[Checkins] SVN: Products.PluggableAuthService/trunk/ Set appropriate cache headers on CookieAuthHelper login redirects to prevent caching by proxy servers.
Laurence Rowe
l at lrowe.co.uk
Mon May 30 06:07:09 EDT 2011
Log message for revision 121831:
Set appropriate cache headers on CookieAuthHelper login redirects to prevent caching by proxy servers.
Changed:
U Products.PluggableAuthService/trunk/CHANGES.txt
U Products.PluggableAuthService/trunk/Products/PluggableAuthService/plugins/CookieAuthHelper.py
U Products.PluggableAuthService/trunk/Products/PluggableAuthService/plugins/tests/test_CookieAuthHelper.py
-=-
Modified: Products.PluggableAuthService/trunk/CHANGES.txt
===================================================================
--- Products.PluggableAuthService/trunk/CHANGES.txt 2011-05-29 21:34:57 UTC (rev 121830)
+++ Products.PluggableAuthService/trunk/CHANGES.txt 2011-05-30 10:07:08 UTC (rev 121831)
@@ -4,6 +4,8 @@
1.7.5 (unreleased)
------------------
+- Set appropriate cache headers on CookieAuthHelper login redirects to prevent
+ caching by proxy servers.
1.7.4 (2011-05-13)
------------------
Modified: Products.PluggableAuthService/trunk/Products/PluggableAuthService/plugins/CookieAuthHelper.py
===================================================================
--- Products.PluggableAuthService/trunk/Products/PluggableAuthService/plugins/CookieAuthHelper.py 2011-05-29 21:34:57 UTC (rev 121830)
+++ Products.PluggableAuthService/trunk/Products/PluggableAuthService/plugins/CookieAuthHelper.py 2011-05-30 10:07:08 UTC (rev 121831)
@@ -223,6 +223,8 @@
sep = '?'
url = '%s%scame_from=%s' % (url, sep, quote(came_from))
resp.redirect(url, lock=1)
+ resp.setHeader('Expires', 'Sat, 01 Jan 2000 00:00:00 GMT')
+ resp.setHeader('Cache-Control', 'no-cache')
return 1
# Could not challenge.
Modified: Products.PluggableAuthService/trunk/Products/PluggableAuthService/plugins/tests/test_CookieAuthHelper.py
===================================================================
--- Products.PluggableAuthService/trunk/Products/PluggableAuthService/plugins/tests/test_CookieAuthHelper.py 2011-05-29 21:34:57 UTC (rev 121830)
+++ Products.PluggableAuthService/trunk/Products/PluggableAuthService/plugins/tests/test_CookieAuthHelper.py 2011-05-30 10:07:08 UTC (rev 121831)
@@ -47,6 +47,9 @@
self.status = status
self.headers['Location'] = location
+ def setHeader(self, name, value):
+ self.headers[name] = value
+
class CookieAuthHelperTests( unittest.TestCase
, ILoginPasswordHostExtractionPlugin_conformance
, IChallengePlugin_conformance
@@ -124,8 +127,10 @@
helper.challenge(request, response)
self.assertEqual(response.status, 302)
- self.assertEqual(len(response.headers), 1)
+ self.assertEqual(len(response.headers), 3)
self.failUnless(response.headers['Location'].endswith(urllib.quote(testURL)))
+ self.assertEqual(response.headers['Cache-Control'], 'no-cache')
+ self.assertEqual(response.headers['Expires'], 'Sat, 01 Jan 2000 00:00:00 GMT')
def test_challenge_with_vhm( self ):
rc, root, folder, object = self._makeTree()
@@ -141,9 +146,11 @@
helper.challenge(request, response)
self.assertEqual(response.status, 302)
- self.assertEqual(len(response.headers), 1)
+ self.assertEqual(len(response.headers), 3)
self.failUnless(response.headers['Location'].endswith(urllib.quote(actualURL)))
self.failIf(response.headers['Location'].endswith(urllib.quote(vhmURL)))
+ self.assertEqual(response.headers['Cache-Control'], 'no-cache')
+ self.assertEqual(response.headers['Expires'], 'Sat, 01 Jan 2000 00:00:00 GMT')
def test_resetCredentials( self ):
helper = self._makeOne()
More information about the checkins
mailing list