yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #1180 from umbraco/temp-U4-8165

Browse Source 
U4-8165 Ensure browsers are not caching service requests
This commit is contained in:
Warren Buckley
2016-03-18 09:53:12 +00:00
parent 2cce9395da 5230f55f44
commit f04071d7c7
8 changed files with 42 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/Umbraco.Web/Editors/StylesheetController.cs
View File

@@ -22,8 +22,7 @@ namespace Umbraco.Web.Editors
/// <summary>
/// The API controller used for retrieving available stylesheets
/// </summary>
[PluginController("UmbracoApi")]
[DisableBrowserCache]
[PluginController("UmbracoApi")]
public class StylesheetController : UmbracoAuthorizedJsonController
{
public IEnumerable<Stylesheet> GetAll()

1
src/Umbraco.Web/Editors/TemplateQueryController.cs
View File

@@ -18,7 +18,6 @@ namespace Umbraco.Web.Editors
/// The API controller used for building content queries within the template
/// </summary>
[PluginController("UmbracoApi")]
[DisableBrowserCache]
[JsonCamelCaseFormatter]
public class TemplateQueryController : UmbracoAuthorizedJsonController
{

2
src/Umbraco.Web/Editors/UmbracoAuthorizedJsonController.cs
View File

@@ -12,7 +12,7 @@ namespace Umbraco.Web.Editors
/// methods that are not called by Angular or don't contain a valid csrf header will NOT work.
/// </remarks>
[ValidateAngularAntiForgeryToken]
[AngularJsonOnlyConfiguration]
[AngularJsonOnlyConfiguration]
public abstract class UmbracoAuthorizedJsonController : UmbracoAuthorizedApiController
{
protected UmbracoAuthorizedJsonController()

24
src/Umbraco.Web/Mvc/DisableBrowserCacheAttribute.cs Normal file
View File

@@ -0,0 +1,24 @@
using System;
using System.Web;
using System.Web.Mvc;
namespace Umbraco.Web.Mvc
{
/// <summary>
/// Ensures that the request is not cached by the browser
/// </summary>
public class DisableBrowserCacheAttribute : ActionFilterAttribute
{
public override void OnActionExecuted(ActionExecutedContext filterContext)
{
base.OnActionExecuted(filterContext);
filterContext.HttpContext.Response.Cache.SetCacheability(HttpCacheability.NoCache);
filterContext.HttpContext.Response.Cache.SetMaxAge(TimeSpan.Zero);
filterContext.HttpContext.Response.Cache.SetRevalidation(HttpCacheRevalidation.AllCaches);
filterContext.HttpContext.Response.Cache.SetNoStore();
filterContext.HttpContext.Response.AddHeader("Pragma", "no-cache");
filterContext.HttpContext.Response.Cache.SetExpires(new DateTime(1990, 1, 1, 0, 0, 0));
}
}
}

2
src/Umbraco.Web/Mvc/UmbracoAuthorizedController.cs
View File

@@ -2,7 +2,6 @@
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Web.Mvc;
using Umbraco.Core.Configuration;
using Umbraco.Web.Routing;
using Umbraco.Web.Security;
@@ -18,6 +17,7 @@ namespace Umbraco.Web.Mvc
/// authorization of each method can use this attribute instead of inheriting from this controller.
/// </remarks>
[UmbracoAuthorize]
[DisableBrowserCache]
public abstract class UmbracoAuthorizedController : UmbracoController
{

1
src/Umbraco.Web/Umbraco.Web.csproj
View File

@@ -343,6 +343,7 @@
<Compile Include="Models\Mapping\PropertyGroupDisplayResolver.cs" />
<Compile Include="Models\PublishedContentWithKeyBase.cs" />
<Compile Include="Mvc\ControllerContextExtensions.cs" />
<Compile Include="Mvc\DisableBrowserCacheAttribute.cs" />
<Compile Include="Mvc\EnsurePartialViewMacroViewContextFilterAttribute.cs" />
<Compile Include="Mvc\IRenderController.cs" />
<Compile Include="Mvc\ModelBindingException.cs" />

30
src/Umbraco.Web/WebApi/Filters/DisableBrowserCacheAttribute.cs
View File

@@ -13,6 +13,9 @@ using Umbraco.Core;
namespace Umbraco.Web.WebApi.Filters
{
/// <summary>
/// Ensures that the request is not cached by the browser
/// </summary>
public class DisableBrowserCacheAttribute : ActionFilterAttribute
{
public override void OnActionExecuted(HttpActionExecutedContext actionExecutedContext)
@@ -21,23 +24,16 @@ namespace Umbraco.Web.WebApi.Filters
base.OnActionExecuted(actionExecutedContext);
//TODO: This should all work without issue! BUT it doesn't, i have a feeling this might be fixed
// in the next webapi version. ASP.Net is overwriting the cachecontrol all the time, some docs are here:
// http://stackoverflow.com/questions/11547618/output-caching-for-an-apicontroller-mvc4-web-api
// and I've checked the source code so doing this should cause it to write the headers we want but it doesnt.
//So I've reverted to brute force on the HttpContext.
//actionExecutedContext.Response.Headers.CacheControl = new CacheControlHeaderValue()
//{
// NoCache = true,
// NoStore = true,
// MaxAge = new TimeSpan(0),
// MustRevalidate = true
//};
HttpContext.Current.Response.Cache.SetCacheability(HttpCacheability.NoCache);
HttpContext.Current.Response.Cache.SetMaxAge(TimeSpan.Zero);
HttpContext.Current.Response.Cache.SetRevalidation(HttpCacheRevalidation.AllCaches);
HttpContext.Current.Response.Cache.SetNoStore();
//NOTE: Until we upgraded to WebApi 2, this didn't work correctly and we had to revert to using
// HttpContext.Current responses. I've changed this back to what it should be now since it works
// and now with WebApi2, the HttpContext.Current responses dont! Anyways, all good now.
actionExecutedContext.Response.Headers.CacheControl = new CacheControlHeaderValue()
{
NoCache = true,
NoStore = true,
MaxAge = new TimeSpan(0),
MustRevalidate = true
};
actionExecutedContext.Response.Headers.Pragma.Add(new NameValueHeaderValue("no-cache"));
if (actionExecutedContext.Response.Content != null)

1
src/Umbraco.Web/WebApi/UmbracoAuthorizedApiController.cs
View File

@@ -18,6 +18,7 @@ namespace Umbraco.Web.WebApi
[IsBackOffice]
[UmbracoUserTimeoutFilter]
[UmbracoAuthorize]
[DisableBrowserCache]
public abstract class UmbracoAuthorizedApiController : UmbracoApiController
{
protected UmbracoAuthorizedApiController()