Only cache public attachments in the browser and CDNs.
The browser might overrule it anyway, if it's really obvious that it should be cached. This is mainly so Cloudflare, etc. don't serve sensitive documents to guests.
This commit is contained in:
parent
1aac6f1268
commit
352a262866
|
@ -1,7 +1,6 @@
|
||||||
package common
|
package common
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"sync"
|
|
||||||
"sync/atomic"
|
"sync/atomic"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -41,7 +40,6 @@ func (thaw *SingleServerThaw) Thaw() {
|
||||||
|
|
||||||
type DefaultThaw struct {
|
type DefaultThaw struct {
|
||||||
thawed int64
|
thawed int64
|
||||||
sync.Mutex
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func NewDefaultThaw() *DefaultThaw {
|
func NewDefaultThaw() *DefaultThaw {
|
||||||
|
@ -52,8 +50,6 @@ func NewDefaultThaw() *DefaultThaw {
|
||||||
|
|
||||||
// Decrement the thawed counter once a second until it goes cold
|
// Decrement the thawed counter once a second until it goes cold
|
||||||
func (thaw *DefaultThaw) Tick() error {
|
func (thaw *DefaultThaw) Tick() error {
|
||||||
thaw.Lock()
|
|
||||||
defer thaw.Unlock()
|
|
||||||
prior := thaw.thawed
|
prior := thaw.thawed
|
||||||
if prior > 0 {
|
if prior > 0 {
|
||||||
atomic.StoreInt64(&thaw.thawed, prior-1)
|
atomic.StoreInt64(&thaw.thawed, prior-1)
|
||||||
|
|
|
@ -140,6 +140,21 @@ func ShowAttachment(w http.ResponseWriter, r *http.Request, user common.User, fi
|
||||||
return common.LocalError("Unknown origin", w, r, user)
|
return common.LocalError("Unknown origin", w, r, user)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if !user.Loggedin {
|
||||||
|
w.Header().Set("Cache-Control", "max-age="+strconv.Itoa(int(common.Year)))
|
||||||
|
} else {
|
||||||
|
guest := common.GuestUser
|
||||||
|
_, ferr := common.SimpleForumUserCheck(w, r, &guest, sectionID)
|
||||||
|
if ferr != nil {
|
||||||
|
return ferr
|
||||||
|
}
|
||||||
|
if guest.Perms.ViewTopic {
|
||||||
|
w.Header().Set("Cache-Control", "max-age="+strconv.Itoa(int(common.Year)))
|
||||||
|
} else {
|
||||||
|
w.Header().Set("Cache-Control", "private")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// TODO: Fix the problem where non-existent files aren't greeted with custom 404s on ServeFile()'s side
|
// TODO: Fix the problem where non-existent files aren't greeted with custom 404s on ServeFile()'s side
|
||||||
http.ServeFile(w, r, "./attachs/"+filename)
|
http.ServeFile(w, r, "./attachs/"+filename)
|
||||||
return nil
|
return nil
|
||||||
|
|
Loading…
Reference in New Issue