jenkins-bot has submitted this change and it was merged.
Change subject: Allow caching of Special:CentralAutoLogin when safe
......................................................................
Allow caching of Special:CentralAutoLogin when safe
Special:CentralAutoLogin/start and
Special:CentralAutoLogin/checkLoggedIn are safe to cache, because
they only differ based on the session cookies (which the cache already
varies on) and don't have any side effects.
The other methods in the login flow do need to be uncached, though, as
they do have side effects.
Change-Id: Ie17b277857529f00a659cdbc933ff6c31fb616ed
---
M specials/SpecialCentralAutoLogin.php
1 file changed, 23 insertions(+), 1 deletion(-)
Approvals:
CSteipp: Looks good to me, approved
Mark Bergsma: Looks good to me, but someone else must approve
jenkins-bot: Verified
diff --git a/specials/SpecialCentralAutoLogin.php
b/specials/SpecialCentralAutoLogin.php
index ed500f3..6b6e226 100644
--- a/specials/SpecialCentralAutoLogin.php
+++ b/specials/SpecialCentralAutoLogin.php
@@ -55,6 +55,9 @@
return;
case 'refreshCookies': // Refresh central cookies (e.g. in case
'remember me' was set)
+ // Do not cache this, we need to reset the cookies
every time.
+ $this->getOutput()->enableClientCache( false );
+
if ( !$wgCentralAuthLoginWiki ||
!$this->checkIsCentralWiki( $wikiid ) ) {
return;
}
@@ -77,6 +80,9 @@
return;
case 'start': // Main entry point
+ // Note this is safe to cache, because the cache
already varies on
+ // the session cookies.
+
if ( !$this->checkIsLocalWiki() ) {
return;
}
@@ -88,6 +94,9 @@
return;
case 'checkLoggedIn': // Check if we're logged in centrally
+ // Note this is safe to cache, because the cache
already varies on
+ // the session cookies.
+
if ( !$this->checkIsCentralWiki( $wikiid ) ) {
return;
}
@@ -100,6 +109,9 @@
return;
case 'createSession': // Create the local session and shared
memcache token
+ // The initial checks here are safe to cache. Once we
start setting
+ // cookies and memc, we can no longer cache it.
+
if ( !$this->checkIsLocalWiki() ) {
return;
}
@@ -110,6 +122,10 @@
$this->doFinalOutput( false, 'Not centrally
logged in', $notLoggedInScript );
return;
}
+
+ // At this point we can't cache anymore because we need
to set
+ // cookies and memc each time.
+ $this->getOutput()->enableClientCache( false );
// Ensure that a session exists
if ( session_id() == '' ) {
@@ -136,6 +152,9 @@
return;
case 'validateSession': // Validate the shared memcached token
+ // Do not cache this, we need to reset the cookies and
memc every time.
+ $this->getOutput()->enableClientCache( false );
+
if ( !$this->checkIsCentralWiki( $wikiid ) ) {
return;
}
@@ -182,6 +201,9 @@
return;
case 'setCookies': // Check that memcached is validated, and
set cookies
+ // Do not cache this, we need to reset the cookies and
memc every time.
+ $this->getOutput()->enableClientCache( false );
+
if ( !$this->checkIsLocalWiki() ) {
return;
}
@@ -378,7 +400,7 @@
private function doFinalOutput( $ok, $status, $script = '' ) {
$this->getOutput()->disable();
wfResetOutputBuffers();
- header( 'Cache-Control: no-cache' );
+ $this->getOutput()->sendCacheControl();
$type = $this->getRequest()->getVal( 'type', 'script' );
if ( $type === 'icon' || $type === '1x1' ) {
--
To view, visit https://gerrit.wikimedia.org/r/76726
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: Ie17b277857529f00a659cdbc933ff6c31fb616ed
Gerrit-PatchSet: 2
Gerrit-Project: mediawiki/extensions/CentralAuth
Gerrit-Branch: master
Gerrit-Owner: Anomie <[email protected]>
Gerrit-Reviewer: Anomie <[email protected]>
Gerrit-Reviewer: CSteipp <[email protected]>
Gerrit-Reviewer: Mark Bergsma <[email protected]>
Gerrit-Reviewer: Tim Starling <[email protected]>
Gerrit-Reviewer: jenkins-bot
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
