From b88de1e3171d66de9003b9e13a4f060aa060766e Mon Sep 17 00:00:00 2001
From: olavmrk <olavmrk@a716ebb1-153a-0410-b759-cfb97c6a1b53>
Date: Thu, 13 Feb 2014 09:05:21 +0000
Subject: Simplify cache disabling headers.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This patch changes the headers sent to prevent errornous caching of the
responses sent to only use a single header:

   Cache-Control: private, must-revalidate

This single header should ensure that the data isn't shared between
multiple users, and that the browser checks that the content is still
valid for each request (enabling logout to work as expected).

This drops the Exires-header, which should be unnecessary since all
modern browsers support the Cache-Control-header.

Thanks to Arthur Müller for providing this patch.

git-svn-id: https://modmellon.googlecode.com/svn/trunk@223 a716ebb1-153a-0410-b759-cfb97c6a1b53
---
 auth_mellon_handler.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'auth_mellon_handler.c')

diff --git a/auth_mellon_handler.c b/auth_mellon_handler.c
index e471bdc..f93ba6e 100644
--- a/auth_mellon_handler.c
+++ b/auth_mellon_handler.c
@@ -3168,8 +3168,8 @@ int am_auth_mellon_user(request_rec *r)
 	return DECLINED;
     }
 
-    /* Disable all caching within this location. */
-    am_set_nocache(r);
+    /* Set defaut Cache-Control headers within this location */
+    am_set_cache_control_headers(r);
 
     /* Check if this is a request for one of our endpoints. We check if
      * the uri starts with the path set with the MellonEndpointPath
-- 
cgit