Changeset View
Changeset View
Standalone View
Standalone View
src/aphront/response/AphrontResponse.php
Show First 20 Lines • Show All 103 Lines • ▼ Show 20 Lines | protected function addJSONShield($json_response) { | ||||
return $response; | return $response; | ||||
} | } | ||||
public function getCacheHeaders() { | public function getCacheHeaders() { | ||||
$headers = array(); | $headers = array(); | ||||
if ($this->cacheable) { | if ($this->cacheable) { | ||||
$headers[] = array( | $headers[] = array( | ||||
'Expires', | 'Expires', | ||||
$this->formatEpochTimestampForHTTPHeader(time() + $this->cacheable)); | $this->formatEpochTimestampForHTTPHeader(time() + $this->cacheable), | ||||
); | |||||
} else { | } else { | ||||
$headers[] = array( | $headers[] = array( | ||||
'Cache-Control', | 'Cache-Control', | ||||
'private, no-cache, no-store, must-revalidate'); | 'private, no-cache, no-store, must-revalidate', | ||||
); | |||||
$headers[] = array( | $headers[] = array( | ||||
'Pragma', | 'Pragma', | ||||
'no-cache'); | 'no-cache', | ||||
); | |||||
$headers[] = array( | $headers[] = array( | ||||
'Expires', | 'Expires', | ||||
'Sat, 01 Jan 2000 00:00:00 GMT'); | 'Sat, 01 Jan 2000 00:00:00 GMT', | ||||
); | |||||
} | } | ||||
if ($this->lastModified) { | if ($this->lastModified) { | ||||
$headers[] = array( | $headers[] = array( | ||||
'Last-Modified', | 'Last-Modified', | ||||
$this->formatEpochTimestampForHTTPHeader($this->lastModified)); | $this->formatEpochTimestampForHTTPHeader($this->lastModified), | ||||
); | |||||
} | } | ||||
// IE has a feature where it may override an explicit Content-Type | // IE has a feature where it may override an explicit Content-Type | ||||
// declaration by inferring a content type. This can be a security risk | // declaration by inferring a content type. This can be a security risk | ||||
// and we always explicitly transmit the correct Content-Type header, so | // and we always explicitly transmit the correct Content-Type header, so | ||||
// prevent IE from using inferred content types. This only offers protection | // prevent IE from using inferred content types. This only offers protection | ||||
// on recent versions of IE; IE6/7 and Opera currently ignore this header. | // on recent versions of IE; IE6/7 and Opera currently ignore this header. | ||||
$headers[] = array('X-Content-Type-Options', 'nosniff'); | $headers[] = array('X-Content-Type-Options', 'nosniff'); | ||||
Show All 11 Lines |