Anomie has uploaded a new change for review.
https://gerrit.wikimedia.org/r/76726
Change subject: Allow caching of Special:CentralAutoLogin when safe
......................................................................
Allow caching of Special:CentralAutoLogin when safe
Special:CentralAutoLogin/start and
Special:CentralAutoLogin/checkLoggedIn are safe to cache, because
they only differ based on the session cookies (which the cache already
varies on) and don't have any side effects.
The other methods in the login flow do need to be uncached, though, as
they do have side effects.
Change-Id: Ie17b277857529f00a659cdbc933ff6c31fb616ed
---
M specials/SpecialCentralAutoLogin.php
1 file changed, 19 insertions(+), 1 deletion(-)
git pull ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/CentralAuth
refs/changes/26/76726/1
diff --git a/specials/SpecialCentralAutoLogin.php
b/specials/SpecialCentralAutoLogin.php
index ed500f3..dee5eca 100644
--- a/specials/SpecialCentralAutoLogin.php
+++ b/specials/SpecialCentralAutoLogin.php
@@ -55,6 +55,9 @@
return;
case 'refreshCookies': // Refresh central cookies (e.g. in case
'remember me' was set)
+ // Do not cache this, we need to reset the cookies
every time.
+ $this->getOutput()->enableClientCache( false );
+
if ( !$wgCentralAuthLoginWiki ||
!$this->checkIsCentralWiki( $wikiid ) ) {
return;
}
@@ -77,6 +80,9 @@
return;
case 'start': // Main entry point
+ // Note this is safe to cache, because the cache
already varies on
+ // the session cookies.
+
if ( !$this->checkIsLocalWiki() ) {
return;
}
@@ -88,6 +94,9 @@
return;
case 'checkLoggedIn': // Check if we're logged in centrally
+ // Note this is safe to cache, because the cache
already varies on
+ // the session cookies.
+
if ( !$this->checkIsCentralWiki( $wikiid ) ) {
return;
}
@@ -100,6 +109,9 @@
return;
case 'createSession': // Create the local session and shared
memcache token
+ // Do not cache this, we need to reset the cookies and
memc every time.
+ $this->getOutput()->enableClientCache( false );
+
if ( !$this->checkIsLocalWiki() ) {
return;
}
@@ -136,6 +148,9 @@
return;
case 'validateSession': // Validate the shared memcached token
+ // Do not cache this, we need to reset the cookies and
memc every time.
+ $this->getOutput()->enableClientCache( false );
+
if ( !$this->checkIsCentralWiki( $wikiid ) ) {
return;
}
@@ -182,6 +197,9 @@
return;
case 'setCookies': // Check that memcached is validated, and
set cookies
+ // Do not cache this, we need to reset the cookies and
memc every time.
+ $this->getOutput()->enableClientCache( false );
+
if ( !$this->checkIsLocalWiki() ) {
return;
}
@@ -378,7 +396,7 @@
private function doFinalOutput( $ok, $status, $script = '' ) {
$this->getOutput()->disable();
wfResetOutputBuffers();
- header( 'Cache-Control: no-cache' );
+ $this->getOutput()->sendCacheControl();
$type = $this->getRequest()->getVal( 'type', 'script' );
if ( $type === 'icon' || $type === '1x1' ) {
--
To view, visit https://gerrit.wikimedia.org/r/76726
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: Ie17b277857529f00a659cdbc933ff6c31fb616ed
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/CentralAuth
Gerrit-Branch: master
Gerrit-Owner: Anomie <[email protected]>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
