Changeset View
Changeset View
Standalone View
Standalone View
src/aphront/response/AphrontResponse.php
| Show First 20 Lines • Show All 103 Lines • ▼ Show 20 Lines | protected function addJSONShield($json_response) { | ||||
| return $response; | return $response; | ||||
| } | } | ||||
| public function getCacheHeaders() { | public function getCacheHeaders() { | ||||
| $headers = array(); | $headers = array(); | ||||
| if ($this->cacheable) { | if ($this->cacheable) { | ||||
| $headers[] = array( | $headers[] = array( | ||||
| 'Expires', | 'Expires', | ||||
| $this->formatEpochTimestampForHTTPHeader(time() + $this->cacheable)); | $this->formatEpochTimestampForHTTPHeader(time() + $this->cacheable), | ||||
| ); | |||||
| } else { | } else { | ||||
| $headers[] = array( | $headers[] = array( | ||||
| 'Cache-Control', | 'Cache-Control', | ||||
| 'private, no-cache, no-store, must-revalidate'); | 'private, no-cache, no-store, must-revalidate', | ||||
| ); | |||||
| $headers[] = array( | $headers[] = array( | ||||
| 'Pragma', | 'Pragma', | ||||
| 'no-cache'); | 'no-cache', | ||||
| ); | |||||
| $headers[] = array( | $headers[] = array( | ||||
| 'Expires', | 'Expires', | ||||
| 'Sat, 01 Jan 2000 00:00:00 GMT'); | 'Sat, 01 Jan 2000 00:00:00 GMT', | ||||
| ); | |||||
| } | } | ||||
| if ($this->lastModified) { | if ($this->lastModified) { | ||||
| $headers[] = array( | $headers[] = array( | ||||
| 'Last-Modified', | 'Last-Modified', | ||||
| $this->formatEpochTimestampForHTTPHeader($this->lastModified)); | $this->formatEpochTimestampForHTTPHeader($this->lastModified), | ||||
| ); | |||||
| } | } | ||||
| // IE has a feature where it may override an explicit Content-Type | // IE has a feature where it may override an explicit Content-Type | ||||
| // declaration by inferring a content type. This can be a security risk | // declaration by inferring a content type. This can be a security risk | ||||
| // and we always explicitly transmit the correct Content-Type header, so | // and we always explicitly transmit the correct Content-Type header, so | ||||
| // prevent IE from using inferred content types. This only offers protection | // prevent IE from using inferred content types. This only offers protection | ||||
| // on recent versions of IE; IE6/7 and Opera currently ignore this header. | // on recent versions of IE; IE6/7 and Opera currently ignore this header. | ||||
| $headers[] = array('X-Content-Type-Options', 'nosniff'); | $headers[] = array('X-Content-Type-Options', 'nosniff'); | ||||
| Show All 11 Lines | |||||