about summary refs log tree commit diff
path: root/app
diff options
context:
space:
mode:
authorThibG <thib@sitedethib.com>2017-12-27 18:21:12 +0100
committerEugen Rochko <eugen@zeonfederated.com>2017-12-27 18:21:12 +0100
commit868568d1c11227319228ec4066c7017621b9f522 (patch)
tree7b589f96fd36e2b9fe5ac7a14ca7a6307fbf5b70 /app
parent65f30f65a2816d5b25c096be0f237bbca17608e5 (diff)
Make host_meta/webfinger replies cacheable (fixes #6100) (#6101)
* Make host_meta/webfinger replies cacheable (fixes #6100)

Drop common code for handling users and sessions as webfinger queries
are very basic, public APIs.

Also explicitly mark results as cacheable with “expires_in”.

* Add “Vary: Accept” header for caching since content-negociation is used
Diffstat (limited to 'app')
-rw-r--r--app/controllers/well_known/host_meta_controller.rb6
-rw-r--r--app/controllers/well_known/webfinger_controller.rb6
2 files changed, 10 insertions, 2 deletions
diff --git a/app/controllers/well_known/host_meta_controller.rb b/app/controllers/well_known/host_meta_controller.rb
index 40f96eaa2..5fb70288a 100644
--- a/app/controllers/well_known/host_meta_controller.rb
+++ b/app/controllers/well_known/host_meta_controller.rb
@@ -1,15 +1,19 @@
 # frozen_string_literal: true
 
 module WellKnown
-  class HostMetaController < ApplicationController
+  class HostMetaController < ActionController::Base
     include RoutingHelper
 
+    before_action { response.headers['Vary'] = 'Accept' }
+
     def show
       @webfinger_template = "#{webfinger_url}?resource={uri}"
 
       respond_to do |format|
         format.xml { render content_type: 'application/xrd+xml' }
       end
+
+      expires_in(3.days, public: true)
     end
   end
 end
diff --git a/app/controllers/well_known/webfinger_controller.rb b/app/controllers/well_known/webfinger_controller.rb
index 5cc606808..28654b61d 100644
--- a/app/controllers/well_known/webfinger_controller.rb
+++ b/app/controllers/well_known/webfinger_controller.rb
@@ -1,9 +1,11 @@
 # frozen_string_literal: true
 
 module WellKnown
-  class WebfingerController < ApplicationController
+  class WebfingerController < ActionController::Base
     include RoutingHelper
 
+    before_action { response.headers['Vary'] = 'Accept' }
+
     def show
       @account = Account.find_local!(username_from_resource)
 
@@ -16,6 +18,8 @@ module WellKnown
           render content_type: 'application/xrd+xml'
         end
       end
+
+      expires_in(3.days, public: true)
     rescue ActiveRecord::RecordNotFound
       head 404
     end