If you think a bug might affect users in the 57 release, please set the correct tracking and status flags for Release Management.

Status

Participation Infrastructure
Phonebook
VERIFIED FIXED
2 years ago
2 years ago

People

(Reporter: jonasfj, Assigned: nemo)

Tracking

2016-2.1

Details

(Reporter)

Description

2 years ago
On a oneoff dyno inside heroku (EC2) I can trivially show that API results
are cached.

Please, add header:
  cache-control: private, max-age=0, no-cache

Really do also allow API keys to be sent via 'authentication' header,
that way this would never have been an issue. There is many good reasons
to use 'authentication', notably most caches and proxies does the right thing.
Like don't cache and don't log the contents of that header to anywhere. 

See also bug 1216799.
(Reporter)

Updated

2 years ago
Blocks: 1225569

Comment 1

2 years ago
Commits pushed to master at https://github.com/mozilla/mozillians

https://github.com/mozilla/mozillians/commit/0ec09f394b95baf1e548460d91fb1f9d428c9103
[Fix bug 1227293] Do not cache API v2 responses.

https://github.com/mozilla/mozillians/commit/9340e9e915974cee09bb9a8d9809d3c0c24f2e08
Merge pull request #1289 from johngian/1227293

[Fix bug 1227293] Do not cache API v2 responses.

Updated

2 years ago
Status: NEW → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → FIXED
(Assignee)

Updated

2 years ago
Version: other → next
(Assignee)

Updated

2 years ago
Assignee: nobody → jgiannelos
Although there is a cache-control header, it has max-age=0 which is different from no-cache. Since the API reflects any changes in the profiles immediately and the never_cache decorator [0] in Django adds the 'no-cache' and 'no-store' in version 1.8, which is already in a PR [1], I am marking this bug as verified.

[0] https://code.djangoproject.com/ticket/13008
[1] https://github.com/mozilla/mozillians/pull/1315
Status: RESOLVED → VERIFIED
(Assignee)

Updated

2 years ago
Version: next → 2016-2.1
You need to log in before you can comment on or make changes to this bug.