirective('max-age')); } + + public function testResponseIsNotPrivateWhenCachable() + { + $session = $this->getMockBuilder(Session::class)->disableOriginalConstructor()->getMock(); + + $container = new Container(); + $container->set('session', $session); + + $listener = new SessionListener($container); + $kernel = $this->getMockBuilder(HttpKernelInterface::class)->disableOriginalConstructor()->getMock(); + + $request = new Request(); + $response = new Response(); + $response->setSharedMaxAge(600); + + $listener->onKernelRequest(new GetResponseEvent($kernel, $request, HttpKernelInterface::MASTER_REQUEST)); + $listener->onKernelResponse(new FilterResponseEvent($kernel, $request, HttpKernelInterface::MASTER_REQUEST, $response)); + + $this->assertTrue($response->headers->hasCacheControlDirective('public')); + $this->assertSame('600', $response->headers->getCacheControlDirective('s-maxage')); + } } From b53fa8041077636a4a20464e00b7d458ad3ee888 Mon Sep 17 00:00:00 2001 From: Jelle van Oosterbosch Date: Wed, 16 May 2018 12:34:58 +0200 Subject: [PATCH 2/2] Revert $session from container and use it the old way from the request --- .../HttpKernel/EventListener/AbstractSessionListener.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Symfony/Component/HttpKernel/EventListener/AbstractSessionListener.php b/src/Symfony/Component/HttpKernel/EventListener/AbstractSessionListener.php index c7a55f1e2b518..b64bc5ad72d6c 100644 --- a/src/Symfony/Component/HttpKernel/EventListener/AbstractSessionListener.php +++ b/src/Symfony/Component/HttpKernel/EventListener/AbstractSessionListener.php @@ -46,7 +46,7 @@ public function onKernelResponse(FilterResponseEvent $event) return; } - if (!$session = $this->getSession()) { + if (!$session = $event->getRequest()->getSession()) { return; }