Exemplo n.º 1
0
    def set_caching_headers(self, content, response):
        """
        Sets caching headers based on whether or not the asset is locked.
        """

        is_locked = getattr(content, "locked", False)

        # We want to signal to the end user's browser, and to any intermediate proxies/caches,
        # whether or not this asset is cacheable.  If we have a TTL configured, we inform the
        # caller, for unlocked assets, how long they are allowed to cache it.  Since locked
        # assets should be restricted to enrolled students, we simply send headers that
        # indicate there should be no caching whatsoever.
        cache_ttl = CourseAssetCacheTtlConfig.get_cache_ttl()
        if cache_ttl > 0 and not is_locked:
            newrelic.agent.add_custom_parameter('contentserver.cacheable',
                                                True)
            response['Expires'] = StaticContentServer.get_expiration_value(
                datetime.datetime.utcnow(), cache_ttl)
            response[
                'Cache-Control'] = "public, max-age={ttl}, s-maxage={ttl}".format(
                    ttl=cache_ttl)
        elif is_locked:
            newrelic.agent.add_custom_parameter('contentserver.cacheable',
                                                False)
            response['Cache-Control'] = "private, no-cache, no-store"

        response['Last-Modified'] = content.last_modified_at.strftime(
            HTTP_DATE_FORMAT)

        # Force the Vary header to only vary responses on Origin, so that XHR and browser requests get cached
        # separately and don't screw over one another. i.e. a browser request that doesn't send Origin, and
        # caches a version of the response without CORS headers, in turn breaking XHR requests.
        force_header_for_response(response, 'Vary', 'Origin')
Exemplo n.º 2
0
    def set_caching_headers(self, content, response):
        """
        Sets caching headers based on whether or not the asset is locked.
        """

        is_locked = getattr(content, "locked", False)

        # We want to signal to the end user's browser, and to any intermediate proxies/caches,
        # whether or not this asset is cacheable.  If we have a TTL configured, we inform the
        # caller, for unlocked assets, how long they are allowed to cache it.  Since locked
        # assets should be restricted to enrolled students, we simply send headers that
        # indicate there should be no caching whatsoever.
        cache_ttl = CourseAssetCacheTtlConfig.get_cache_ttl()
        if cache_ttl > 0 and not is_locked:
            newrelic.agent.add_custom_parameter('contentserver.cacheable', True)

            response['Expires'] = StaticContentServer.get_expiration_value(datetime.datetime.utcnow(), cache_ttl)
            response['Cache-Control'] = "public, max-age={ttl}, s-maxage={ttl}".format(ttl=cache_ttl)
        elif is_locked:
            newrelic.agent.add_custom_parameter('contentserver.cacheable', False)

            response['Cache-Control'] = "private, no-cache, no-store"

        response['Last-Modified'] = content.last_modified_at.strftime(HTTP_DATE_FORMAT)

        # Force the Vary header to only vary responses on Origin, so that XHR and browser requests get cached
        # separately and don't screw over one another. i.e. a browser request that doesn't send Origin, and
        # caches a version of the response without CORS headers, in turn breaking XHR requests.
        force_header_for_response(response, 'Vary', 'Origin')
Exemplo n.º 3
0
 def _inner(*args, **kwargs):
     """
     Alters the response.
     """
     response = func(*args, **kwargs)
     force_header_for_response(response, header, value)
     return response
Exemplo n.º 4
0
    def test_forces_intended_header(self):
        fake_request = HttpRequest()

        fake_response = HttpResponse()
        fake_response['Vary'] = 'Cookie'
        fake_response['Accept-Encoding'] = 'gzip'
        force_header_for_response(fake_response, 'Vary', 'Origin')

        result = self.middleware.process_response(fake_request, fake_response)
        self.assertEquals('Origin', result['Vary'])
        self.assertEquals('gzip', result['Accept-Encoding'])