Closed
Bug 1227293
Opened 9 years ago
Closed 8 years ago
API responses are cached
Categories
(Participation Infrastructure :: Phonebook, defect)
Tracking
(Not tracked)
VERIFIED
FIXED
People
(Reporter: jonasfj, Assigned: nemo-yiannis)
References
Details
On a oneoff dyno inside heroku (EC2) I can trivially show that API results are cached. Please, add header: cache-control: private, max-age=0, no-cache Really do also allow API keys to be sent via 'authentication' header, that way this would never have been an issue. There is many good reasons to use 'authentication', notably most caches and proxies does the right thing. Like don't cache and don't log the contents of that header to anywhere. See also bug 1216799.
Comment 1•8 years ago
|
||
Commits pushed to master at https://github.com/mozilla/mozillians https://github.com/mozilla/mozillians/commit/0ec09f394b95baf1e548460d91fb1f9d428c9103 [Fix bug 1227293] Do not cache API v2 responses. https://github.com/mozilla/mozillians/commit/9340e9e915974cee09bb9a8d9809d3c0c24f2e08 Merge pull request #1289 from johngian/1227293 [Fix bug 1227293] Do not cache API v2 responses.
Updated•8 years ago
|
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
Assignee | ||
Updated•8 years ago
|
Version: other → next
Assignee | ||
Updated•8 years ago
|
Assignee: nobody → jgiannelos
Comment 2•8 years ago
|
||
Although there is a cache-control header, it has max-age=0 which is different from no-cache. Since the API reflects any changes in the profiles immediately and the never_cache decorator [0] in Django adds the 'no-cache' and 'no-store' in version 1.8, which is already in a PR [1], I am marking this bug as verified. [0] https://code.djangoproject.com/ticket/13008 [1] https://github.com/mozilla/mozillians/pull/1315
Status: RESOLVED → VERIFIED
Assignee | ||
Updated•8 years ago
|
Version: next → 2016-2.1
You need to log in
before you can comment on or make changes to this bug.
Description
•